The protection of your personal data is important to Business for Peace, and we will therefore process your personal data only to the extent permissible under the applicable Norwegian data protection legislation, including the EU General Data Protection Regulation (GDPR).
1. Data controller
Business for Peace is the data controller and thus responsible for your personal data. Business for Peace has the following contact details:
Organisation number: 992 747 544
Address: Prinsens gate 22, 0157 Oslo, Norway
2. Categories of personal data, purpose and legal basis
2.1 About Business for Peace
Business for Peace is a non-profit foundation, with a mission to support, inspire and recognize the global business leaders who are positively changing the face of business and exemplify the concept of being businessworthy.
At the centre of the Business for Peace’s efforts is the annual Business for Peace Award (the “Award”) and the Business for Peace Summit (the “Summit”). The Award is conferred annually to recipients selected by an independent committee of Nobel Laureates in Peace and Economics. Exceptional individuals who exemplify Business for Peace’s concept of being businessworthy receive the award after careful consideration.
The Summit is held once a year in Oslo, Norway. The Summit includes keynote presentations, debates and roundtable discussions featuring business leaders and experts from a variety of fields. People from all over the world gather at the Summit in order to participate in the different events.
2.2 Distribution of newsletters and other information
It is important to Business for Peace to reach out to people with interest in our mission and our events. In order to provide information with regard to our events and other activity, Business for Peace regularly sends out newsletters. The newsletters provide information regarding the Summit and the Award, in addition to links to any new content we have published on our social media platforms. The newsletters may also contain news about our honourees, partners and award committee members, and news or interviews regarding business and social good. The newsletters are solely for the purpose of information, and do not intend sale of any kind.
The newsletters are distributed to you if you have subscribed for the newsletters through our sign-up link. You may also receive the newsletters and information about any upcoming events with an encouragement to come to another event if you previously have attended one of our events.
In order to distribute our newsletters we need your name and email address.
If you have subscribed for our newsletters through our sign-up link, the legal basis is the consent given by you when subscribing. The legal basis for distributing our newsletters and related information about upcoming events to previous participants is our legitimate interest in such distribution. It is in our interest to keep in contact with the people who previously have shown interest in our efforts and mission, as they are important for the possibility to host the Summit and Award.
Recipients of our newsletters and other related information will always have the possibility to withdraw their consent and/or unsubscribe from our newsletters and mailing list through the opt-out function at the bottom of the email.
If you withdraw your consent or unsubscribe to our newsletters and related information, we will immediately delete you from our mailing list.
2.3 Participant surveys
If you have participated in one of our events, e.g. the Summit, you may receive an invite to a participant survey by email after the event. The survey comprise of a few simple questions, including your opinion about the event and the accomplishment of it. Your participation in the survey is voluntary and you may choose to not participate. The survey is conducted on an anonymised basis.
The personal data being processed is your full name and email address in order to send out the surveys. The legal basis is our legitimate interests in being able to improve our events.
2.4 Profiles in social media platforms
Business for Peace has registered profiles on the following social media platforms:
The user profiles are created in accordance with the user terms of the different social media platforms. Business for Peace processes personal data in accordance with the terms and conditions set by the different platforms and in accordance with the applicable data protection legislation.
Data collected through the social media platforms are anonymised and used for creating statistics and analyse trends. The collected and anonymization of personal data for analytic purposes is based on our legitimate interest in optimising our profiles in social media platforms, events and newsletters.
3. Who do we share your personal data with?
3.1 Data processors
We share your personal data with third parties if these deliver IT or administrative services to us. In order to secure your personal data and privacy, we have signed data processing agreements with these parties to ensure that your data is not used for any other purpose than what we have agreed with you.
Our use of processors may result in personal data being transferred to data processors located outside the EU/EEA. This intends that personal data may be transferred to a country with a regulation that does not ensure the same level of protection of personal data as the regulation in Norway. In order to secure your personal data and ensure your privacy, such transfer will only take place in accordance with the applicable data protection regulation, for example by using contractual arrangements approved under the GDPR.
3.2 Other third-parties
We will not disclose your personal data to other third parties unless there is a legal basis for such disclosure. An example of a legal basis is if we have explicit consent from you, if the disclosure is necessary for the performance of a contract to which you are a party, to establish an agreement with you or because we are required by law to share the data. In the event a third party is located outside the EU/EEA, the disclosure will only take place in accordance with the applicable data protection regulation, including GDPR.
4. Your rights as a data subject
In connection with our processing of your personal data, you have, with some reservations, several rights. Please find a summary of your rights below.
You have the right to:
Access the personal data we process about you, and receive information about the processing.
Demand rectification of personal data that are incorrect or incomplete.
Demand erasure of personal data if the applicable conditions are fulfilled.
Demand that the processing is restricted if the applicable conditions for such restriction are fulfilled.
Object to the processing of personal data on the basis of your special situation, if the processing is based on our legitimate interest.
Demand data portability, which means that your personal data is transferred to another data controller, if the applicable conditions for such transfer are fulfilled.
Complain to the supervisory authority (Nw: “Datatilsynet”) if you are of the opinion that we are in breach of the personal data legislation. You may find information on how to reach the supervisory authority and more information regarding your rights on their website: datatilsynet.no.
If our processing is based on your consent, it is voluntary to consent to our processing and you may at any time withdraw your consent by sending us an email or message through our internet page.
We do not use automated individual decision-making, such as profiling.
If you have any questions or wish to use one of your rights, please contact us at firstname.lastname@example.org.
5. Deletion of the personal data
We will delete personal data in accordance with the applicable data protection legislation. This intends that we will not store personal data any longer than what is necessary to fulfil the purpose of the processing.
This means that if we e.g. base our processing on your consent, we will delete the data if you withdraw your consent. If the processing is based on our legitimate interest, we will delete the data when the legitimate interest no longer exists.
See section 2 for more details on our policy for deletion of personal data.
6. Security measures
It is important to Business for Peace that unauthorized individuals do not gain access to your personal data. We have therefore taken technical and organisational security measures to prevent loss or unlawful processing of your personal data. In addition, we have established internal routines in order to protect your data.