Security/Privacy

how we handle your personal data

Garantihuset is dedicated to protect your personal data and personal privacy. Your information shall be safe with us. This includes all information that can be used to identify you personally, such as your national identity number, contact information and information regarding the products you have purchased from Garantihuset.

The data controller is the person who decides on the purpose for collecting and processing the personal data. In Garantihuset, the data controller is the Chief Executive Officer of the company with which you have entered into an agreement. We handle personal data in conjunction with providing insurance, guarantee and warranty solution services. When referring to Garantihuset throughout this document, we include following companies:

Garantihuset AS (Norway)
Sørkedalsveien 6
0369 Oslo Norway

Garantihuset AB (Sweden)
Sørkedalsveien 6
0369 Oslo Norway

Garantihuset ApS (Denmark)
Sørkedalsveien 6
0369 Oslo Norway

Collecting and using personal data.
We collect and use personal data for different purposes, and with different objectives. Here is an overview.

 

The purpose for processing personal data is to collect, verify and process personal data before we make an offer and enter into an agreement with you. Once we have entered into an agreement, we use your personal data to document, administer and complete tasks in order to deliver the agreed services.

The purpose for processing your personal data is to be able to meet the requirements of an agreement between Garantihuset and you, and to protect our legitimate interests in administering our relationship with you, the customer. Where it is necessary to process special categories of personal data, we will first ask for your consent.

The Garantihuset Group consists of multiple departments, sub-units and branches . We have a common customer database for pensions, savings, insurance and banking services. The objective of a Group-level customer database is to manage all your agreements in one place and coordinate the different products and services from the different companies in Garantihuset to create synergies for the customer.

The companies in The Garantihuset Group are collectively responsible for the Group’s customer database, and each company is responsible for protecting your privacy rights as a customer.

We use personal data to forecast demand for new products and services, as well as to identify the need for improvements to existing products and services.

The purpose for processing personal information is Garantihuset’s legitimate strive to develop and improve our products and services

We process personal data in order to promote our products and services, build customer profiles and perform product and customer analyses. We do this to be able to offer you relevant and customized services and offers.

We use personal data to give you relevant information, advice and to market our products and services. We use profiling and segmentation to ensure that marketing information is relevant to you.

If you are already a customer, we use your data on the basis of a legitimate interest in order to provide you with information and offers.

If you are not yet a customer, we will ask you for your consent to receive digital marketing or consent for telephone marketing. We will respect any reservations against marketing.

We process personal data to conduct analyses and compile statistics in order to assess risk and profitability and set correct tariffs and prices. In addition, we use these analyses when deciding whether or not to develop new and existing products and services.

The purpose for processing personal data is both to comply with our legal requirements under company law, and Garantihuset’s legitimate interest in using personal data to gain necessary insights to run our business.

We must use personal data to comply with legal requirements under local laws, regulations and public policy.

The reason for processing personal data is to ensure compliance with laws and regulations relating to our business operations.

Garantihuset is required to process personal data in order to prevent, detect, solve and manage cases of fraud and other criminal offences against Garantihuset. Garantihuset is thus required to collect and disclose information to other financial institutions, the public authorities, for example ØKOKRIM (the Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime) should we become suspicious of money laundering or terror financing. According to the anti-money laundering act and the personal data act, we are not obliged to disclose this information to you. The information is stored in accordance with the anti-money laundering act.

The basis of the management of this can both be fulfillment of a legal obligation and Garantihuset’s entitled interest to prevent, identify, detect, resolve and deal with fraud and other criminal offences against any of our companies.

For us, it is necessary to manage personal data to secure yours and Garantihuset’s assets. This is done through access control to systems, logs on servers and systems, operations of technical infrastructure, firewall and access control and video surveillance.

The purpose of this can both be contractual obligations, fulfillment of legal obligations and Garantihuset’s legitimate interest to protect yours and our assets.

We process personal data to determine, assert and defend legal claims, for instance in regards of processing complaints, recourse claims and legal proceedings.

The purpose is Garantihuset’s entitled interest to determine, assert and defend legal claims. In order to protect this purpose, we can process specific categories of personal data without consent.

