This Personal Data Privacy Statement explains what Personal Data PGS collects from you, how we use the data, and how you may exercise your rights.
PGS ASA and its subsidiaries (“PGS” or the "PGS Group") process Personal Data from external individuals, such as representatives of our customers, suppliers and business partners, and other persons who contact us, for example by participation at our events or by newsletter signup.
Personal Data means any information relating to an identified or identifiable natural person ("Data Subject").
This Privacy Statement explains which Personal Data PGS collects from you, how we use the data, and how you may exercise your rights pursuant to applicable data protection legislation.
If you have any questions or concerns about our collection of and processing of your Personal Data, please do not hesitate to contact PGS Geophysical AS, Lilleakerveien 4C, 0283 Oslo, attn. PGS Global Data Protection Officer, e-mail firstname.lastname@example.org
PGS Geophysical AS is to be regarded as the Controller for the use of the data mentioned in this Privacy Statement.
Purpose and Legal Basis
PGS collects data to operate effectively, optimize your experience of our products, prepare and deliver our services to our customers, receive services from our suppliers, collaborate with our business partners, and share information about our work and participation in events.
Personal Data we collect may be combined with data obtained from other services of PGS and other companies. Subject to the section below on 'Reasons We Share Personal Data', access to your Personal Data is strictly limited to PGS employees who have appropriate authorization and a clear business need for that data.
The legal basis for our collection and processing of Personal Data is the EU Regulation 2016/679 ("GDPR"). More specifically, we base our processing on Article 6.1
(b) necessary for the performance of a contract
(f) necessary for the legitimate interests pursued by us, which are not overridden by the interests of you as a Data Subject.
How We Use Personal Data
This Privacy Statement tells you what to expect when PGS collects your Personal Data.
1. Visitors to our Website
When someone visits www.pgs.com we collect standard website traffic information and details of visitor behavior patterns. Visitors to www.pgs.com who seek information about our products or services, or submit other information to us, may be asked to provide Personal Data, typically an email address, postal address, name, and how an email received from PGS is used by you. Further, the Personal Data we collect may also include company name, phone number, fax number, title, and department name.
In order to provide our customers with the services they require from us, PGS collects and stores business-to-business contact information, such as name, company name, phone number, fax number, title, and department name. We also store exchanged communication, preferences, or feedback that is important to fulfill your order.
3. Subscribers to Newsletters
When we distribute newsletters, we gather statistics using industry-standard technologies to help us monitor and improve the user experience. You can unsubscribe from any of our newsletters if you no longer wish to receive them.
4. Suppliers and Business Partners
PGS stores business contact information, such as name, address, telephone, and email, necessary to process invoices, payments or other commitments with suppliers, agents, or other business partners. In connection with the selection process, we collect due diligence information, which may include company structure, credit checks, references, interviews, and other background checks. We also conduct integrity due diligence checks in order to comply with applicable anti-bribery and corruption legislation. This process will in some instances include collecting and processing Personal Data of directors, officers, and contact persons such as name, nationality, residence, existing position, former positions, ownership participation, appointments, status as a public official, and CVs.
5. Recipients and Providers of Gifts and Entertainment
To abide by anti-corruption laws and regulations, PGS will generally collect the names of company representatives that have provided, or received gifts and entertainment from PGS.
6. Applicants for Sponsorships
When individuals apply for sponsorship they submit their information in an application form, provide details of their proposal and an outline of the potential cost. Those who are awarded grants are asked to provide progress reports and expenses. Any Personal Data that is provided in the application and during sponsorship are used only for the purpose of reviewing the sponsorship and the ongoing administration and management of any sponsorship awarded. We may also publish information about projects on our own website, including the amounts of the sponsorship awarded and the recipient of the grant.
7. Reporters of Compliance Hotline Cases
Individuals taking contact via the PGS hotline may choose to do it anonymously. If you wish to be identified, we will store your contact information together with the hotline report.
8. People who Email Us
We use Transport Layer Security (TLS) to encrypt and protect our office email traffic. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
9. Visitors to our Offices
Visitors to PGS are required to log their presence for security and administration reasons. We collect name, company name, telephone, and, when a parking permit is needed, your vehicle registration number. For those offices where an online system is in place, this information is anonymized after your visit unless you have requested that the system should store your details.
*** Special measures for visitors to our Offices during the COVID-19 outbreak***
If you visit our offices or plan to visit our offices, you will be asked to provide some additional information about the countries you have visited in the preceding 14 days and whether you have had any contact with a person who may be infected with COVID-19. This is a temporary measure to help us minimize the risk of spreading this virus. We may require that your visit be rearranged to a later date to minimize such risk.
10. Visitors to our Vessels
Visitors to PGS vessels are required to log their presence for security and administration reasons and we collect name, ID, company name, contact information, and the reason for the visit.
