Privacy Statement

B2Holding ASA is committed to protecting the privacy of personal data, as well as to the rights and freedoms of data subjects, according to the European General Data Protection Regulation (GDPR) and other applicable rules. The core principles of personal data processing: lawfulness, transparency, confidentiality underlie our business activities.


  • processes personal data in a secure manner and only on a valid legal basis,
  • keeps the data up-to-date and removes or corrects the inaccurate ones,
  • enables you to manage your consents and marketing choices at any time.

This webpage Privacy Policy –, describes:

  • how B2Holding ASA collects, processes, stores, and protects the personal data, and
  • how to execute data subject rights regarding processed information.

Personal Data Processing

The data controller

B2Holding ASA
PO Box 1726 Vika
0121 Oslo

Contact details for privacy matters

B2Holding ASA
Stortingsgaten 22, 7th floor, Oslo

Legal basis and purpose of personal data processing

The processing of personal data on the webpage is based on the consent given by the data subject, according to GDPR art. 6(1)a. Additionally, it is also based on legitimate interests to allow the web page to work correctly and enable information exchange with parties interested or potentially interested in the B2Holding’s services, according to GDPR art. 6(1)f.

Categories of data subjects

The category of personal data processed consists of information required for business communication and cooperation, like:

  • user’s unique advertising identifier,
  • IP address,
  • location,
  • online activity.

Personal data sources

Personal data are collected directly from data subjects during the webpage browsing and given consent for cookie files.

Recipients of personal data

The processed data can be transferred to the service providers to process personal data on behalf of the B2Holding ASA. In such cases, the B2Holding is responsible for ensuring the lawfulness of the processing. The data can also be transferred to other controllers on the basis of a legal obligation or the legitimate interest of B2Holding.

The categories of providers and potential providers used by B2Holding ASA:

  • IT services providers,
  • webpage providers,
  • government authorities.

Transfer of data outside the EU or EEA

During the processing, personal data could be transferred outside the European Economic Area (EEA) to the third countries, which are not subject to the European Commission adequacy decision. Additionally, under certain conditions, processors, acting on behalf of B2Holding may transfer personal data outside the EEA, as well. In such cases, the personal data will be transferred in compliance with the General Data Protection Regulation articles 46, 47, or 49(1), especially, Standard Contractual Clauses with further security measures applied. The information about the transfers can be obtained through contact on the e-mail

Retention of personal data

The personal data will be processed:

  • as long as applied cookie files process the data, not longer than two years,
  • until the consent for the processing is not withdrawn, which can be done at any time, without affecting the lawfulness of processing based on consent before its withdrawal,
  • for the time necessary for the establishment and management of a business relation,
  • as long as required by the law, and
  • to secure the legitimate interest of B2Holding.


B2Holding does not carry out profiling and does not apply automated decision-making for the purposes presented in the information notice.

Data Subjects Rights

Each data subject has the right to request from the controller:

  • the information about processed personal data,
  • the access to personal data stored,
  • the rectification of personal data,
  • the restriction of personal data processing until, for example, the controller has verified the accuracy of the data,
  • the object to direct marketing,
  • the erasure of personal data,
  • the right to data portability.

Each data subjects have the right to file a complaint to the Norwegian Data Protection Authority (Datatilsynet) in case of issues related to the processing of their data.