Varinnom logo

Privacy policy -

The data controller

Hastek AS is the data controller of the information that is collected on this webpage. We are, however, not the data controller of information that is collected through check-ins at Varinnom locations. Hastek AS can be reached at

Hastek AS collects and uses data to provide the service Varinnom.

This privacy policy is a translation. Should there be any conflict between this document and the Norwegian privacy policy, the Norwegian privacy policy is to be considered authoritative.

Why we process your data

The personal data we gather is necessary for the provision of the service Varinnom to the company with which you are associated. Hastek AS will not be able to provide Varinnom to a company for which we do not have the necessary personal data for at least one contact person and Varinnom administrator.

We may process your contact information for marketing purposes when we have conducted purpose, necessity, and balance tests and concluded that doing so is within our legitimate interest.

What we collect

If you request access to Varinnom on behalf of a company, we collect your name and your telephone number from Vipps. We also collect the e-mail-addresses provided by you in the signup form.

If you are named an administrator of a company’s Varinnom account, we collect your phone number from the person who names you an administrator. When you log in the first time, we collect your name from Vipps.

Retention of your personal data

We retain your personal data for as long as you are a Varinnom administrator or contact person for a company that uses Varinnom. we retain your personal data for two years once the company’s Varinnom contract is no longer in effect.

Data processors

We use the service Microsoft Azure to store the data we collect. They are stored in Norway and will not be transferred to third countries outside the EEA.

We make no automatic decisions about, or based on, your personal data.


The only cookies you will encounter at Varinnom are cookies we use to keep the you logged into the administration portal during a session.

Your rights

Under certain circumstances, you have the following data protection rights:

  • The right of access;
  • The right to rectification;
  • The right to erasure;
  • The right to restrict processing;
  • The right to data portability; and
  • The right to object.

Please be aware that we may ask you to confirm your identity before responding to inquiries.
You have a right to complain to Datatilsynet about our collection and use of your personal data. For more information, please contact Datatilsynet.