Privacy Notice

As a company processing personal data about European citizens, mnemonic complies to the provisions of the European Union General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR").

This Privacy Notice governs Personal Information mnemonic collect from our customers. It also governs information provided directly by online visitors on our website, as well as information automatically collected from cookies.

In this notice, you will find information about the different activities where mnemonic may process personal data. Personal data in this context means data that relates to an individual and that identifies that individual, either directly or indirectly, such as your name or your contact information.


Roles and scope

mnemonic as (‘’mnemonic’’) is considered the data controller for the processes Marketing (including our website), Recruitment and Security Services. 

However, mnemonic is considered as data processor when delivering Managed Security Services.

For more details on how and why we process personal data for a specific process, see the following notices:



Security services 

For more information, contact our DPO.


Our vendors and service providers

mnemonic uses vendors for some of our processes. For more information on which, who, and why, please click on the specific notices above.


Securing your information

mnemonic has focused on implementing fair information practices that are designed to protect your privacy. mnemonic takes precautions to protect personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. mnemonic has implemented appropriate technical and organizational measures to protect the information systems on which your personal information is stored.  mnemonic require our suppliers and service providers to protect your personal information by contractual means. mnemonic has been ISO/IEC 27001 certified since 2005.


Storing your information and retention period

Your personal data is stored in data centers in Norway. mnemonic will not retain the personal data for a longer period than is necessary to achieve the purpose for which the data was collected.

Information collected from visitors on our website for marketing and recruitment purposes, will be destroyed in accordance with mnemonic's data retention policies for those processes. Please see the specific notices above for more information.


Disclosing your information

mnemonic may disclose your personal information to:

  • Public authorities, if mnemonic is required to do so i.e. by applicable court order or law; or
  • Any recipient, with your consent, such as for employment verification or background check; or
  • Any recipient when reasonably necessary such as in the event of a life-threatening emergency.

For more specific disclosures, please click on the specific activities above. 

In the event mnemonic goes through a business transition, such as a merger, being acquired by another company, or selling a portion of its assets, users' personal information will, in most instances, be part of the assets transferred.


Exercising your privacy rights

According to GDPR, the data subject has the right to: 

i.        obtain from mnemonic confirmation as to whether or not personal data concerning you are being processed, and where that is the case, access to the personal data;

ii.        obtain from mnemonic the rectification of inaccurate personal data concerning you;

iii.        obtain from mnemonic the erasure of your personal data;

iv.        obtain from mnemonic restriction of processing regarding your personal data;

v.        obtain from mnemonic a copy of personal data concerning you, which you actively provided, in a structured, commonly used and machine-readable format and to request from mnemonic that we transmit those data to another recipient selected by you;

vi.        object, on grounds relating to your particular situation, to processing of personal data concerning you;

vii.        withdraw your consent to the processing at any time; and

viii.        lodge a complaint with a supervisory authority (in Norway: Datatilsynet).


Should you require to exercise one or more of the above rights, please contact our Data Protection Officer (as described below) outlining your request and requirements.

The consequence if you don't provide us with the necessary information, or require that such information is deleted, is that mnemonic may not be able to provide its services to you.

If your company/employer uses mnemonic services

mnemonic has no direct relationship with the data subjects whose personal information may be processed by our managed security services. Data subjects who are in contract with our customers may exercise their rights by following their company/employer specific routines. 



For information regarding cookies on our website, please see our Cookie notice


Changes to the policy

mnemonic reserves the right to change this Privacy Notice at any time to reflect changes in the law, our data collection and use practices, the features of our services, or advances in technology. Please check this page periodically for changes. Your continued use of the services following the posting of changes to this policy will mean you accept those changes.


How can you contact us

If you have any questions or other reasons for contacting mnemonic in regards to your data privacy, please contact our Data Protection Officer at