Last Updated

GDPR Statement

At Piql AS, we are committed to protecting the privacy and personal data of our clients, partners, and website visitors in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).

This statement outlines how we uphold your rights and comply with the principles and obligations under GDPR.

Who We Are

Piql AS is a company registered in Norway (Org. No. 984 359 403), headquartered in Drammen. We offer secure, long-term digital and physical data preservation services globally through a trusted partner network.

For the purposes of data protection law:

  • Piql AS acts as a Data Controller when we collect and process personal data for our own business purposes (e.g., for client management or marketing).
  • Piql AS acts as a Data Processor when we process or preserve data on behalf of clients as part of our services.

Our GDPR Commitments

We ensure that all personal data we collect or process is:

  • Lawfully, fairly and transparently processed
  • Collected for specified, explicit and legitimate purposes
  • Adequate, relevant and limited to what is necessary
  • Accurate and kept up to date
  • Stored only as long as necessary
  • Securely processed with appropriate technical and organizational measures

Legal Bases for Processing

We process personal data only when we have a valid legal basis, including:

  • Your consent
  • The performance of a contract
  • Legal obligations
  • Our legitimate interests, where these are not overridden by your rights and freedoms

Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right to access – You can request a copy of the personal data we hold about you.
  • Right to rectification – You can request that we correct any incomplete or inaccurate data.
  • Right to erasure – In certain cases, you may request that we delete your personal data (“right to be forgotten”).
  • Right to restrict processing – You may request that we limit the way we use your data.
  • Right to data portability – You can request that we transfer your data to another organization.
  • Right to object – You can object to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent – Where consent is the basis for processing, you may withdraw it at any time.

To exercise any of these rights, please contact us at:
📧 dpo@piql.com

We will respond to all requests within one month, in accordance with GDPR.

Data Transfers

Where we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Security Measures

We use state-of-the-art encryption, access control, and secure storage technologies to protect personal data from unauthorized access, alteration, disclosure, or destruction.

Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority. In Norway, this is:

Datatilsynet (The Norwegian Data Protection Authority)
https://www.datatilsynet.no/

Contact Us

If you have any questions or concerns about this GDPR Statement or how we process your personal data, please contact:

Data Protection Officer (DPO)
dpo@piql.com