Marriage4life app – GDPR

PRIVACY POLICY FOR Marriage4life APP

This privacy policy applies to Marriage4life App (“we” or “us”).
We are the data controller for the processing of personal data described in this privacy policy. You will find our contact information below.

Who we process personal data about

This privacy policy applies to our processing of personal data regarding the following categories of individuals:

  • Private customers
  • Clients in criminal cases
  • Contact persons at corporate clients
  • Contact persons at our suppliers and partners
  • Individuals involved in cases we assist with
  • Other individuals mentioned in case documents we gain access to
  • Visitors to our website

2. Purpose, types of personal data and legal basis

Below is an overview of the purposes for which we process personal data, the types of personal data we process, and the legal basis for the processing.

Establishing a client relationship: When contacted by a client with a request for assistance, we perform an internal independence/conflict check before accepting the assignment. This serves a legitimate purpose and is based on GDPR Article 6(1)(f) (legitimate interest). Conflict checks usually involve the full name of the client, the opposing party, and other relevant parties.

In connection with establishing a client relationship, we also conduct customer due diligence in accordance with anti-money laundering legislation. This is necessary to fulfill our legal obligations under the Anti-Money Laundering Act, cf. GDPR Article 6(1)(c).

If we accept the assignment, contact details are registered. For private customers, this is necessary to enter into an agreement, cf. GDPR Article 6(1)(b). For corporate clients, the registration of contact information is based on legitimate interest, cf. GDPR Article 6(1)(f).

Case handling: Certain assignments may involve access to personal data about parties or other individuals affected by a case. Such data may appear in documents provided by the client or in correspondence. Processing in connection with corporate clients is based on GDPR Article 6(1)(f). In some cases, we also process sensitive data such as health information or criminal records. This is based on GDPR Article 9(2)(f) (necessary for the establishment, exercise, or defense of legal claims).

Knowledge management: Processing is based on our legitimate interest in utilizing acquired knowledge in further advisory work, cf. GDPR Article 6(1)(f).

Client administration: Separate case files are created for assignments. Time and costs incurred are registered in our accounting system. For corporate clients, this is based on GDPR Article 6(1)(f), while for private customers it is necessary to fulfill the agreement, cf. GDPR Article 6(1)(b).

Storage of case documents: We retain case documents for 10 years after the assignment is completed. The legal basis is GDPR Article 6(1)(f) and GDPR Article 9(2)(f).

Invoicing: For corporate clients, invoices are addressed using provided contact details. For private clients, personal postal addresses are used. The legal basis is GDPR Article 6(1)(f) for corporate clients and GDPR Article 6(1)(b) for private customers.

IT operations and security: Personal data stored in our IT systems may be accessed during updates, security measures, error correction, or maintenance. The legal basis is GDPR Article 6(1)(f) and GDPR Articles 32 and 6(1)(c).

Marketing: We send newsletters to clients and others who have requested them. Recipients can easily unsubscribe via a link in each email. The legal basis is GDPR Article 6(1)(f) where the email was obtained in connection with an assignment, or consent in accordance with GDPR Article 6(1)(a) and the Marketing Act.

3. Who we share personal data with

Our IT service providers may have access to personal data if it is stored with or otherwise available to them under contract. They act under a data processing agreement and may only process data as instructed by us.

All information entrusted to us in connection with assignments is treated confidentially.

We do not disclose personal data in other ways than described in this policy unless explicitly requested or consented to by the client, or if disclosure is required by law.

4. Lagring av personopplysninger

We retain case documents for 2 years before archiving them for an additional 8 years.

Accounting laws also require us to retain certain documents for specific periods.

When a purpose requires storage for a given period, personal data will only be used for that purpose during that time.

5. Your rights

You have rights in relation to personal data concerning you. Which rights you have depends on the circumstances.

Withdraw consent: If you have given consent to receive newsletters from us, you may withdraw this consent at any time. We have made it possible for you to easily opt out of such communications by including a link to an unsubscribe form in each communication. If you have consented to other processing of personal data, you may also withdraw your consent regarding such processing at any time by contacting us.

Request access: You have the right to access the personal data we have registered about you, insofar as confidentiality obligations do not prevent this. To ensure that personal data is disclosed to the correct person, we may require that a request for access be made in writing or that identity is verified in another way.

Request rectification or deletion: You may ask us to correct incorrect information we have about you or to delete personal data. We will, as far as possible, comply with a request to delete personal data, but we cannot do so if there are compelling reasons not to delete, for example if we are required to store the information for documentation purposes.

Data portability: In some cases, you may have the right to obtain personal data you have provided to us and have it transferred in a machine-readable format to another company. If technically possible, in some cases you may also have the data transferred directly to the other company.

Complaint to the supervisory authority: If you disagree with the way we process your personal data, you may submit a complaint to the supervisory authority.

6. Security

We have established procedures for handling personal data in a secure manner. The measures are both technical and organizational in nature. We carry out regular assessments of the security of all central systems used for handling personal data, and agreements have been entered into which require the suppliers of such systems to ensure satisfactory information security.

Access to personal data (and client/case information) is limited to personnel who need access in order to perform their tasks.

We have adopted internal IT guidelines and we provide regular training to employees regarding security and the use of IT systems.

7. Changes to the privacy policy

We may make minor changes to this privacy policy. You will always find the latest version on our website. In the event of significant changes, we will notify you.

8. Contact us

If you have any questions or comments about our privacy policy, or if you wish to exercise your rights, you may contact us:

Marriage4life app
C. J. Hambros plass 2d, 0164 Oslo
Tlf: (+47) 918 37 739

Epost: sn@scolaw.no

The Data Protection Officer is partner Mohammad Shahzad Nazir.