This document outlines the purpose, types, and legal basis for Caretarge to process personal information. Caretarge operates in compliance with GDPR and Hong Kong privacy laws.

Establishing customer relationships: Caretarge registers necessary customer contact information in its CRM system based on balancing the interests of business customers.

IT Homework and Security: Based on legitimate interests and legal obligations, personal data stored in IT systems can be accessed for maintenance and security purposes.

Marketing: Based on legitimate rights or consent, send electronic newsletters to customers and interested parties, and provide the option to unsubscribe. Marketing to existing customers complies with Norwegian marketing laws.

Share personal information: Caretarge Suppliers can only access personal information when necessary to fulfill service agreements and Caretarge instructions.

Storage of personal data: The storage period for personal data is 10 years or as necessary, and accounting laws must be followed.

Individual rights: Individuals have the right to withdraw their consent, request a deeper understanding of their data, request correction or deletion, and file a complaint with the Norwegian Data Protection Authority.