visma.co.uk

Privacy Statement

This Privacy Statement is intended to help you understand how Visma processes your personal data when visiting our website.

The Privacy Statement was last updated: 2025-10-01

    Roles and responsibilities

    The Visma group consists of approximately 200 companies. Visma.co.uk is governed by Visma Software International AS, which is also the controller for the personal data processed via the website. 

    Contact us

    If you have any comments or questions about our Privacy Statement, or any privacy concerns, including regarding a possible breach of your privacy, please contact us by using the privacy request form

    If you want to contact our Data Protection Officer for Visma Software International AS, please send an email to dpo.swint@visma.com.

    You can also contact our Head Office at: 
    Karenslyst allé 56, 0277 Oslo, Norway
    Telephone number: +47 46 40 40 00

    Processing activities

    Use of cookies

    See our Cookie Policy for a complete list of cookies that we use on Visma.co.uk, storage time for each cookie, recipient of cookie-data, and purpose for using said cookie-data. 

    In compliance with the ePrivacy Directive and national legislation that implements this, cookies will not be set unless you consent to this when interacting with the cookie banner that will pop-up when visiting our website, with the exception of cookies that are strictly necessary for the functionality of the website. Said consent is opt-in in accordance with the Planet-49 decision of the CJEU. 

    For the further processing of cookie-data, which include certain personal data such as cookie-ID, IP-adress, activity on the website such as clicks, and similar, we rely on our legitimate interests, cf. GDPR article 6 nr. 1 f) as our legal basis. The legitimate interest is to analyse and improve the functionality and content of our website. 

    To change cookie settings, and to use your right to protest cf. GDPR article 21, please  click “Cookie policy” at the bottom of the webpage. 

    Handle requests


    To facilitate communication and support for our website visitors, we process questions and concerns received via email. This processing involves the personal data you provide in your request, which at minimum includes your contact details.

    Our legal basis for this processing of personal data is our legitimate interests, cf. GDPR article 6 nr. 1 f). The legitimate interest is to respond to questions and concerns raised by visitors on our website.

    Requests and related correspondence are only stored as long as necessary to fulfil the purpose of processing.

    Newsletter subscriptions for news and press releases in the UK.

    You can subscribe to Visma news and press releases in the UK here. If you subscribe, we will process your name and email address for this purpose. 

    Our legal basis for this processing of personal data is our legitimate interests to provide interested individuals with news about Visma, cf. GDPR article 6 nr. 1 f). 

    The personal data will be deleted when you unsubscribe to the newsletter. You can unsubscribe by clicking “Cancel subscription” at the bottom of the emails.  

    Recruitment

    We publish open positions in most Visma companies in the UK on our website. Our companies use different tools to administer the recruitment process, and you may find dedicated privacy statements inside such tools as well. The Visma company that administers the recruitment process is the controller for any personal data received in this relation.

    Service improvement on the website

    We continuously strive to improve and develop the quality, functionality, and user experience of our websites. The personal data we process includes user and web traffic information such as session ID, IP address and device information.

    Our legal basis for processing your personal data is our legitimate interest, cf. GDPR article 6 nr. 1 f). The legitimate interest is to ensure that we meet our visitors' expectations.

    We will only store your personal information for as long as necessary to fulfil the purpose of processing, and your personal data will be deleted after three years.

    Security on the website

    We process personal data in order to detect, mitigate, and prevent security threats and abuse, as well as perform necessary maintenance and debugging. The personal data involved includes user and web traffic data such as session ID, IP address and device information.

    Our legal basis for this processing of personal data is our legitimate interests, cf. GDPR article 6 nr. 1 f). The legitimate interest is to maintain a secure website.

    We will only store your personal information for as long as necessary to fulfil the purpose of processing, and your personal data will be deleted after one year.

    How your personal data may be shared

    Within the Visma Group

    Visma Group consists of several subsidiaries. In order to maintain an overview and insight, we may share your personal data across companies in the Visma Group. The intention is to streamline operations and provide you with a more integrated and seamless experience.

    Outside of the Visma Group

    We may also share your personal data with external third parties in the following contexts:

    Processors 

    We use processors to process personal data. These processors are typically providers of cloud-based services. When using processors, we enter into a data processing agreement in order to safeguard your privacy rights. If processors are located outside the EU/EEA, we ensure legal grounds for such international transfers on your behalf, such as by implementing EU Model Clauses. You are welcome to request more detailed information on our processors by contacting us as described in the section “Contact us”. 

    Public authorities

    The police and other authorities may request access to information from us. This can include both personal and non-personal data. 

    In all such cases, we follow strict internal policies and procedures for assessing the access request, and confer with legal counsels. We only share information that is strictly required by law, and we only share information on the basis of valid court orders or similar legal documents.  

    To prevent unauthorised access to any information we hold, we also implement technical measures such as encryption and access controls. The Visma Security Program ensures high security standards and confidentiality.  

    Furthermore, we ensure legal obligations in contracts with our subcontractors that ensure they too enact organisational and security measures similar to ours. 

    If we receive access requests from non-EEA authorities, we ensure our compliance with the Data Act article 32. Internal policies and routines are in compliance with this regulation. 

    Your rights

    You can invoke the following rights in relation to our processing of your personal data:

    • Access. You have the right to request a copy of personal data we process about you. 
    • Rectification. You also have the right to request rectification of inaccurate personal data concerning you.
    • Deletion. You can request deletion of personal data relating to you. 
    • Restriction. You may ask us to restrict the processing of your personal data
    • Portability.  You may ask us to provide you or others with your personal data in a structured, commonly used and machine-readable format.
    • Object. You have the right to object to our processing of your personal data on the basis of legitimate interests or for direct marketing purposes. You also have the right to object to our processing of your personal data for the performance of tasks carried out in the public interests or in the exercise of official authority or based on legitimate interests. 

    Please note that there may be certain exceptions or limitations to the abovementioned rights which could apply depending on the specific circumstances of your situation. In such cases, we will provide you with detailed information about the applicable exception or limitation and help you exercise your rights to the fullest extent possible, in accordance with applicable laws and regulations.

    Please use this privacy request form to file requests as mentioned in this section.

    Finally, you also have a right to file a complaint to the data protection authorities with regards to our processing of your personal data.

    Changes

    We encourage you to review the Privacy Statement regularly. If we make significant changes to the Privacy Statement that materially alter our privacy practices, we will notify you of this.

    The Privacy Statement was last updated: 2025-10-01