In certain cases, we must ask for your consent, for instance in order to:

  • process special categories personal data, such as personal health data
  • share information on your customer relationship between Garantihuset’s departments, sub-units and branches
  • send electronic marketing regarding products and services that you do not already have

We process different types of your personal data depending on what relation you have to Garantihuset and what types of products and services you have bought.

We have grouped the personal information we process into the following categories:

  • Identity information, such as national identity number, or other identity numbers issued by public authorities and copy of identity documentation.
  • Contact information and other general information, such as name, phone numbers, e-mail addresses, zip code, family status, date of birth, education background.
  • Financial information and information on insurance objects, such as type of agreements, information on income, payment card number, transaction data, credit history, assets, property, insurance history.
  • Information determined by law, such as tax residence, foreign tax registration number, information regarding financial advice, information regarding measures against money laundering.
  • Special categories of information, such as health information and union membership.

Primarily, Garantihuset obtain information directly from you. Sometimes, we obtain information from other sources, such as your employer, public institutions and registers, and private institutions.

We inform you when we obtain information about you, unless due to legal requirements, notification is impossible or unreasonable difficult, or if we know that you are already aware that we obtain this information.

Confidentiality
All employees, management and member of the board in Garantihuset have a duty of confidentiality regarding information we receive in connection to your customer relationship.

 

The Garantihuset Group has an internal consolidated customer database that is available to all the companies in the Group and includes the following information:

  • Contact information
  • National identity number
  • The services and products you have purchased
  • which entity or entities in the Group you have a customer relationship with

The information is used to manage the customer relationship and to coordinate advice, offers of services and marketing between the companies.

If you would like more relevant offers from Garantihuset, you can consent to the companies of Garantihuset sharing information about your customer relationship. This can be information on income, employment conditions, amount of loans and savings, or information on transactions and insured assets. We do not share sensitive data such as health information. You can give and withdraw consent in your customer profile on www. ghno.no, or through contacting our service center.

When required by law, Garantihuset must give your personal information to public authorities such as NAV (the Norwegian Labour and Welfare Administration), the tax authorities, Økokrim (the Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime) and others. If legislation permits it and if the duty of confidentiality does not hinder it, personal data can be given to other financial institutions and partners. Disclosing certain personal data can also take place during payment transactions, when it is necessary in order to ensure the transaction is carried out securely. When it is necessary, Garantihuset will disclose personal information to partners who contributes in the claim settlement process.

If your employer has your pension scheme in Garantihuset, we inform the employer about the insurance premium that is paid for you and information about your pension benefits.

If you use the pension calculator from Norsk Pensjon or affiliates, Garantihuset hands over personal data after getting your consent. If you take out insurance on a car, house, boat, etc., we will send a confirmation to the finance company or mortgagee.

As with other industry actors, we share personal data with different registers that are managed by Finance Norway, the industry organization for the finance sector in Norway. We hand out personal information to the following registers, where justified:

  • FOSS (Forsikringsselskapenes sentrale skaderegister): The insurance companies central damage register. Its purpose is to prevent and limit insurance fraud.
  • ROFF (Register over forsikringssøkere og forsikrede): Register of insurance applicants and those who are insured. Its purpose is to improve and ensure a uniform risk assessment and to reduce the risk of insurance fraud.
  • TFF Auto: Register of insured vehicles. Its purpose is to keep track of insurance status on vehicles in order to issue a fee in the absence of insurance, know which company insures which vehicles, and to form the basis for calculating the traffic insurance fee.
  • DBS (Dataassistert skadebesiktigelsessystem): System for calculating damages to vehicles. Its purpose is to ensure satisfactory completion and correct valuation and settlement of damage.
  • NHV (Nemnda for helsevurdering): NHV is established by the insurance companies in order to assess how health conditions can affect mortality rates, and the risk of future disability and illness.
    Norwegian Natural Perils Pool: Distributes claims and costs between insurance company members, in proportion to their share of the market.
  • no: Coordination of valuation surveyors for major events

Garantihuset has entered into data processing agreements with subcontractors, for example in order to perform IT services. Our proprietary data processing agreements regulate all the personal information that is shared with our subcontractors. Our subcontractors cannot use the information for purposes other than those they are obtained for. Certain subcontractors are placed outside of the EEC. Transfer of personal information to actors located outside the EEC can only be done if there is a valid reason for the transfer and a guarantee that handling your information is sufficiently secure. In such cases we use EU standard agreements, including Standard Contractual Clauses (SCC) or Binding Corporates Rules (BCR) with the subcontractor, in order to ensure that the privacy and rights of the individuals concerned are protected.

