Qondor Privacy policy

Your data is important to us and this is our privacy policy

Nils Olav Rislå avatar
Written by Nils Olav Rislå
Updated over a week ago

Qondor AS is the company that offers the Qondor services.

Qondor AS is a data processor for personal data processed through our Qondor services. We process these data on behalf of our customers (the Data Controllers).
Qondor AS is a Norwegian limited company with organization number 982 685 478. Our postal address is Postboks 1717, 7416 Trondheim, Norway and our e-mail address is support@qondor.com.

Categories of data processed

We process the following categories of personal data on behalf of the data controllers:

Personal data as collected by the Customer or on the order of the Customer, which may inter alia include, name, address, date of birth, contact information such as e-mail addresses and postal addresses, hotel reservations, flight information and information on allergies, as well as other types of Personal Data relevant for Customer’s administration of meetings and event including invoicing.

Source of Personal Data

The Personal Data processed through Qondor services originate in information you have given to your travel agency, event organizer or similar and may include additional information added by your travel agency, event organizer or similar.

According to applicable Personal Data regulations, it is voluntarily for you to provide your Personal Data to your travel agency, event organizer or similar.

The purpose of processing of personal data

The purpose of our processing of personal data is to fulfill our contracts with our customers, which is to provide web-based administrative system for handling Meetings, Incentives, Conferences and Events, tailored to professionals.

We process data solely with basis in data processing agreements with our customers. We do not process personal data through our Qondor services for our own purposes.

Use of sub-processor

Qondor is a cloud-based system, which runs on Microsoft Azure infrastructure. Qondor AS is an enterprise agreement partner of Microsoft with a Data Processing Agreement in place. See more on http://azure.microsoft.com/en-us/support/trust-center/

Microsoft, as a sub-processor, stores the personal Data in Ireland (Region North Europe).

Qondor process and store personal data inside the EU/EEA-area. 

In addition Qondor uses e-mail services provided by Mandrill (part of Mailchimp) in the US, and with transfer legally based on Mailchimp’s Standard Contractual Clauses (SCC). Qondor also uses SMS-services provided by the Irish company Twilio, and where Twilio’s processing in the US is based on Standard Contractual Clauses (SCC) and Twilio Binding Corporate rules.

With whom we share your information

We do not share personal data with third parties. We solely process data on behalf of our customers, the Data Controllers.

Exercising your rights – contact details Data Controllers

Requests from you (the Data Subject) concerning their rights according to the GDPR, such as access according to GDPR art 15, rectification according to GDPR art 16 and deletion according to GDPR 17, shall be directed to our Customers. Our Customers are responsible for handling such requests. 

You can therefore contact your travel agency, event organizer or similar, concerning such requests.

Furthermore, if your Personal Data is processed based on your consent, you can at any time withdraw the consent by contacting the company you gave the consent to, which will be your travel agency, event organizer or similar.

Data Retention and Security

We retain and archive Personal Data to the extent that Data Controller through the data processing agreement instructs us to do.

We take Data Security seriously, and comply with security requirements according to Norwegian and EU Personal Data regulations.

Security audits are to be performed at least once a year.

Choice of law

Qondor AS is a Norwegian limited company. This privacy policy as well as our processing of personal data in conducted according to, and should be interpreted according to, Norwegian regulations on Personal Data. For the sake of clarity we add that EU regulations on Personal Data apply to Norway as well as to us.

Did this answer your question?