Skip to contentSkip to footer

Privacy policy

The Yuki (hereinafter Visma) Privacy Statement helps you understand what personal data we collect and why we collect it, how we handle your personal data and how we protect, store, export and delete it.

Personal data is data that can identify you as a person, such as an email address, home address or telephone number, etc.

What personal data we process

The types of personal data that Visma processes in relation to you may include the following:

  • Basic personal information such as name, address, phone number, email address and demographic information
  • User and web traffic-related information such as login details, username and IP address
  • Financial information such as information related to invoices
  • Content you uploaded or provided such as photos, comments, articles and videos
  • Information provided in job applications

For the purposes set out in the "Why we process personal data" section, Visma does not process sensitive personal data about you.

How is personal data collected?

Generally, Visma collects personal data directly from you or from other individuals associated with our Customer. If the Customer you work for purchases Visma products or services from a Visma partner company, we may collect information about you through that partner company.

When you use Visma websites and interact with us via email, we also use cookies and other tracking technologies to optimise your experience of Visma and our sites. Please see our cookie policy for more information.

In some cases, we may also collect information about you from other sources. These sources may include third-party data aggregators, Visma's marketing partners, public sources or third-party social networks.

Why we process personal data

This Visma Privacy Statement applies when Visma and its affiliated companies (Visma) process your personal data for various purposes when you interact with us, such as:

Procurement and delivery

  • Facilitating customer orders, agreements, payments
  • Offering services directly to you such as e-learning, webinars and reports etc.
  • Providing Customers with quotes for products and services upon request
  • Creation and facilitation of accounts for users of our services

Support and improvement

  • Improve and (further) develop the quality, functionality and user experience of our products, services and Visma's Sites
  • Providing customer support for our products and services
  • Operating user communities for training purposes and enabling interaction between users and Visma

Security

  • Detecting, fixing and preventing security threats and misuse, performing maintenance and debugging

Marketing

  • Managing marketing preferences and directing marketing content
  • Creating interest profiles to promote relevant products and services (profiling)

Information regarding how personal data is processed in one of our many services can be found in the relevant processor agreement for that service. In such cases, Visma acts as a data processor and processes the data on behalf of and in accordance with the Customer's instructions. For more information on this, please contact the customer service for that specific service.

Legal basis for processing your personal data

We process data on various legal bases.

Agreement with you

We process your personal data on the basis of a legally binding contract with you. This will usually be the case when you apply for a vacancy with Visma. Processing your personal data such as a CV, job application and references is necessary for Visma to process job seekers' applications before contacting them.

Your consent

Visma may process your personal data on the basis of consent. We will ask for your consent to, for example, send you marketing emails in accordance with marketing legislation. Once you have given your consent, you can withdraw it at any time.

Legitimate interest

Visma has a legitimate interest when we process your data for marketing, security, support and improvement purposes, or when you act as a contact/lead for our existing and potential customers, including in customer service. Your personal data is processed from a business perspective in a way that we believe does not violate your privacy rights or freedoms.

In addition, Visma processes data based on a legitimate interest when you register for a webinar, download reports or other content from our web pages and use our Visma communities. The legitimate interest consists in being able to provide you with correct content, hold webinars, conduct marketing activities and administer your requests (see section below relating to marketing).

How will your personal data be shared?

Within the Visma Group

Because Visma consists of many different subsidiaries, it is important to us that we can provide you with the best possible integrated experience. To maintain overview and insight, Visma may share your personal data with other companies in the Visma Group.

Outside the Visma Group

Visma may also share your personal data with external parties in the following contexts:

Visma User Communities

When you post, comment or the like on Visma's User Communities or other forums on Visma Sites, such information may be read and used by anyone with access to such forums. Visma is not responsible for any information you post on such forums or Visma Sites.

Business partners

Visma may share your personal data with our partners when justified from a business perspective and in compliance with applicable privacy laws.

Government authorities

Police and other authorities may request access to Visma's personal information. In such cases, Visma will only make the data available if there is a court order or similar order to do so.

When do we use processors?

To process personal data, Visma uses processors. These processors are typically vendors of cloud services or other IT hosting services.

When processors are used, Visma will enter into a processor agreement to safeguard your privacy rights. If processors are located outside the EU, Visma will ensure for your benefit that legal bases exist for such international transfers, including through the use of the EU Model Clauses.

