Privacy Policy

Privacy Statement

Last updated: 19th of December 2025

1. Introduction

When you use our website, receive services from us or are in contact with us for other reasons, we may process personal data about you. Below you will find information about the personal data we collect, why we do this, and your rights related to the processing of the personal data we collect.

Intility will only process your personal data in accordance with specified, explicit and legitimate purposes, or as required by law. Your personal data will be deleted or anonymised when we no longer have a legal basis or purpose for processing it. We will also ensure that your personal data is satisfactorily protected. You will receive information about your privacy rights and assistance in exercising those rights.

Intility AS is the data controller for the personal data we collect about you. If you have any questions or concerns regarding privacy, you can email our Privacy Team at privacy@intility.no or write to us at: Intility AS, Schweigaards gate 39, 0191 Oslo, Norway. Phone: +47 24 10 33 00. Our business register number is 981 967 070.

We may modify or amend this privacy statement from time to time.

2. Our objectives

• Prevent data loss and misuse of personal data
• Secure identity and access control
• Install and maintain robust, available and secure systems and services
• Establish clear roles and responsibilities for information security and privacy
• Ensure knowledge and awareness about privacy in the organization
• Limit the processing of personal data to what is necessary in relation to the purposes for which it is processed

3. Our websites

On www.intility.com, we use cookies. These are small text files that are placed on your computer when you load a website. Some cookies are necessary for various services on our website to function. Whether websites are allowed to store cookies in your browser can be turned on and off in most browsers by using the browser’s security settings. Intility only uses necessary cookies. None of the cookies we use store personal data about you as a visitor. The information we collect is used to improve the content and user experience on our websites.

Intility uses Fathom Analytics to collect information when you visit our website. Fathom Analytics has developed a way to perform website analysis that preserves the anonymity of visitors and protects their privacy. Fathom Analytics does not use any cookies or pixels for the data collection they perform. In short, we load a script from Fathom that runs on our pages and sends a “pageview request” to their servers (which are located in the EU). Read more about how their solution works, and what data they collect here.

We also use Hotjar to map user patterns on our pages. We have disabled a number of features in Hotjar so that the software does not collect personal data such as location and similar information. Hotjar provides us with information about which pages users navigate from and to, which buttons are used the most, how far down visitors scroll on the page, and similar. The data we see is aggregated, and we will never be able to identify who you are based on how you use our website. Hotjar uses cookies for data collection, but they do not store any personal data about you as a visitor. Read more about Hotjar and how they work with privacy here.

4. Processing of personal data in connection with customer relationships in Intility

4.1 Customer services

Intility processes personal data on behalf of our customers. All such processing is necessary to perform the agreement between Intility and the customer. Intility’s processing of this data is regulated by separate data processing agreements between the customer and Intility.

If you are an employee/user of an Intility customer, Intility will receive or collect personal data directly from you or from your employer. The personal data is processed in order for us to fulfil our contractual obligations towards the customer, for example to establish user accounts, ensure access control to systems, provide customer support, give information about security and functionality, and carry out user surveys to improve our services. Your employer is the data controller for the personal data about you. Intility assumes that your employer has the right to disclose the personal data to us.

If you participate in projects organized by Intility, such as onboarding or operational projects, Intility may in some cases process your personal data in the role of data controller. Intility uses its own collaboration and project tool for this purpose. See the section “Participation in customer projects – processing of personal data about third parties” below for a more detailed description of the processing.

4.2. User surveys

Intility sends out user surveys to our customers in order to improve the services we provide under our contracts. We use Questback AS as a third party provider for this purpose. Participation in the surveys is voluntary, and you may choose to remain anonymous. If you respond to a survey, personal data such as your email address, IP address, the company you work for and, in some cases, your name will be stored by Questback AS. The personal data is stored by Questback AS for up to four (4) years (standard contract period) before it is automatically deleted.

4.3. Participation in customer projects – processing of personal data about third parties

If you are involved in a project with or a delivery to a customer of Intility, your contact information, such as name, employer/company, email address, and phone number, will be registered for use in the project/delivery. The information is collected upon request in various planning and collaboration tools used by Intility. This information is necessary for collaboration between involved parties and includes, for example, the preparation of project plans, assignment of tasks, etc. The personal data is deleted when the purpose of the processing is fulfilled, normally 12 months after the project or delivery is completed.

4.4. Intility webshop

When you place an order in our Webshop, we collect your name, phone number, e-mail address and details about your employer (name and business address). This information is necessary to enable us to manage the purchase order, i.e. to send the order to the correct address and to contact you if necessary. If you order a mobile subscription, we will also register your date of birth.

We cooperate with third-party vendors to deliver our Webshop service. I certain situations we may disclose personal data relating to you to a third party that reasonably require access to the data. For instance, a carrier firm will need your name, (business) address, phone number and desired place of delivery in order to deliver the goods to you or your employer. In such a situation, the vendor is also a data controller for the data we disclose.

