Privacy Policy


This statement is effective from 01.11.22.

This privacy statement explains how

  • 4human HRM AS (org. no. 897 757 222)
  • 4human TQM AS (org.nr. 984 036 736)
  • 4human QM365 AS (org. no. 989 298 291)

from now on referred to as 4human, we or us, mainly process personal data relating to your role as a:

  • contact person: customer/supplier/partner
  • jobseeker
  • former employee
  • visitor to 4Human’s websites
  • recipient of marketing material
  • participant in a course or user forum
  • registered user in one of our cloud services

4Human works continuously with privacy and this privacy statement may change when we deem it necessary, this includes adaptation to privacy legislation.

The statement is written in accordance with the Personal Data Act of 15 June 2018.

Conceptual explanations

Processing of personal data – any collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation use, disclosure by transmission, dissemination or any other form of disclosure, compilation or interconnection, restriction, deletion, or destruction of personal data.

Data controller– 4human is the data controller for all processing of personal data where it is our decision to collect and use personal data.  4human decides what tools shall be used to collect personal data and, therefore, is responsible for the processing of personal data.

Data processor – will process personal data on our behalf. The data processor may only use the personal data that they process on our behalf for our specific use.

Personal data – is direct or indirect information about a person that allows the identification of that person, such as name, email address, behavioral pattern, or IP address.

Data subject – is the person whose personal data has been collected.

Contact person: customer/supplier or partner

we collect the following personal contact data:

  • name
  • telephone number
  • email
  • role

This is as part of the administration of the contractual relationship between us and the customer / supplier or partner. We have either received the information about you as a contact person from yourself or from your employer. We delete your personal contact data from our systems when we are notified by our customers/suppliers or partners that you no longer hold your position. There will be exceptions to this such as in our accounting system, where your contact information will be held on already existing invoices or in e-mail correspondence about the customer relationship.

According to the Marketing Control Act, we may market to our existing customers about our own goods and services. You as the customer’s contact person can decline this.  You cannot opt out of operating messages or other messages from us that are necessary to maintain the service agreement we have with you or the business for which you are the contact person.

Job seekers

We process personal data about job applicants to assess whether you are suitable for the job you have applied for. We also process information about you for the purpose of entering into an employment contract with you. Most of the personal data we process about you will be information that you provide to us. When checking references, your references may provide us with new personal information about you. We may use public sources such as the internet and social media if we believe they will be relevant to the recruitment process. In that case, you will have the opportunity to correct any incorrect information.

We delete information about job applicants who do not get the job after the hiring process is over. We ask for your consent if we want to keep your data for a longer period.

Former employees

After termination of employment, 4human is required by law to retain some of your personal data. It will also be necessary to keep personal data about former employees for the sake of pensions and any occupational injury cases. Upon termination of employment, we will review the personal data we have about you and delete the data we no longer have a reason to keep.

It will be natural for us to store personal data about former employees, such as name, position, work area and the duration of the employment throughout 4human lifetime. This is based on the fact that you are part of our company’s history.

Visitors to 4human’s websites

When you visit 4humans websites, we collect data about you through cookies. We collect data relating to the equipment you use to visit our website, your IP address and how you move around on our websites. We collect this information so that we, in return, can provide you with the best possible user experience while visiting us. The legal basis we use to collect this information is our legitimate interest in developing our websites so that we can provide you with the best possible user experience. Click here to read more about cookies and how you can manage their use.

Recipients of marketing material

4Human may send marketing material (newsletters) to potential customers when we have received your consent to do so.  We must be able to document this consent, and you can withdraw this consent at any time.

Participants in a course or user forum

For those who wish to attend our free courses, we collect the following personal data:

  • name
  • email
  • telephone number
  • position
  • business affiliation

We keep this information as part of a contract between you and us. We have given you a free course in return for keeping your contact information.   If we have no contact with you for the next 12 months after the free course, the data will be deleted on our systems if you have not agreed to receive newsletters or other marketing material.

If you are a paying participant on courses or user forums, we will ask for the same contact information as above.  This information about you will remain on our accounting system on the participation invoices. Here, the Bookkeeping Act will determine when personal data about you will be deleted.

Registered in one of our cloud services

As a cloud service provider, we make our programs available to our customers. In these cases, we are a data processor, and it will then be the company that you are associated with whose privacy statement that will apply to you.  Our customer (the business you are affiliated with) is the data controller and we at 4human are a supplier to the business in question.  If you want more information about how your personal data is processed in our cloud services, you must contact the person responsible for our systems in your company.

Information security

4human protects your personal data with technical and organizational security measures. 4human uses ISO27001 as a framework for information security and 4human HRM and 4human TQM are certified according to ISO27001- information security management system, ISO27018- information security for personal data in cloud services and ISO27701- privacy information management system for processing personal data both as data controller and data processor.

Your rights as a data subject

  • You always have the right to request that incorrect information about you be corrected
  • You always have the right to request access to what information we hold about you (applies to job applicants and former employees). For all other data subjects, this statement states what we have registered about you
  • You always have the right to request that information about you be deleted, but as this statement shows, we cannot always comply with this request

You as a data subject can exercise your rights regarding 4humans processing of personal data by sending an e-mail to: [email protected]  You are entitled to a response without undue delay, and no later than 30 days.

If you have questions about the privacy statement or your rights, you can also contact our data protection officer, Marit Buset, directly by e-mail: [email protected]@4human.no

Contact details

If you believe we have not complied with your rights under the Personal Data Act or have otherwise violated your privacy, please contact us at [email protected]

You also have the right to submit a complaint directly to the Norwegian Data Protection Authority. The contact information is available at www.datatilsynet.no