Obsidione Norway AS (Obsidione®), defined as “Obsidione”, “the provider”, “service provider”, “we”, “us”, “the company”, “lead provider”, “partner” is a lead generation company, helping companies with client acquisition & marketing services. Our services allow companies to access customer information as a service as a support tool for their sales and marketing processes. Obsidione or its affiliates provide lead generation services under various brand names, licenses or registrations in various jurisdictions.
Who is responsible for data collection and processing?
When transferring your data (so-called data-as-a-lead), the responsible receiver of such information are responsible for handling your information in a compliant way. Obsidione Norway AS will always strive to ensure that our partners are handling private information in a safe and secure way, which is always compliant with applicable law. In some cases, Obsidione Norway AS may be a joint-controller of your data alongside our partners, and in such cases we will abide by the applicable law. Starting March 1st 2023, we will store your data internally in our own SaaS-platform instead of transferring it directly to our partners. In this case, partners will use our platform directly and the information is automatically disposed after usage, ensuring GDPR compliancy in a stricter and more transparent straight-forward way.
Storage of information & service usage
Information you might provide us with, or information you freely give us by accessing our web page, might be saved in our systems and databases to provide you the best possible customer experience and increase the chances to return your information as a lead to our partners.
Data we might collect
Your contact information (name, phone number, email, address etc.)
Personal information (details of the actual user that is using our service, such as interests, hobbies, hometown, relationship status)
Details about your current location, IP/MAC address and other local preferences
Details collected while browsing one of our affiliated portals or services
Predictabilities based on previous and future visits
Pixel beacons to provide you better marketing and retargeting
Publicly available information, and information you disclose to our employees
Personal preferences (such as “likes Cola Zero instead of Fanta”) to serve you better
When submitting your information as a lead within the Consumer Comparison vertical, we are sharing your information with up to three relevant companies to give you a specific offer for your selected service. Companies are subscribing to receive this information and are handling your data in a GDPR-compliant way. It is no secret that we are selling your information as a lead, however only to pre-approved companies that has an active customer relationship with us. All our partners has signed a data protection agreement with us and are obliged to use your information with privacy in mind, only for the specific request and within a time frame of 60 days from the lead is registered, depending on the different consents that has actively been given by you during the registration process.
All handling of customer information takes place under secure conditions. When a partner has finished processing your personal data, it is deleted directly from our system, making it inaccessible to the company. We also use pseudonymisation (encrypted information) where possible.
All our comparison portals is based on an active choice. These terms take effect from a lead is registered, therefore cold information might be used for outreach purposes. If you have registered a lead and want yourself deleted from our solution, please contact us.
When you take advantage of a direct-deal (specifically for the finance & travel comparison vertical), the specific provider will store your purchase information, and all handling of your personal data will happen at their side. Therefore, please contact the respective supplier in terms of exercising your rights.
Generally, we might also use your data to improve our services, with an end goal to make it more user friendly. We might collect information about how you interact with our website and services, such as which pages or buttons you click on. This helps us understand which parts of our sites that are useful for our clients. We might use your data for marketing purposes or share it with third parties who offer services which we think you could be interested in.
In addition to this, we process other given information that is relevant to your customer journey. This can be information such as individual preferences, special wishes or considerations. All submitted requests, orders and purchases are recorded in order to provide the service and that you will pay for them.
We may also collect anonymous data about users’ browsing activities over time and across different websites for better targeting and more efficient marketing. This data is not linked to any personally identifiable information.
We will only retain your data for as long as necessary and in accordance with applicable law. When we no longer need the personal data, it will be deleted from our systems.
Transferring your data to external suppliers
We’re using services from various third-party providers who can access your personal data. This applies to technical service providers, partners and collaborators with whom we have agreements. We choose our partners carefully, and ensure that they comply with the GDPR’s requirements for processing of personal data. Separate data processing agreements are signed for each supplier.
Why are we collecting this information?
Your information is collected and used for creating a seamless customer experience, deliver our service as it is meant to be delivered, and to provide you with the best solutions tailored to your needs and preferences. We could also use your information to provide us better estimates and stats, not linked directly to you. If you have given a specific consent, we could use your information to provide you with (including, but not limited to) marketing material, newsletters, text messages, direct outreach, special offers and discounts.
If we receive information that alleges someone has used our services to break the law, we may share all relevant facts with the different companies and necessary authorities. We may also share relevant information to different authorities, such as the police if illegal activities might result in a criminal investigation.
