Menu

Privacy Policy

January 9, 2025

About the Privacy Policy

The Quartz Corp (TQC) is committed to protecting your privacy and ensuring that your information is processed in a safe and secure manner. Personal data is any information that can be directly or indirectly linked to you as an individual.

This Privacy Policy describes how TQC processes the personal data of representatives or employees of (potential) customers and suppliers, visitors, job candidates, employees’ next of kin and others contacting us. This privacy policy sets out the purposes for which we process personal data, how it is processed and your rights. This document will be formally reviewed no later than 2 years from the date it was published or as needed. The latest version of this privacy policy can be found on our website.

TQC is the controller and processes your personal data in accordance with Norwegian data protection legislation and the General Data Protection Regulation (GDPR). Questions related to TQC's processing of your personal data can be directed to info@thequartzcorp.com.

Processing of personal data

In the following, we describe the purposes for which we process your data, the categories of personal data we process, what the basis for processing is and the retention period.

Recruitment

To process your job application, we process the following categories of personal data:

  • Name, address, telephone number, email address and position
  • Application documents, CV, diplomas, work experience, certificates, references and other information you have provided during the application process
  • Personality and aptitude tests, background and credit checks
  • Internal assessments

We store your information for six months after the position you applied for was filled or, in case you sent an open application, after you applied. If you consent to us retaining your data for future recruitment purposes, the data will be stored for two years at a time, until you do not renew or withdraw your consent. We process the data for recruitment purposes in order to fulfil the agreement to process your application, to be able to comply with legal obligations and based on your consent (in accordance with Article 6 (1) (a), (b) and (c) of the GDPR, cf. the Norwegian Working Environment Act).

Marketing

We process your name, position, employer, contact details and any information you provide to us in free text fields if you have consented to us contacting you for marketing purposes and to carry out and deliver events you are registered to attend based on your consent and our legitimate interest (pursuant to Article 6 (1) (a) and (f) of the GDPR,cf. Section 15 of the Norwegian Marketing Control Act). You can withdraw your consent at any time.

If you participate in our events or other gatherings where we photograph, we will process the above-mentioned personal data, as well as photos and videos of you for internal communication and marketing purposes. The personal data is used on our websites, in our social media profiles, training materials, intranet, and other marketing materials. This is done based on our legitimate interest (according to GDPR Article 6(1)(f)) to showcase our activities, promote our employees and initiatives and market the company. If we have entered a separate agreement with you regarding the use of your images and videos, we process this data to fulfil the agreement with you (in accordance with GDPR Article 6(1)(b)).

Buying, selling, and billing

We will process your name, email, phone number, employer, job title, timesheets and other information you or your employer provide in order to negotiate, agree and complete the purchase of services or the sale of products and services with your employer.

We process your data based on our legitimate interest in carrying out sales and purchases with your employer and in order to comply with our legal obligations (pursuant to Article 6(1)(b), (c) and (f) of the GDPR, cf. bookkeeping legislation). Personal data on invoices, invoice vouchers and/or timesheets will be stored for ten years or longer if it is required to meet legal requirements or orders.

Camera surveillance and access control in our premises

We use video surveillance and physical and electronic access control on our premises. We process your name, phone number, date of birth, company name, duration of the assignment, photo and passage data to ensure the safety of our workers and the surroundings, as well as to protect the health, safety, our premises, products and assets. We store video recordings for seven (7) days, but in the event of incidents that need to be investigated further, the deletion is postponed for up to 30 days. Passage logs are deleted after 90 days. We process this data based on our legitimate interest (pursuant to Article 6(1)(f) of the GDPR and the Working Environment Act). If there is a suspicion that a criminal offence has been committed, recordings and logs may also be handed over to the police.

Next of kin

We will process your name, email, phone number, relationship with the employee and other information the employee provides, if you are listed as one of our employees’ next of kin. We process your data based on our legitimate interest in contacting next of kin related to acute illness, accidents, and death related to our employee (pursuant to Article 6(1)(f) of the GDPR).

Other inquiries

If you contact us, we will process the personal data necessary to handle and respond to your request, including information you provide, your contact information and related to following-up the request. We process the data based on our legitimate interest in responding to your enquiry (pursuant to Article 6(1)(f) of the GDPR).

Tracking Technologies

TQC does not currently use cookies or other tracking technologies on its websites. Cookies are small text files that are placed on your computer when you load a website.

On www.nettvett.no you can read about how to set your browser to accept/reject cookies. Please note that if you say no to cookies, it may affect the functionality and user experience on websites.

Where is the personal data collected and who has access?

We process personal data that you have provided yourself and information that we have collected or received from third parties, such as your employer, former employers or public authorities.

Employees of TQC will have access to your personal data on a need-to-know basis. We may share your personal data with third parties such as suppliers and public authorities. TQC remains as controller for the processing of personal data by our service providers and we will enter into data processing agreements with such data processors. We will further share your personal data with public authorities or others when it is necessary to comply with our legal obligations.

Transfer of personal data to third countries

The processing of your personal data takes place mainly within the EEA, but your data may also be transferred to locations outside the EEA. TQC will ensure that your personal data is only transferred to locations outside the EEA or to international organisations when this can be done in accordance with Article 5 of the GDPR. Currently, your personal data may be processed in the following states outside the EEA: United Kingdom, United States.

Your rights

You have several rights under the privacy policy. You have the right to:

  • Confirmation as to whether we are processing personal data related to you and to request a copy if it is the case.
  • Request rectification and/or deletion of inaccurate, unnecessary, incomplete and outdated personal data
  • Object to our processing of your personal data and you have the right to request data portability and restrictions of processing.

If you have any questions, want to exercise your rights or have other inquiries related to your privacy, you can direct these by email to our contact person for privacy matter at info@thequartzcorp.com or to the address The Quartz Corp, Strandveien 50, 1366 Lysaker, Norway.

If you believe that TQC has not complied with your rights under personal data legislation, you may lodge a complaint with the Norwegian Data Protection Authority as a supervisory authority. We would appreciate it if you would contact us first so that we can clear up any misunderstandings.