Gard Privacy Notice



Gard AS and its subsidiaries may on behalf of themselves and/or an entity of the Gard group comprised of, inter alia; Gard P. & I. (Bermuda) Ltd., Assuranceforeningen Gard - gjensidig -, Gard Marine & Energy Limited and Gard Marine & Energy Insurance (Europe) AS, obtain personal data from you or other individuals in the course of their day to day business.

Gard AS protects your personal data in accordance with the General Data Protection Regulation (GDPR) and any applicable Norwegian data protection law. This document contains information on when, why and how the company processes personal data related to individuals, including but not limited to, Members, claimants, employees, employers, brokers, lawyers.

Gard AS, the data controller, may be contacted at: Kittelsbuktveien 31, 4836 Arendal, Norway and Email

The information which will be collected may include any personal data about you as an individual which you provide to us through forms on this website and/or emails exchanged with the above-mentioned companies' personnel, when you contact us by phone or mail or in person.

What types of personal data are being processed?

Gard AS may collect and process a variety of personal data, which may include the following:

  • Personal data related to management and administration of insurance agreements and claims handling, including sensitive data related to claimants
  • Contact information related to members, brokers, external service providers and other relevant third parties necessary for the administration of the customer relationship
  • Personal data regarding its employees, its former employees and applicants during the recruitment process who did not obtain a position with Gard.

The purpose of processing – what is personal data used for?

Personal data may be used and processed for the following purposes:

  • Considering an application for insurance, providing and administering any relevant insurance policy, obtaining and administering reinsurance and administering and paying claim (regarding legal persons),
  • Administering and paying claims regarding individuals,
  • Performing checks in relation to fraud and financial crime, or
  • Other lawful purposes which are not incompatible with the above-stated lawful purposes.

Legal basis for lawful processing

The company will sometimes obtain a consent to the processing of personal data and will then have a legal basis to process pursuant to Article 6(1)(a) of the GDPR.

Legal basis for the processing of personal data may also be found in Article 6(1)(b) of the GDPR, where processing is necessary for the performance of a contract with the customer or in order to take steps at the request of the customer prior to entering into a contract.

Furthermore, legal basis may be found in Article 6(1)(f) of the GDPR (balancing of interests). In this connection, note that the company will not process personal customer data except as deemed necessary for purposes specified above.

The legal basis for handling sensitive personal data related to claimants are, in addition to the above-mentioned articles, article 9(2)(f) which states that processing of sensitive personal data is permitted because it is necessary for the establishment, exercise or defense of a possible legal claim.    

Use of data processors and transfer abroad

Gard AS may use suppliers (data processors) to assist it with the processing of personal data. This may occur, for example, when IT operations or the backing up of company data are outsourced to an external supplier.

The company may also transfer personal customer data abroad, including to non-EU/EEA countries whose data privacy laws do not offer the same level of protection as Norway. The typical reasons for such transfers include the use of external data storage services.

The use of processors and data transfers abroad may also occur because Gard AS has subsidiaries outside of the EEA/EU which assist with the processing of personal data

Any use of processors and transfers of personal data abroad will be in compliance with applicable statutory requirements.

An overview of the company’s use of processors and transfers of personal data abroad is provided by Gard AS on request.

How long is data stored for?

Personal data will only be stored for as long as necessary for the purpose of the processing, and to fulfil statutory or other regulatory requirements, and shall then be erased.

Use of cookies

Gard AS’s website uses cookies (information capsules). Information on this topic can be found in a separate document published on the company’s website.

The rights of the data subjects

The GDPR grants certain rights to customers in their capacity as data subjects, including the right to request access to data related to them the company processes and, subject to certain conditions, the right to claim erasure or rectification of data. Other rights include the right to withdraw your consent for processing of personal data and to object to certain processing. Gard AS will meet its obligations in this regard, and persons who wish to exercise such rights can contact the Data Protection Officer in Gard AS.  


Data Protection Officer


Should you have any questions or requests relating to the company’s processing of personal data you may contact the The Data Protection Officer in Gard AS. The contact details are as follows:


Thor Magnus Berg, Head of Compliance and Quality Management
Tel. work +47 37 01 92 13
Gard AS
P.O. Box 789 Stoa
NO – 4809 Arendal

Cookie policy 

A cookie, as defined by Wikipedia, is: “A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is usually a small piece of data sent from a website and stored in a user's web browser while a user is browsing a website. When the user browses the same website in the future, the data stored in the cookie can be retrieved by the website to notify the website of the user's previous activity. Cookies were designed to be a reliable mechanism for websites to remember the state of the website or activity the user had taken in the past.”

The following are the ways in which we use cookies:

  • We use cookies to help us to improve the performance of our website to provide you with a better user experience.
  • We also use cookies to track visits to our site so that we can assess which parts of our sites are most popular, how long visitors stay on our site, which browser visitors are using, how visitors enter our site, which sites refer to our site etc. This makes it easier to tailor our information to your needs.
  • Some components on our site (maps) contain third-party cookies to allow traffic analysis to Google Maps.

For more information about the cookies used on our site, see the section Cookies used on our site.

We do not sell the information collected by cookies.

Please note that our website may contain links to other, non-Gard websites. Gard is not responsible for the privacy practices of other such sites.

If you wish to control what cookies are set on your device through the Gard website then you can find out how to do this as described in the section Managing Cookies.

Cookies used on our site

We use three major types of cookies on our site:

  • Session cookies
  • Tracking cookies from Google Analytics
  • Tracking cookies from Google Maps

The session cookies allow users to be recognized within a website so any page changes or item or data selection you do is remembered from page to page. These session cookies are temporary and are erased when you close your browser at the end of your surfing session. The next time you visit our site we will not recognize you, and we will treat you as a completely new visitor as there is nothing in your browser to let the site know that you have visited us before.

We use Google Analytics tracking cookies to better understand how our customers navigate to and through our website, how long customers spend visiting our content items and how often they return to visit our website. The Google Analytics cookies expire after two years. The information generated by the Google Analytics cookies (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and usage. Google will store this information.

We also use maps from Google Maps to show where our offices are located; when maps are accessed Google Maps tracking cookies are set. The Google Maps cookies expire after two years.

You can view the privacy policy of Google here:

Managing cookies

If you do not want to receive cookies from Gard, you can modify your browser settings so that your browser notifies you when cookies are sent to it. You can also choose to refuse cookies altogether, and delete cookies that have already been set.

The functionality on our website works fine without cookies, and you will not lose major features or functionality if you choose to disable cookies.

You can also opt out of being tracked by Google Analytics, please visit for more information.