The Integrity Ordinance or General Data Protection Regulation (GDPR), is something every Norwegian company should familiarize themselves with. This regulation entered into force in the summer of 2018, and is today part of Norwegian law.

Here we will explain to you what GDPR is, and why it is good - both for the company and its customers.

What is the GDPR?
GDPR is a regulation or law adopted by the EU, and which applies in all EEA countries - Norway included. In the summer of 2018, the GDPR was therefore implemented in the Personal Data Act, which regulates how companies collect and process information about their customers.

For example, it is common for companies to use cookies to collect statistics and data about visitors to the website. This data is used, among other things, to provide customers with more relevant offers.

GDPR replaced the Personal Data Act (POL). With the GDPR, companies must comply with stricter requirements than before when it comes to the processing of personal data.

GDPR applies to almost all Swedish companies and it is therefore important that you familiarize yourself with the rules. Remember that it is not illegal to process sensitive personal data - you just have to do it the right way.

The main features of the GDPR
What distinguishes the GDPR from the previous Personal Data Act? In general, stricter requirements have been set when it comes to how companies inform customers and other visitors to the website about the processing of personal data.

The company will, among other things, explain to visitors how information is collected and what exactly the information is used for. Information must also be provided on how personal data is handled.

Here are some of the rules that companies must follow:

There must be a legal basis and a clear purpose for data collection.
Visitors must give valid consent for the company to be able to process personal data. The consent must be in writing and express.
Visitors have rights to access, delete or restrict the company's use of personal information.
Personal data can only be used for its original purpose.
The company has increased its obligation with regard to documenting agreements with third parties, legal grounds, processing purposes and the like.
What does GDPR mean for your company's existing customer data?
Many companies have been collecting email addresses and useful information about their customers long before the GDPR came into force. Customers must now give their written consent if you are to be able to send content via email to them.

If your company has a lot of customer data, and at the same time lacks GDPR approval, luckily there is help available. We at NG Dialogue can, among other things, help you collect GDPR consent, so that you can legally send out e-mails to the customers you have on your e-mail list.

How do you get consent from customers?
It is common to ask for consent to the collection of personal data the first time a user visits the website.

If you visit a website, it is not uncommon for a window of privacy information to appear. Here you can read about how the website collects and uses data about you, and you get the opportunity to accept / reject the use of cookies.

Visitors to your website only need to tick "Accept the use of all cookies" or similar, and they have then given their consent for you to collect data about them.

Customers can also choose that a website only uses necessary cookies, if they do not want the company to collect data for, for example, marketing.

That's why GDPR is good!
GDPR strengthens consumers' rights, and places new demands on companies that collect personal data. If you clearly show that your company takes GDPR seriously, your company will radiate seriousness and reliability.

If companies do not take GDPR into account, this is a violation of Norwegian law. Companies that violate the GDPR rules will, among other things, be able to receive large fines.

GDPR is only positive for consumers, who have the right to access, delete and the like. Show that your company is serious, and implement GDPR as a natural part of the business.

As a business owner, GDPR can help you strengthen your brand and increase customer trust. At the same time, it is positive that the company can provide satisfactory privacy to visitors to the website.

Get help with GDPR
Many entrepreneurs are unsure of what rules apply to the GDPR, and how to implement the new rules. If you find the GDPR difficult to understand, you are far from alone.

We at NG Dialogue are happy to help you, and can, among other things, assist in collecting consent from customers who visit your website. This way, you can use customer data legally in your marketing.

GDPR is good for your customers, but also for your company. You can show your customers that your business is serious, and you can strengthen your brand in a positive direction. Customers can also look forward to better control over their own personal information, which most people appreciate.

Contact us today and get help with GDPR for the company. We have the skills you need!