Crossborder AS
This privacy statement was last modified May 2021

1. We care about your privacy.

Crossborder is a Norwegian company specialized on global mobility and expatriate solutions. We support companies with tools and knowledge needed to handle their expats more secure and efficient. We equip employees with tools and knowledge needed to make them succeed privately and professionally in a foreign country. Our digital interaction portal connects Employers, Employees & Family, and Suppliers, by purpose of handling all data and services in one place. Our digital portal solution is at the very core of our business concept. Unfortunately, it is not possible to fulfill our business concept without accessing and processing your personal information. You can be confident that we respect and safeguard your personal information in a professional and secure manner. We take your privacy seriously, and use the information we collect, store and process about you in accordance with our privacy policy.

2. What is a privacy statement?

This privacy statement provides details on the information we collect about you from our website www.crossborder.international, when you are using our portal www.crossborder.global, or as a private or corporate client. The statement also contains general information about how we process your personal information in our online portal solutions and advisory services.

3. Why should you read the privacy statement?

The purpose of this privacy statement is to inform you of your rights, as well as our policies and procedures for processing the privacy information we receive and collect from you. We strongly advise you to read the declaration carefully to consume and understand how we collect, use, protect or otherwise process your personal information.

4. What are the types of personal information?

There are 2 main types of personal information:

- Personal information

Personal information is information and assessments that could be linked to you and identify you as an individual. This could be your full name, address, telephone number, personal ID number, place of residence, e-mail address, marital status, communication (e.g. dynamic IP address) or technical information.

- Sensitive personal information

Sensitive personal information is personal information revealing racial or ethnic background, political, philosophical or religious belief, if a person has been suspected, charged, indicted or convicted of a criminal offense, health details, sexual relations, trade union memberships,  genetic and biometric information.

​5. Where do I find the rules and regulations about treatment of personal data?

The protection of personal information is an important part of your privacy. In Norway, digital processing of personal data is protected under the Personal Data Processing Act (Lov om behandling av personopplysninger - Personopplysningsloven), which took effect on January 1st, 2001. The Personal Data Processing Act imposes stricter requirements on processing of sensitive personal data. On July 20th, 2018, the General Data Protection Regulation (GDPR) took effect in Norway. This privacy regulation mainly continues the current regulations for the processing of personal data, and introduces several new obligations for us and rights for you.

More detailed information about personal information can be found on Datatilsynet’s website, www.datatilsynet.no.

​6. Who do we process personal data on?

We process personal information on...:

  • Users of our website and portal solutions
  • Visitors to our website
  • Subscribers to our newsletters
  • Contact persons at corporate customers
  • Contact persons at our suppliers and partners
  • Contact forms and related inquiries 
  • Client initiated contacts
  • Individual customers / subscribers
  • Potential customers
  • Job applicants
  • Our own employees

You can read more about how we process this type of personal information below.

7. What information do we process about you?

We process various types of information about you when you visit our website, use our portal solutions, contact us or establish a customer relationship with us:

  • Personal information (e.g., name, date of birth, gender, citizenship, passport number)
  • Family Relations (e.g., spouse / cohabitant / unmarried / children)
  • Residential address
  • E-mail address
  • Phone number
  • General work history (e.g., position, number of years abroad, previous job rotations / locations and similar data related to work history
  • Employment data (e.g salary details in home and host country, employment contract details, assignment start and assignment end, and similar data related to employment.
  • Employer data and relations (e.g home and host company address, contact persons, organization number and similar data related to employer.
  • Reward data (e.g home and host remunerations, net/gross/salary, salary split, and exchange rates, allowances, total cash, total remunerations and similar data related to reward  
  • Benefits (e.g school, car, housing, utilities, home trips and similar data related to benefits).
  • Taxation (e.g tax on personal and family benefits, personal tax liabilities on home and host country reward and remunerations, taxation on personal and family Compensation and Benefits in general)
  • Pension and insurance schemes
  • Payment information (e.g., payment history, bank account and similar transactional data related to payment information
  • Your Crossborder website / portal search/ browser history and contact with us
  • Application letters, CV / resume, references and certifications
  • Case information necessary to solve the client case (e.g employment history, reward history, taxation history, assignment history, death, illness or disability related to insurance claims or compliance, and similar case information) 

As a general rule, we do not process sensitive personal information (health information, etc.) about you, neither in our online portal solutions nor through correspondence or inquiry with our advisors. . If it is relevant or necessary to obtain sensitive personal information in order to fulfill the purpose of the processing, we will obtain your written consent. In such cases, we have prepared a separate procedure for declaring consent. Sensitive personal information is not stored with us or third parties under any circumstances.

​8. Where do we collect your personal information?

In general, we collect your personal information directly from you upon request and consent from you. If your current employer has a separate company agreement with us, we may also collect information about your pension and insurance schemes, employment contract details, rewards, compensations and benefits, and tax information, and any other information relevant to the posting abroad, from the employer and / or its 3rd party suppliers. In some cases, the employer may also ask us to contact you directly.

We also use cookies when you use our website or our portal to optimize your experience of our website and portal solutions. For further information on how these cookies work and your rights in this context, read our cookie policy. Our web pages and web portals will be able to combine information about you from one data source with data obtained from another source, in order to give us a more complete picture, so we can advise you and the employer in the best possible way.

​9. How do we use your personal information ?

