myRVM

RVM Systems AS care about privacy protection and the security of your personal data. This entails, inter alia, strict internal practices, thorough training of our employees and a high level of security.

Personal data means any information or assessments that can be linked to a natural person. Our collection and processing of personal data is primarily related to contact information, like name, phone number and e-mail.

We want you to feel confident that we safeguard your personal data in a good manner in relation to the use of the app reVend. We have therefore prepared this privacy policy to give you information about how RVM Systems AS collect and process personal data about our users and about your rights.

RVM Systems AS represented by the general manager is the controller for personal data. Please feel free to contact us if you have any questions or need further information about our processing of personal data.

support@rvmsystems.com or
RVM Systems AS (org.nr 968 920 863)
Represented by Gudmund Larsen
Kniveveien 31
3036 Drammen

1 FURTHER ABOUT OUR PROCESSING OF PERSONAL DATA

We process personal data for the purposes stated below:

• When you register as a user of myRVM, we process your mobile phone number. This information is necessary to create an account that will identify you when you log in, and to manage the user relationship.
• When using myRVM, the app can ask about the use of camera in order to scan QR codes. No photos will be taken or stored with us in this connection.
• In order to send you push alerts via myRVM, we register the device ID of your mobile phone or other devices on which you use the app. Push alerts will normally include alerts about reverse vending machines status. Such activities are based on the consent of each individual recipient, pursuant to point (a) of Article 6 (1) of the Regulation. You may turn off push alerts at any time.
• We provide follow-up, service and technical support to our app users. In this connection, we process personal data about the user, why we have been contacted, but we may also process other information that the user provides when contacting us. The legal basis for our processing will be agreement, pursuant to point (b) of Article 6 (1) of the Regulation, or consent pursuant to point (a) of Article 6 (1) of the Regulation.
• In myRVM we give everybody the opportunity to receive information about our services. Such market activities are based on consent from the individual recipient, pursuant to point (a) of Article 6 (1) of the Regulation. You may contact us at any time if you no longer wish to receive such communication or if you wish to turn off this in the app.
• In connection with the development and improvement of our services, we will utilise history and other personal data in a depersonalized form. Depersonalized form means that it is no longer possible to identify the individuals based on the data.

2 contracts with processors

We have entered into processor contracts with the providers we use in order to deliver the service, pursuant to Article 28 of the Regulation. This applies, inter alia, to service providers related to operations, maintenance, server services or other technical solutions. As a safety precaution, we only provide the names of providers upon requests submitted directly to us.

As an integral part of the performance of the contract with us, our providers may process personal data on our behalf, but only in compliance with our instructions and the processor contract entered into. It is important to us that our processors take privacy protection seriously and we impose strict requirements on the providers we use. The individual processors may only use subcontractors if the processor contract permits this. Subcontractors will always have the same obligations that follow from the processor contract with us.

Some of our reverse vending machines are located in countries outside of EU/EEA. In such cases, personal data might be handed over to third parties. In these cases, we ensure that the transfer of personal data will take place in accordance with the Norwegian data protection legislation.

3 safeguarding, storage and erasure

Protection of privacy and data security is an integral part of our internal control system. Therefore, we use reputable security solutions and have access to expertise in order to ensure that we have a satisfying security level at all times.

We retain your personal data for as long as it is necessary for the purpose that the personal data was collected. This means that for instance personal data that we process with your consent, will be deleted if you withdraw your consent. Personal data will also be deleted if you delete your user in the app myRVM. History will be automatically be deleted after 3 years.

Personal data will not be processed or stored outside of EU/EEA unless this is informed of and agreed.

4 your rights

You are entitled to access or receive a copy of personal data that we have registered about you.  If you think that the personal data we have registered about you are incorrect or incomplete, you can contact us and request correction or erasure of your data. If we process your personal data with your consent, we emphasise that you have the right to withdraw your consent at any time.

We will only distribute personal data to third parties if this is necessary for the performance of our assignment. Beyond this, we will only distribute personal data if we under the provisions of law are ordered to do so by public authorities.

5 COMPLAINT TO THE Norwegian Data Protection Authority

If you think our processing of personal data conflicts with the privacy protection legislation, you may submit a complaint to the Norwegian Data Protection Authority (Datatilsynet). Please refer to https://www.datatilsynet.no/ for further information about the data protection legislation.