4.5. Sharing of personal data

If you are a customer or an employee of a customer, we may in some cases share your personal data with others. We use certain sub processors to deliver some of our services. This processing activity is regulated in the relevant data processing agreement between us and our customers.

We also have several business partners for whom we convey services. If, for example, your company wishes to lease equipment and you place the order on behalf of the company, we will share your contact information with the leasing company. In this context, the leasing company has an independent responsibility for the personal data it receives. The same applies to external broadband providers and telecom operators and, for example, courier services.

4.6. Invoice information

When we receive and issue invoices, we process necessary personal data such as name, contact information and payment information. The purpose of this processing is to administer the customer relationship, fulfil contractual payment obligations and comply with applicable legal requirements related to accounting and auditing.

5. Seminars

We collect participants’ email addresses, names and phone numbers in connection with registration for courses and seminars. The information is used to get an overview of who is participating, which industry they come from, what kind of positions they hold, and to compile statistics. We do this to improve the courses and seminars we hold. The information is also used to compile statistics and may be used to contact the respective participants for feedback on the course/seminar and for marketing purposes.

6. When you visit our offices or contact us

When you visit our headquarters in Schweigaards gate 39, Oslo, you must register with your full name and phone number and state the person you are visiting. The registration is confirmed by SMS. The purpose of the processing is to notify the person you are visiting by SMS so that they can receive you. The registration is also one of our physical security measures. We do not retain any personal data in this regard.

As part of increased security in the building, we have installed CCTV at the entrance door, airlock, reception, the façade by the loading bay, the ramp down to the garage and inside the garage at our headquarters. We also use CCTV in our other premises at Kværnerveien 1, Schweigaards gate 42 and Schweigaards gate 46. The installation is carried out in accordance with the Norwegian Data Protection Authority’s guidelines. Recordings are deleted after seven (7) days.

We also process personal data when you contact us via our contact forms or by email.

7. When you apply for a job

Intility uses a dedicated recruitment tool delivered by Teamtailor for processing and managing job applications. A dedicated privacy and cookie policy adapted to the recruitment process must be accepted upon applying.

If you apply as part of a group, for instance in connection with a bachelor’s project, Intility will process personal data of all group members. This includes name, address, phone number and email, which will be collected from CVs, applications and other relevant information from all group members. In some cases, we will also store email correspondence with you if this is relevant. The personal data may be reviewed by staff in Intility AS and/or our subsidiaries who need access to the data in order to assess your group’s application. This will in particular be HR personnel and managers, but may also be other staff.

We store the personal data for as long as necessary to complete the recruitment process. The data stored in the recruitment tool will in any case be deleted within 12 months from the application date. If your group is selected to write a bachelor’s thesis with us, the data will be transferred to Intility’s HR system and processed in accordance with our internal guidelines for the processing of employees’ personal data.

8. Newsletters and invitations

If you subscribe to our newsletters, we depend on your email address. To receive our newsletters, you must therefore register with your name and email address. This information is stored in our systems and will not be shared with others. If you unsubscribe, we will delete the stored addresses. Each newsletter contains information and functionality to terminate the subscription.

9. Intility’s processing of personal data

9.1. Your rights

You have the right to request access, rectification or deletion of the personal data we process about you. You also have the right to ask us to restrict the processing, to object to the processing and to have your personal data transferred to you or to another data controller (data portability). You can read more about these rights on the website of the Norwegian Data Protection Authority.

You can exercise your rights by sending an email to privacy@intility.no. We will prioritise responding to your request as soon as possible.

Remember that you may at any time withdraw your consent to our processing of personal data, where the processing is based on consent. The easiest way to do this is to send an email to privacy@intility.no.

9.2. Protection of your personal data

Intility works continuously with internal control and information security to protect your privacy. This includes, among other things, regularly performing risk assessments of our systems, evaluating existing control activities, mapping processing activities and following up our suppliers. This work is based on recognized frameworks for IT governance and control.

Intility delivers and operates an IT platform with advanced technical and organisational security measures that safeguard your personal data. Our task is to ensure that your personal data is protected against loss, destruction, corruption or unauthorised access. We have a framework for information security that is updated regularly in line with technological developments.

9.3. How long we keep your information

Your personal data will be stored with us as described above, in accordance with specific statutory obligations, or for as long as is necessary to fulfil the purposes of the processing.

9.4. How to exercise your rights

If you believe that we are not processing personal data in accordance with this privacy statement or that we are otherwise in breach of data protection legislation, you may contact us at privacy@intility.no. You also have the right to lodge a complaint with the Norwegian Data Protection Authority. Information on how to contact the Norwegian Data Protection Authority is available on their website: www.datatilsynet.no.

Policy Approval

Andreas Hisdal
Chief Executive Officer
Intility AS