We at Varde Hartmark are committed to protecting and safeguarding the privacy of our clients, stakeholders and partners.
The General Data Protection Regulation (GDPR) regulates how personal data is processed electronically. It is crucial and necessary that we have a common European regulatory framework to ensure that every public and private enterprise process personal data lawfully.
We are a data controller and process data in accordance with the GDPR. This means that we sometimes determine the purpose of collecting and processing personal data and act as a data controller. At other times our clients determine the purpose — then we act as data processors.
When we process personal data, it is usually in connection with customer relationships. The most common categories of personal data we manage are identity data, contact data, communication data and financial data.
The legal basis for our data processing is, in most cases, an agreement, consent or legitimate interest. We rarely receive data access or deletion requests, as our primary focus is on processing customer data.
For us, it is essential that we treat your customer data confidentially and securely. All our employees are subject to a duty of confidentiality and must attend security courses. We may share customer information with financial institutions, for example when reporting is required. We also share information with our operations manager, Procano, but access is strictly controlled through the data processing agreement. We have also entered into a standard data processing agreement with Microsoft.
If you have any questions about how we process your personal data or your company data, you can contact our security coordinator, Magnus Fredriksen.