Cookies & beacons
We might place tracking pixels, also known as web beacons, on our website. Tracking pixels are small graphic images that allow us and third parties to track the online usage patterns of users. We may also include web beacons in e-mails or other communications that we send to you. These web beacons allow us to measure the effectiveness of our advertising campaigns and track whether you have opened an e-mail or clicked on any links within the message. We may also use web beacons to track the effectiveness of our marketing campaigns, which helps us analyze the data more efficiently.
We might also share your information with third party companies for retargeting purposes. Retargeting is a way for us to target ads to you based on your past visits and activities on our website.
You can manage cookies in the “options” or “preferences” section of your browser. You can also opt out from being tracked by Google Analytics here. Please note that if you choose to disable cookies, this might affect the functionality of our website.
Where do we store your data?
Your personal data is stored in our secure database, located within the European Union. We will not send your personal data to third parties outside of the EEA or process it on any other country than within the EEA. In some cases, the data might be transferred to our hosting provider located in the USA, but they are committed to comply with the GDPR legislation.
Our data is mainly stored in our secure database in the cloud and accessible by a limited number of authorized people. We use appropriate technical and organizational measures to protect that data against unauthorized or unlawful processing, accidental loss, damage or destruction.
We will take all reasonable steps to update any personal data held as soon as possible if we become aware that any such information is incorrect or out of date.
Your data is stored at data centers localized in:
København, Aarhus & Ringkøbing, Denmark
We take the protection of your personal data very seriously and have adopted appropriate technical and organisational measures to ensure an adequate level of security. We use encryption, pseudonymisation and other measures to help protect your data from unauthorised access or disclosure. We also put systems in place for managing risks related to security breaches. All our employees are required to respect the confidentiality of any personal data they handle. We will always use the latest security measures to protect your data, but we cannot guarantee its absolute security. Please note that Obsidione does not hold any economic compensation responsibility in case of any data breach, and you solely comply with this by using our services.
Safety measures include , but are not limited to:
Regular data breach notification and response plans;
Mandatory two-factor authentication for all users, with regular password rotation;
Continuous monitoring for suspicious activities, with an extensive logging system in place to track user activity within our systems;
Strict access controls to data, governed by the principle of least privilege;
Encryption of data at rest and in transit, according to industry best practices.
While handling your data, we are using several different suppliers and services, that are considered as “data processors”: such as CRM systems, systems for revenue management, billing & invoicing, contact centre platforms, hardware management & development tools. All our data processors will always comply with the GDPR legislation and make sure that your data is kept safe and secure. We have signed Data Processing Agreements with all our data processors to ensure full compliance in terms of personal data protection.
Contacting us by phone
When calling us, please note that you may be asked for your name, phone number and address. This information is used solely to identify you as a customer and will not be shared with any other third party. All conversations, both inbound and outbound, are recorded for monitoring and training purposes and stored up to a maximum of 12 months. The purpose of recording all our calls is to deliver applicable obligations, prevent abuse and provide the best possible customer service. By contacting us, you accept these terms. The recordings may be accessed by authorized personnel only. If you do not want your calls/emails to be recorded, please contact us and we will take the necessary measures. All data handled by our phone system is stored in a safe and secure cloud database in France.
Disclosure of your information
We do not disclose your personal data to outsiders, or to another third party who is not our data processor or a partner, without your consent. This means that your data and personal information can only be disclosed when it is permitted by law or authorized by you.
We will only transfer your information to countries within the EU/EEA area. In connection with such transfers, we will ensure that the information is processed in accordance with the European Data Protection Regulation and other relevant legal and industry-relevant provisions.
Use of authorized data processors, including through our partners, is not considered as disclosure of information, as it takes place on the basis of legitimate interests.
If you consent for receiving digital marketing from us, by phone or e-mail, either through our website or through one of our brands, we store and use your personal information to send you our latest news, special offers and other information that might be of your interest. To make sure that you actually are interested in our offers, we’re including possibilities to unsubscribe in all marketing materials sent from us. We’re working with customer satisfaction companies to measure the effectiveness of our marketing campaigns.
If a marketing consent has been given during the submission of an offer request through one of our brands, you might receive marketing-related inquiries from our partners.
You have the right to object or withdraw the consent given to the use of your personal data for marketing purposes. This is done by sending an inquiry to us via this website. Cancellations take full effect after 30 days (1 month).
Under the GDPR, you have a number of important rights. In summary, those include rights to have full transparency about how we use your data (fair processing), to access your personal data and to be informed about how we use it (data ownership), to have the right to request erasure of information you no longer wish us to process (right to be forgotten) and even in some cases the right to object the usage of your data (right to object use).
You reserve the right to request us to delete or amend any of your personal information at any time. All customer data used for leads is shared with our partner companies with privacy in mind. We take all reasonable steps to make sure the data is kept safe and secure.
Last updated: Jan 27 2023.