We use your personal information for the following purposes:

  • Establishing customer relationships
  • Case management
  • Testing, evaluation and further development / improvements of our IT systems and services
  • Customer administration, including payment, invoicing and similar obligations according to accounting regulations
  • Personalized marketing (e.g., e-mail and SMS, Google’s Customer Match and other social media marketing, newsletters, course invitations and other information).
  • Recruitment / hiring
  • Suppliers and partners
  • Documentation, customer control and reporting required by law
  • For specific purposes once you have given your consent
  • Securing Compliance across country borders related to immigration, national insurance plans, medical care insurance, taxation etc. 
  • Securing full overview on pension, insurance and social security coverage, taxation services, and compensations & benefits entitlements 
  • Calculating different cost scenarios like cost to company and cost of assignments
  • Regular reporting, documentation, and client control activities pursuant to the relevant laws and regulation  

10. How do we protect your personal information?

We protect your personal information through the following necessary technical and organizational measures:

  • Login and secure storage in our web portal 
  • Continuous monitoring, evaluation and testing of our IT security measures
  • All our employees have a duty of confidentiality about client relations . This means that customer information cannot be shared or disclosed to others without your consent
  • Our employees have no access to your personal data inside our portal solutions.
  • Our employees only have access to information about you if it is necessary to manage the portal membership for you and your employer
  • Inquiries from our clients and portal members can be done through the webpage contact form or after portal log-in without involving emails.  
  • Any storage of personal data is only performed to the extend of this being strictly necessary.
  • Any stored personal data will be deleted as soon as the purpose of using the personal data is completed unless it is required of us to further store your personal data pursuant to the relevant laws and regulations.
  • Your personal data could be further processed for other purposes pursuant to your consent or pursuant to any legitimate base for such further processing.
  • Personal data we process based on your consent should be deleted pursuant to your formal withdrawal of such consent.

11. Who do we share your personal information with?

When we process your personal information, you can be assured that your personal informations is handled confidential. Sometimes we have to share your personal data with other outside parties (“third parties”). We work with such third parties to manage your use of the website, our portal solutions, or your customer subscription, and to secure our continuous operations that enables us to  offer you our services. For example, personal information may be shared with providers of our portal and our payment service providers, who in turn may share relevant information with their subcontractors. In such cases, we enter into agreements with the suppliers to ensure that the processing of the information is in accordance with our requirements / instructions and current privacy rules.

In some cases, it will be necessary to disclose your personal information to suppliers with operations located in countries outside the EU / EEA. Even in such cases, we make sure that your privacy and your registered rights are well protected. Disclosure of your personal data therefore takes place in such cases only where we consider the place and the recipient to be satisfactory in accordance with the privacy regulations, or the transfer takes place in accordance with the European Commission's standard contracts that regulate such transfers in accordance with the privacy regulations. Your consent to this privacy statement constitutes your consent to this transfer.

It may also be relevant to disclose personal information to public authorities in accordance with laws or regulations.

12. What personal information do we store?

We do not store your personal data for a longer period than what is deemed necessary to fulfil the purpose of collecting and processing your personal data. Storage of your personal data will happen just if this is necessary and serves a specific purpose as when:

  • You are a portal client, and your subscription level includes storage of your personal data.
  • You are a portal client, and your subscription level includes storage of your personal documents.
  • Your employer is a portal client, and the employer subscription includes interaction with you on collection and secure storage of your personal data and documents.
  • You book additional products and services through our portal.

We will delete your personal data if:

  • You recall your consent, pursuant to the cases where your consent was a prerequisite for storage of your personal data
  • The purpose of the agreement is fulfilled.
  • Laws and regulations dictate us to delete your personal data

When we process your personal information, you have the right to the following:

- Information

You are entitled to information about what personal information we process about you and how we process it.

- Insight

You have the right to access which personal information we have registered about you with us.

- Correction or deletion

You have the right to correct incorrect, incomplete or inaccurate personal information we have about you. You also have the right to delete or restrict your personal information. We do delete personal data if there are no legal requirements (e.g. legal documentation requirements) to consider against deletion.

- Withdrawal of consent

You have the right to withdraw your consent to the processing of your personal data. You can do this at any time during the case processing.

- Objection

You have the right to object to us using your information for direct marketing, including profiling for use in direct marketing.

- Data portability

In some cases, you may have the right to have your personal information disclosed in a machine-readable format, or we may transfer this directly to another third party following your instructions if technically possible.

- Complaint to the supervisory authority

If you believe that we do not process your personal data in accordance with our requirements and the privacy regulations, you have the right to complain to Datatilsynet (see further section 15 below). Please note that part of your rights regarding the processing of personal data falls under other legislation, such as “Markedsføringsloven”, “Bokføringsloven” and “Regnskapsloven”. More information about the requirements for our processing of your personal information and your rights can be found on Datatilsynet’s website, www.datatilsynet.no.

​14. Can we change the privacy statement?

As we review, evaluate and improve our services from time to time, it may also be necessary to update this privacy statement. Such an updated privacy statement will always be easily accessible on our website. In the event of significant changes, we will notify you on our web portal.

15. Who can you contact?

If you have questions about our treatment of personal information or want to make a complain about our treatment, you can contact us at:
E-mail: mail@crossborder.global
Postal address: Crossborder, ASVollsveien, 211366, Lysaker, NORWAY.

We will reply to you as soon as possible and preferably within 30 days. If we are late with the answer, you will receive a preliminary message about when you can expect a final answer. To protect us from false requests for access, we may require you to identify yourself in order to confirm the necessary authorization.

If you are still not satisfied with our privacy services or with our processing of personal data, you can contact the Norwegian Data Protection Authority - Datatilsynet - at any time. Information about this can be found on Datatilsynet's website, www.datatilsynet.no.