For information on the sub-processors we use to provide you with a Visma service, please visit our Visma Trust Centre.

You can always request a list of and further information about Visma's processors, including documentation of legal bases for the aforementioned international transfers. Please see the last section of this statement for how to contact Visma.

How long your data is kept

Visma will not retain your personal data for longer than necessary for the performance of our contractual obligations. Where we process your personal data on another legal basis, such as a legitimate interest, such data will be kept for as long as necessary to fulfil the purpose of the processing.

Therefore, your personal data may be subject to various types of retention policies, depending on the type of data and the purpose of its collection. Here are some examples:

When recruiting staff, Visma will destroy your personal information such as a CV, job application and other documents when the recruitment process is complete, typically no later than 6 months after the application submission deadline, unless otherwise agreed with you.

Another example is contact information stored for marketing purposes, including potential customers or interested parties. Such personal data will be destroyed no later than 36 months after the last recorded activity.

For further information on deletion, please contact Visma (see contact information in the last section of this statement).

What your rights are

Basic rights


You have the right to access your personal data by submitting a request for an overview of the personal data we process about you and you may have the right to data portability (data portability). You also have the right to request Visma to rectify inaccuracies in your personal data. If you have an account with Visma for a Visma Site, you can usually do so through the relevant "your account" or "your profile" section on the applicable Visma Site or service.

In addition, in accordance with this Privacy Policy or other terms specific to a service, you have the right to request deletion of your personal data or the restriction of processing and to object to our processing of your personal data.

Please use [email protected] to make requests as mentioned in this section, or address your request to Visma's specific company as indicated below.

Finally, you also have the right to lodge a complaint regarding our processing of your personal data with data protection authorities.

Right to unsubscribe from marketing communications

When you interact with Visma, for example by visiting Visma web pages, downloading content, attending webinars, or as part of using Visma's services, Visma will process your personal data on the basis of a legitimate interest. The purpose is to provide you with relevant marketing content related to Visma's services.

Visma provides relevant preference-based content to you through direct marketing on social media platforms, web pages or in a Visma service. The personal data processed is aggregated data about you, such as IP address, interests (what you clicked on, etc.), username and device. This is done using technologies such as cookies and is called profiling.

Visma uses email for marketing purposes in accordance with national marketing legislation, but only where you have given your consent. If you have given consent, you will always have the option to opt-out as described below, or when you receive an e-mail containing marketing.

You have the right to unsubscribe from receiving marketing communications from Visma and can do so by:

(a) following the unsubscribe instructions in the relevant marketing communication, or

(b) changing your preferences in the relevant "update account" section, if you have an account with Visma, or

(c) contact us by sending an email to [email protected]

(d) by using the applicable subscription management tool

You also have the option to opt-in or opt-out of cookies on a particular webpage at any time through our cookie notification.

Please note that even if you opt out of receiving marketing communications, you may still receive administrative communications from Visma, such as order confirmations and necessary notifications to manage your account or services provided to Customers.

Changes

We encourage you to review this Statement regularly. If we make significant changes to our Statement that materially alter our privacy practices, we may also notify you by other means, such as by sending an email or posting an announcement on our corporate website and/or social media pages before the changes take effect.

The Privacy Statement is reviewed at least once a year and changes are approved by Visma's Privacy Council. Last updated on: 2021-01-26.

How to contact us

Visma is a European company, with cross-border legal entities, business processes, management structures and technical systems. Visma provides software and services to private and public companies in Europe. Visma's head office is located in Oslo.

All major decisions relating to privacy at Visma are taken at company level by Visma's Data Protection Board, under the supervision and chairmanship of the Data Protection Officer (DPO). The data controller for your personal data is

Visma Group and its subsidiaries
Head office: Karenslyst allé 56, 0277 Oslo, Norway.
Telephone number: +47 46 40 40 00

We value your opinion. If you have comments or questions about our Privacy Statement or concerns about your privacy or a possible breach of your privacy, please send them to [email protected]

We will treat your requests or complaints confidentially. Our representative will contact you to address your concerns and set out options for resolving them. We are committed to ensuring that complaints are resolved in a timely and appropriate manner.