This Data Privacy Policy provides an overview of our data processes and explains how Kommando collects and uses personal data.

Purpose

This Privacy Policy (“Policy”) explains how Kommando (“Kommando”, “us,” “our,” or “we”) collects, uses, discloses, and protects personal information submitted via our website, contact forms, email, or phone.

Kommando consists of:

• Kommando AS – Parent company located in Norway
• Kommando AB – Subsidiary company located in Sweden

The Policy outlines how we collect, process, store, and share personal data, which includes any information that can identify an individual directly or indirectly (e.g., name, contact info).

Application

As a company processing personal data about European citizens, Kommando complies with the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679).

Why we may use personal data

We may use your personal data for purposes including:

• Delivering website features (based on consent or legitimate interest)
• Administering seminar participation (based on consent)
• Regulatory compliance (legal obligation)
• Delivering services to customers (contract)
• Operating, evaluating, and improving our organization (contract)
• Other purposes you authorize when submitting data (consent)

Types of personal data collected

When you visit our website

• IP address
• Web browser type
• Language preferences

When you register for a seminar

• Full name
• Contact information (email and phone number)
• Company affiliation
• Title
• Food allergies (for events with catering)
• Feedback survey data (anonymized)

When you are a customer

• Full name
• Contact information (email and phone number)
• Company affiliation
• Title
• Minutes of meetings
• Other authorized data as requested

How Kommando processes personal data

Kommando protects your personal data from loss, misuse, unauthorized access, disclosure, modification, and destruction using industry best practices and GDPR-compliant measures.

We ensure that all third-party processors have data processing agreements and only use data as specified in this Policy.

Personal data is not retained longer than necessary for its intended purpose or to fulfill legal obligations.

Where does Kommando process personal data

Data is stored and processed within the EU/EEA. If personal data must be accessed outside the EU/EEA (e.g., by service providers), Kommando ensures protective measures such as data transfer agreements are in place to meet or exceed GDPR requirements.

Exercising your Privacy Rights

Under GDPR, you have the right to:

Right to access personal data

You can request a register extract of the personal data we have collected about you.

Right to rectification

You can correct incomplete or inaccurate data or update missing information.

Right to erasure (“right to be forgotten”)

You may request deletion of your personal data if:

• The data is no longer needed for its original purpose
• You withdraw your consent
• The data was processed unlawfully

Right to restrict processing

You may request restricted processing of your personal data in certain situations.

Right to data portability

You may request your personal data in a structured, machine-readable format.

Right to object

You may object to processing based on legitimate interests.

Right to lodge a complaint

If you are unsatisfied with our handling of your data, you may contact the supervisory authority:

• Norway: Datatilsynet
• Sweden: Integritetsskyddsmyndigheten

How can you contact us

If you wish to exercise your rights or contact us regarding your data privacy, email: post@kommando.no (covers Norway and Sweden).

Policy updates

This Privacy Policy may be updated to reflect changes in our practices, services, or technology. The latest version is always available on this page.

Latest update includes:

• Separation of the Cookies Policy into a separate page
• Clarification on data processing with inclusion of Kommando AB

Last updated: 01.07.2025