Your rights

 

You have the right to receive information about what personal data we process and how we process it. Under “Overview”, once you are logged into ghno.no, you can view information on all the products you have purchased. Under “My customer profile” you can see which information we have stored about you, and which consents you have given us relating to this information. This gives you a good overview of the types of personal data Garantihuset manages for you.

If you have questions about how we treat your personal information, you can always contact our Data Protection Department at garanti@ghno.no, we will require the following information from you:

  • Which companies in the Garantihuset Group the inquiry relates to
  • If you would like information from a certain customer relationship such as bank, insurance or savings
  • If you would like information from a certain time period

You will get a reply from us as quickly as possible, and no later than within 30 days.

It is important that the information we have about you is accurate and necessary. You can request that we correct and delete information about you if it is inaccurate or unnecessary.

Garantihuset stores your information as long as you are our customer. The information is deleted when we no longer have obligations under the agreement you have made with us or when we are no longer legally bound to store this information. If you have questions regarding deletion of your personal information, you can send a secure e-mail to Garantihuset’s Data Protection Department: garanti@ghno.no

We anonymize data used for statistics and analysis whenever possible. If the statistics or analysis cannot be performed on anonymized data, we mask the information we use to protect your privacy.

Under certain circumstances, Garantihuset reserves the right to process personal information based on an evaluation of maintaining a balance between our interests and your interests as our customer. This includes, amongst other things, data processing connected to marketing, testing IT systems and the development of new products and services.

If there are special circumstances that mean that Garantihuset should not process your personal data for such purposes, you can notify us about this. In such cases, we will evaluate the weight of each party’s interests. Garantihuset will continue the proceedings if it is necessary in order to determine, assert and defend legal claims. You can at any moment claim that Garantihuset must terminate the use of your personal information for marketing that targets you directly. This can be done from your customer profile on ghno.no.

In certain cases, you can claim that Garantihuset must limit the processing of your personal information. We will still have the information stored, but all processing of this data shall be stopped temporarily.

For example:

  • If your personal information in incorrect
  • If Garantihuset wish to delete information, but we need the information due to a legal claim
  • If you register a claim against processing the data, and it is based on an evaluation of each party’s interests, Garantihuset can continue processing data
  • If it is necessary in order to determine, assert and defend legal claims
  • To protect the rights of others
  • For the sake of important public interests

You can request us to transfer information that you have provided yourself when entering into an agreement with us or given your consent to. If the information security level is acceptable and technically feasible, we can transfer your information to a company that you specify.

You can read more on requirements for processing your personal information and your rights on The Norwegian Data Protection Authority’s website.

Automated individual decisions
Certain decisions Garantihuset makes are fully automated, which means that there is a computer program that makes the decision. We do this in order to ensure efficient and accurate operations, and to give you the best possible services. If the result of automated decisions affects you significantly, you can always claim a manual assessment of the decision. We will inform you when this is the case. At our website, under «contact us», you can learn the different ways to contact us.

If we use special categories of personal data to undertake an automated individual decision, we will ask for you consent.

Privacy Policy – ghno.no and all subdomains
Use of Cookies

A cookie is a data file stored in your browser that our website can read and write to. Other websites cannot see the contents of Garantihuset’s cookies without both you and Garantihuset allowing it.

Primarily, we use cookies in order to optimize your user experience on our website. Some cookies are necessary for the site to work. For example, the login is based on certain cookies. Functional cookies help us customize our website to your wishes. These cookies can for instance remember what you have put in the shopping basket on prior visits, whether you are logged in and which settings you have selected. This means, among other things, that you do not have to enter the same information several times. We also use cookies to collect statistics on how the site is used, and we can use cookies to customize ads you see on other websites.

We have divided the cookies into the following categories:

  • Necessary – crucial for the functioning of the website.
  • Functional – store information in order to customize the website to your needs
  • Statistics – collect data on, among other things, the number of visitors to the site and what pages are read the most
  • Marketing – collect information that enables customized and relevant marketing, based on how you interact with the website.

You can choose separately whether or not to allow cookies that are for functional, statistical or marketing purposes. You can change your settings whenever you want to. 

