You are entitled to request us to erase any personal data we hold about you under EU General Data Protection Regulation (GDPR). We will do our best to respond promptly and in any event within one month of the following:

  • Our receipt of your written request; or

  • Our receipt of any further information we may ask you to provide to enable us to comply with your request, whichever happens to be later.

To ensure we are erasing data of the right person we may require you to provide us with proof of your identity. If we are not satisfied you are who you claim to be, we reserve the right to refuse to grant your request.

Reason for erasure request

Given the sensitive nature of erasing personal data, GDPR Article 17(1) requires certain conditions to be met before a request may be considered. We may ask you to supply us with the reason you wish your data to be erased and any documentation justifying the request.

Possible reasons:

  • You feel your personal data is no longer necessary for the purposes for which we originally collected it.

  • You no longer consent to our processing of your personal data.

  • You object to our processing of your personal data as is your right under Article 21 of the GDPR.

  • You feel your personal data has been unlawfully processed.

  • You feel we are subject to a legal obligation of the EU or Member State that requires the erasure of your personal data.

  • You are a child, you represent a child, or you were a child at the time of the data processing and you feel your personal data was used to offer you information society services.

Please note that. In certain circumstances, where erasure would adversely affect the freedom of expression, contradict a legal obligation, act against the public interest in the area of public health, act against the public interest in the area of scientific or historical research, or prohibit the establishment of a legal defence or exercise of other legal claims, we may not be able to erase the information you requested in accordance with article 17(3) of the GDPR. In such cases you will be informed promptly and given full reasons for that decision.

Consequences and retention

We encourage you to review the information we collect, the purposes we collect your information for and how long we store that information in our privacy policy. It has also an overview of your privacy rights.

NOTE!
If you are a tenant at a building that uses Orbit as its main access control provider, deleting your data will result in your access to that building being denied by the building's facility manager.

If you believe that we process personal data unlawfully, you have the right to complain to the Norwegian Data Protection Authority. We hope that you will contact us first so that we can assess your objections and resolve any misunderstandings.

Did this answer your question?