11. Candidates for Recruitment
We collect data necessary to assess the suitability of candidates for employment at PGS, such as personal contact details and ID, previous experience, education, and references. If you are shortlisted, we may further collect interviews, tests, and results of background checks. If PGS makes a final offer, we will also ask for other details needed to administer your employment with us such as bank details and emergency contact details.
12. Potential Divestitures or Acquisitions
PGS may share information as necessary if PGS agrees or negotiates any of the following: (1) the sale of PGS or its assets or (2) the sale of one of our businesses or its assets. PGS may share information with the acquirer and its representatives after the transaction closes or as part of negotiations and due diligence.
Reasons We Share Personal Data
From time to time, PGS enters into agreements with other companies to perform services to us, such as for operation and provision of systems, provision of customer support, hosting of websites, processing transactions or performing statistical analysis of our services. In these cases, we deem it necessary to share information. To the extent Personal Data is transferred to such external companies (acting as data processors), we will implement necessary security measures in accordance with applicable data protection legislation, e.g. by entering into data processor agreements.
Such service providers will only be permitted to obtain Personal Data to the extent necessary in order to provide their services to PGS. We will not disclose your Personal Data to any third party for the purpose of allowing them to market their products or services to you, and neither they nor we will sell or pass them to anyone other than PGS without your prior written permission.
Please note that our website may contain links to other, non-PGS websites. PGS is not responsible for the content of or the privacy practices of such other sites.
Data Security in Processing of Personal Data
We will process your Personal Data in accordance with the requirements set forth in the applicable data privacy laws, including GDPR. Such processing will be done securely and we will apply and maintain appropriate technical and organizational measures to protect your Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
Duration of the Processing
Personal Data is never retained for a longer period than is necessary for the purposes for which it was collected. We will either permanently anonymize it or in a secure manner delete Personal Data that we no longer need or are under an obligation to retain.
Your Rights in Relation to your Personal Data
All Data Subjects in the EU/EEA whose Personal Data is processed by PGS within the scope of the GDPR and transferred to a PGS group company outside of the EU/EEA have the following rights:
- Withdraw consent: you have a right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please contact us via e-mail (email@example.com). If PGS’ processing is based on your consent, you are entitled to at any time withdraw this consent. However, please note that if we are not provided with your consent to process your Personal Data we may not be able to deliver our services to you or receive services from you.
- Access and information: to be granted access to your Personal Data and without undue delay receive (and as a general rule no later than one (1) month from PGS’ receipt of the request) in writing any information relating to your Personal Data in a concise, transparent, intelligible and easily accessible manner
- Rectification and restriction: to require without undue delay the rectification of any inaccurate Personal Data or complete incomplete Personal Data and restrict such data’s usage
- Erasure: to require erasure without undue delay of Personal Data that is no longer necessary to process in relation to the purposes for which they were collected or processed or where the consent is withdrawn
- Portability: to receive your Personal Data in a structured, commonly used and machine-readable format and have the right to transfer this to another controller without hindrance from PGS
- Complain: to lodge a complaint with a competent supervisory authority (in Norway: Datatilsynet)
To help us keep your Personal Data updated, we advise you to inform us of any changes or discrepancies. To view and/or edit your Personal Data, or if you want information on how long we intend to retain your Personal Data or have any other questions about your right of access and how to use it, please contact the PGS Global Data Protection Officer.
Personal Data Transfers Out of the EU/EEA
In order for PGS to be able to transfer Personal Data outside of the EU/EEA-area, PGS has adopted a set of Binding Corporate Rules (“BCR”) as incorporated in the PGS Data Protection Policy. The BCR and the PGS Data Protection Policy includes a set of legally binding Processing rules which grants rights to certain Data Subjects.
PGS has also implemented standard data protection clauses adopted by the EU Commission, cf. GDPR Art 93(2) by entering into an intercompany agreement governing transfers outside of the EU/EEA-area within PGS Group.
The BCR, the intercompany agreement, and the PGS Data Protection Manual comprise our mechanism to protect the privacy of Data Subjects, while at the same time facilitating international global transfers of Personal Data to the PGS entities outside of the EU/EEA-area. Additional information on the BCR and the PGS Data Protection Procedure can be found at www.pgs.com/bcr.
Choice of Law and Legal Venue
Any dispute arising from your use of this website and/or our processing of your Personal Data shall be governed by and construed in accordance with the laws of Norway, and with the exclusive jurisdiction of the Oslo District Court.
Modification of our Privacy Statement
This Privacy Statement was last updated on 29 May 2020. We reserve the right to modify the Privacy Statement from time to time and encourage you to familiarize yourself with the content of the Privacy Statement on a regular basis.