If you consent to marketing cookies, this may lead to the following happening in your browser:

Privacy Policy – ghno.no and all subdomains
Use of Cookies

A cookie is a data file stored in your browser that our website can read and write to. Other websites cannot see the contents of Garantihuset’s cookies without both you and Garantihuset allowing it.

Primarily, we use cookies in order to optimize your user experience on our website. Some cookies are necessary for the site to work. For example, the login is based on certain cookies. Functional cookies help us customize our website to your wishes. These cookies can for instance remember what you have put in the shopping basket on prior visits, whether you are logged in and which settings you have selected. This means, among other things, that you do not have to enter the same information several times. We also use cookies to collect statistics on how the site is used, and we can use cookies to customize ads you see on other websites.

We have divided the cookies into the following categories:

  • Necessary – crucial for the functioning of the website.
  • Functional – store information in order to customize the website to your needs
  • Statistics – collect data on, among other things, the number of visitors to the site and what pages are read the most
  • Marketing – collect information that enables customized and relevant marketing, based on how you interact with the website.

You can choose separately whether or not to allow cookies that are for functional, statistical or marketing purposes. You can change your settings whenever you want to. 

If you consent to marketing cookies, this may lead to the following happening in your browser:

Your visits to particular pages and your use of them is tracked. The information may be shared with partners of Garantihuset, such as Facebook.

Information about your visit to ghno.no may be used to deliver ads on other websites.

Information about your visits to ghno.no may be merged across the different devices (PCs, tablets, phones) you use.

We may share anonymized information about you and your visits to ghno.no with our partners.

performing a purchase, we may connect actions you performed before the identification to your person. This allows us to better understand what marketing messages you received before buying a product or using some other service that requires login. 

For how long are cookies stored?
Cookies remain in your browser until you delete them, or they expire. The expiration date varies, but are typically updated every time you visit our website.

How to reject or delete cookies
On nettvett.no you can find instructions on how to delete or reject cookies in your browser. In addition, you can manage cookie-use per category on ghno.no

Please note that this will cause you to lose functionality on ghno.no and other websites. This could typically mean that you will have to go through more clicks to get to the page you want to go to, or that you must enter the same information multiple times to do what you want to do.

We have some partners who also place cookies in your browser when you visit Garantihuset’s website. Use the following information if you wish to opt out of this:

  • MyNewsdesk (In Norwegian only)
  • Facebook
  • Google


Questions on cookies
We continually work to develop our webpages in order to give you the best user experience. As a result, which cookies that are placed in your browser can vary.

We may contact you by e-mail or over phone to help you with your purchase when you use the purchase solutions on ghno.no. In your personal customer profile, you can specify how you want us to provide purchasing help. You can choose not to be contacted by reserving yourself in the individual purchase solution. We can help you with purchases for 30 days before we delete your information.

For our payment service provider to conduct payment for products on ghno.no, you are asked to provide credit/debit card information. This information is stored solely with the supplier and is subject to the supplier’s privacy policy. We keep payment information only to the extent and as long as it is necessary to ensure effective processing of any problems with debit, cancellation of reservations and credit.

How do we use person profiles?

In order to give you the best customer experience at Garantihuset we want to adapt our communication and marketing to you. In order to do this, we make person profiles. We never use special categories of personal data, such as health information, when we make person profiles.

When we create a person profile for the purpose of communication and marketing, we use the following information:

  • Information you have provided in connection with purchase of our products
  • Information you share with us when you use our services
  • Your behavior data from digital communication and ghno.no
  • Information from publicly available registers


We use your information to ensure that we offer you relevant and customized services and offers. You can get insight into what information the person profile is made from on your profile on ghno.no. You can also reserve yourself against us storing information about your behavior on our website in your customer profile.

Garantihuset also use personal profiles when we work with insurances, in order to notice cases who need more attention. We do not use «special categories» of personal data, such as information about your health, when creating these person profiles.

When we create person profiles in relation to insurance we use the following information:

  • Information you have shared when buying our products
  • Information you share with us when you use our services
  • Information you share with us when creating and managing an insurance case
  • Information collected from third parties
  • Information from publicly available registers


No automated decisions is made when considering insurance cases like this.

