Skygard
Skygard
Skygard

Data Centers

Sustainability

Sustainability at Skygard

Privacy policy.

Your privacy is important to Skygard, and we are committed to protecting the integrity, availability, and confidentiality of personal data. All processing of personal data by Skygard shall comply with the applicable privacy regulations at any given time, including the Personal Data Act and the EU General Data Protection Regulation (GDPR).This privacy policy explains how we process personal data, both in connection with the use of our website and other parts of our business.The policy provides an overview of the types of personal data we may process, how and why we process them, and what rights you have under data protection law if we process information about you.

Data Controller and Data Processor

Skygard is the data controller for the processing of personal data as described in this privacy policy. The CEO is primarily responsible for the processing of personal data carried out by Skygard. Responsibility for day-to-day compliance with privacy regulations has been delegated to the Security Manager.Skygard may act as either a data controller or a data processor, depending on the type of processing in question. As a general rule, we are the data controller when processing personal data related to the use of our own website—for example, handling inquiries via contact forms or email. We are also the data controller in relation to financial follow-up and invoicing of our customers, suppliers, and partners, as well as for implementing physical security measures at our data center locations—such as access control and video surveillance.Skygard acts as a data processor when we process personal data on behalf of customers using our data center services. This includes situations where we operate or store customer data in our data centers.

Our Processing of Personal Data

Skygard processes personal data for the following main purposes, which cover the core data processing activities in our business:Handling Inquiries via Contact Forms or Email
  • Purpose: To respond to inquiries
  • Legal Basis: Legitimate interest (GDPR Article 6(1)(f)) or pre-contractual measures (GDPR Article 6(1)(b))
  • Legitimate Interest: To receive and respond to inquiries from visitors, customers, and other stakeholders in an effective and appropriate manner
  • Categories of Personal Data: Name, email address, message content
Financial Follow-Up and Invoicing of Customers, Suppliers, and Partners
  • Purpose: Manage contractual relationships, including sending and following up on invoices, payments, and accounting
  • Legal Basis: Performance of a contract (GDPR Article 6(1)(b)) or legal obligation (GDPR Article 6(1)(c)) under accounting regulations
  • Categories of Personal Data: Name, position, and contact information of contacts at customers, suppliers, and partners, invoice information, bank account number (for payments), and correspondence related to finance and contracts
Implementation of Physical Security Measures at Our Data Center Locations, such as Access Control and Video Surveillance
  • Purpose: To ensure the physical protection of data centers, infrastructure, and customer data, including preventing and managing unauthorized access, theft, and other security incidents
  • Legal Basis: Legitimate interest (GDPR Article 6(1)(f))
  • Legitimate Interest: To protect the company’s and customers’ assets, prevent and detect security breaches, and comply with security obligations toward customers and authorities
  • Categories of Personal Data: Name, contact information, access ID or card number, time of entry and exit, as well as video footage with timestamps and location from surveillance cameras
Recruitment
  • Purpose: To assess applicants for open positions, conduct interviews, and make hiring decisions
  • Legal Basis: Pre-contractual measures (GDPR Article 6(1)(b)), legitimate interest, or consent (GDPR Article 6(1)(a)) if the applicant wishes their information to be stored for future openings
  • Legitimate Interest: To ensure we hire the right candidate
  • Categories of Personal Data: Name, contact information, CV, application letter, certificates, diplomas, references, interview notes, and any other information provided during the application process

Analysis of Traffic and User Behavior on www.skygard.no

We use the analytics tool Vercel Analytics to understand how the website is used, including which pages are most visited, which devices and browsers are used, and where users come from. The purpose is to improve functionality, content, and user experience.This tool does not use cookies, store data in the browser's local storage, or recognize users across sessions or days. Each visitor is identified using a temporary, anonymous hash generated from the incoming request, which resets daily. Only aggregated data such as page views per subpage, country, device type, and operating system is processed on the server side. No personal data is stored or processed at the individual level.Based on this—and the supplier’s technical specifications—we believe no personal data requiring consent under the Norwegian Electronic Communications Act or GDPR is processed. If this assessment changes, we will update our privacy policy and secure the necessary legal basis.

Your Rights

Everyone has the right to:
  • Access the personal data we process about them
  • Request correction of inaccurate or incomplete data
  • Request deletion of data in certain circumstances
  • Request restriction of processing
  • Object to processing
  • Data portability (where applicable)
  • Not be subject to automated decisions with legal or significant effects
To exercise your rights, contact us at bjorn.almas@skygard.no. We will process requests as quickly as possible, normally within 30 working days.If you believe we are processing personal data in violation of data protection laws, you may file a complaint with Skygard’s Security Manager at bjorn.almas@skygard.no, or directly with the Norwegian Data Protection Authority (Datatilsynet).More information is available at www.datatilsynet.no.

Sharing of Personal Data

We share personal data with third parties when necessary to deliver our services or fulfill legal obligations. This may include:
  • IT and system vendors assisting with the operation and maintenance of our systems
  • Accountants and financial partners
  • Providers of website and security services
When using external vendors that process personal data on our behalf, we enter into data processing agreements to ensure the processing complies with data protection laws and follows our instructions.

Storage and Deletion of Your Personal Data

Personal data processed by Skygard is stored on servers located in Norway and Europe.We store personal data only as long as necessary to fulfill the purposes for which it was collected, or as long as we are legally required to retain it. Retention time varies depending on the type of data and its use.For example:
  • Contact information in accounting systems is kept in accordance with bookkeeping laws
  • Information from contact forms is deleted after follow-up is completed, unless a customer relationship exists
  • Job application documents are deleted within a reasonable time after the recruitment process ends, unless consent is given for further retention
  • Access logs and surveillance recordings from our data centers are stored for a limited period, unless required to investigate or document a security incident

Transfer of Personal Data to Third Countries

As a general rule, we do not transfer personal data to countries outside the EU/EEA. In exceptional cases, personal data may be accessed by personnel located in third countries when accessing data stored within the EU/EEA.In such cases, Skygard ensures a valid legal basis for the transfer and that the data is subject to adequate protection. This may include using Standard Contractual Clauses (SCCs) or transferring data to companies in the U.S. that are certified under the EU-U.S. Data Privacy Framework.

Information Security

We take information security seriously and have implemented appropriate security measures to protect the integrity, availability, and confidentiality of your personal data. Access to your personal data is limited to employees who have a legitimate need for it. We also provide training to employees and third parties where relevant to promote awareness of our information security and privacy policies.

Contact Information

If you have questions about how Skygard processes personal data, or wish to exercise your rights under privacy law, please contact us at:
bjorn.almas@skygard.no