We want to provide you as a customer with relevant information in regards to your customer relationship with us. We send you this as a newsletter by e-mail. The content of the newsletter is based on the information we have about you and your customer relationship, such as what products you have, your age, life situation and place of residence. We collect information about how you read the emails, so that we can provide you with even better customized content. Among other things, we look at how often you open the e-mails, and which issues you are interested in / click on.

In order for us to send you an e-mail, you must register an e-mail address with us. You can easily unsubscribe from the newsletters at the bottom of the email you have received. In your customer profile on ghno.no, you will see that you have unsubscribed, and there you can also sign up again.

We answer general questions from our customers through several social media platforms. When contacting us through social media, you must never provide personal information. We take privacy seriously and we will delete posts that contain personal information such as social security numbers or bank account numbers. If you want personal advice, we recommend using secure channels, such as a telephone or our logged in chat function.

We remind you that everything you do on the various social media platforms is registered by the platform and can be used to customize your user experience. 

We will delete posts that contain abusiv language or offensive content in any shape or form.

We want to provide our customers with personalized marketing in digital channels. In order to receive this, you must give consent for receiving electronic marketing from us via email, SMS, social media and other websites (such as Google and Schibsted). You can always give and withdraw your consents in your customer profile on ghno.no, or by contacting our customer center. 

For digital marketing we always use the e-mail address or the phone number that you have provided. In order to get personalized marketing in social media and other websites, we need to know who you are when using the relevant channels and websites. We do this by linking, for example, the mobile number and e-mail address you have given us, with corresponding information that you have given to relevant social media and websites. Once the link is made, you will be able to get information and marketing that we hope and believe is relevant to you.

The Business & Partner Portal is a solution for Garantihuset’s corporate customers and partners. Here, the company/partner can, among other things, manage participants of collective agreements, receive invoices, view history of employee and contractual relations, manage and view sales and comissions and send and receive inquiries from Garantihuset in accordance with Garantihuset’s security requirements.

The company/partner appoints the persons who has service needs to access information about both the agreement and employees associated with the agreement. In the Portal, information such as employee salary, position, employment status, sales, comissions, and degree of disability can be available. Garantihuset emphasizes that the company must themselves consider whether employees who are granted access are eligible to access this information. When the company creates users for the Portal, the company confirms that the appointed person is eligible for access to the information mentioned above.

The Business & Partner Portal contains cookies that are stored on your computer. Cookies are used in the Business & Partner Portal for login purposes, to make sure our visitor statistics to be reliable, and to provide users with the best possible functionality. We also use Google Analytics for optimization and traffic analysis to improve the portal. We delete information stored in the Business & Partner Portal according to established principles.

When Garantihuset provides investment services, we are required by law to provide documentation of these services. That is why we make audio recordings of all phone calls and store other customer communications, such as e-mail and chat. Contact your advisor if there is any information you do not want stored. We must store documentation related to investment services for five years. The purpose of this is to ensure that the investment service we provide is documented.

We record other phone calls unless you reserve yourself from this. We want to record conversations to make sure that information shared is accurate and to give you confidence in the advice we provide. We also want to use the conversation to train our employees. We store these recordings for three years. 

Garantihuset’s chatbot helps you with answers to questions and simple services. For the robot to be better, we take samples of what customers ask for and improve the robot’s response based on this.

If you have used our chatbot on logged-in pages, we store the information in our customer system for three years, and five years for investment services, to ensure that information that is shared is accurate and gives you confidence in the advice we provide. Open page chats are deleted continuously.

We conduct short surveys with our customers after they have been in contact with Garantihuset. The feedback we receive from these surveys provides us with valuable input on how we can improve our products and services. It also allows us to measure the effect of our improvement efforts, as well as to understand how customer satisfaction affects customer behavior over time.

If you do not want to share this type of information with us, you can simply refrain from responding to the survey. We use Norstat for data-processing in conjunction with customer and marketing questionnaires.

Garantihuset Community is our online customer panel, where we invite customers to participate in customer surveys, group discussions and testing of new digital services. Participation is voluntary, and you can opt out of the panel at any time. In some cases, Garantihuset will call and ask for more information when customers have provided feedback. 

Changes in the privacy policy
We periodically need to update this privacy policy in order to provide you with accurate information about how we process personal data. 

Last updated May 2021