- Scope and subject matter
This agreement sets out how HoloCare AS processes your personal data. This policy explains how and why we collect and use personal data about our users. It also details how we protect the personal data we collect.
We respect your right to privacy. All our collection and use of personal data are compliant with the European General Data Protection Regulation (GDPR). By using this website and our application form, you accept that HoloCare may process the personal data you provide as described in this agreement.
Data Controller: HoloCare AS
Data Processor: HoloCare AS
Personal Data means any information relating to an identified or identifiable person. For example name, address, telephone number or e-mail address.
Processing Personal Data means any use of personal data. For example, collection, registering, structuring, storage, dissemination or making available, and erasure or destruction. Processing can happen by automation or manually.
The data controller is the designation of the person responsible for the processing of personal data, which determines the purpose of the processing and the aids used in the processing. HoloCare is the data controller responsible for the personal data processed in connection with the use of our services.
Data processor is the person who processes personal data on behalf of the treatment officer.
- What personal data do we collect, and why?
3.1 Personal data you provide
We collect personal data you provide in forms or data fields on our websites, for example, to sign up for events, or respond to our requests, including name, company, email address, and phone number. The basis of the processing is the consent of the individual, unless otherwise specified.
We store information about you when you send us an email directly or fill out a contact form in connection with a request. Requests you send directly via email or the contact form are not encrypted. Therefore, we encourage you not to send any confidential or sensitive information via email.
For the performance of certain activities on our website, you must provide personal data. We store the personal data in our database to process your request and provide services such as newsletters, invitations to events and surveys to you, and to improve and further develop our services as well as to prevent fraud.
3.2 Personal data we collect when you use our website
When using our services, we record information about your activity. We collect the following data:
(i) Net statistics
HoloCare collects anonymous information about visitors to the site. The purpose of this is to develop statistics that we use to improve and further develop information services on the site. Examples of what the statistics provide are how many people visit different pages, when the people visit the site, how long the visit lasts, which browsers people use, which websites the users come from and the web browser that led you to HoloCare’s website.
We process the information in an anonymous and aggregated form. Unidentified or anonymous information means that we cannot trace the data we collect back to the individual user. We also process IP addresses at an aggregated level. Meaning that all data is merged into a group and not processed individually.
We use the analytics tool Google Analytics on our site. The tool is installed on a separate server with an external provider and collects information that we use for our customer analysis, statistics, and surveys. We do not provide information from this tool to other actors. Read more about the vendors processing of personal data here: https://cloud.google.com/terms/data-processing-terms
(ii) Information about position
We calculate a geographical location from the IP address using our services.
(iii) Technical information about your device and internet connection
We record information about your device and the connection to our website, including browser, operating system, and IP address. We use this information in anonymous and aggregated form. We use the information to customise the display of our services to the device you are using as well as analysis to understand market trends and to limit abuse of the service.
We store information about which keywords the users use. The purpose of the storage is to make search better for you. The search usage pattern is only stored in the aggregated form in a separate database. Only the keyword is saved, and this cannot be linked to other information, such as your IP address.
- How do we use your personal information?
We will not use the collected personal data for other purposes than those listed below, unless you explicitly consent to it.
4.1 Implement the agreement
We process your personal data in order to provide requested services, for example to process your request for information about HoloCare. We also process this information to improve and further develop associated services. The development happens through customisations of services according to the users' wishes.
4.2 Improve user experience
We use the collected data to monitor whether users with a particular browser or device are having trouble loading the website, specific pages, specific services, and customising the format of the browser or device used to improve our services. We generally use the information processed for this purpose in an aggregated and unidentified form.
4.3 Marketing and recommendations
If you have requested information about HoloCare’s products or services, including newsletters and invitations to participate in surveys or events, we also process personal data for the purposes of marketing and recommendations.
4.4 Understanding market trends
We analyse the personal data to understand market trends and to try to predict future behaviour. The purpose of this is to develop statistics that we use to improve and further develop our sites and improve our services. HoloCare may conduct these analyses ourselves or by commissioning another company, in which case we will transfer a limited extract of information for analysis.
If we provide personal data to other companies for such analytical purposes, this will be governed by proprietary data processor agreements with specifications that constricts the use of this information for other purposes, makes sure it is deleted after use, and will comply with all applicable data protection regulations.
4.5 Limit abuse of service
We use information related to users’ activities and technical data to limit various types of abuse of the service. Misuse includes fraud, spam, attempts to log on someone else's user accounts, abuse directed at individuals, and other actions prohibited by Norwegian law.
- Disclosing personal data is voluntary
It is always voluntary for those who visit this website to provide personal data. You can limit the amount and type of personal data HoloCare registers at any time, by not filling in any forms or data fields on our website. We note that this may cause some of our online services not to work, to not work optimally, or otherwise affect your user experience.
- Who can access my personal data?
A limited number of HoloCare employees can access your personal data. In addition, third parties whom HoloCare has commissioned to perform specific services, such as subcontractors and data processors, can access your personal data. All personal data is access controlled.
- Sharing information with third parties
We may disclose information about you and your use of the service to other companies in our group, including our partners, in connection with events and for the same purposes the personal data was initially collected for. As far as possible, we will disclose the personal data in anonymised form, but in some instances, it may be necessary to provide personal data that has not been anonymised.
If you have requested a service carried out by another company (e.g. participation in a joint event) that may require that the third party has access to your personal data, we will ask for your consent. We require our partners to treat your personal data confidentially and only use the data to perform services for HoloCare.
If there is suspicion that an offence has been committed in connection with the use of HoloCare's services, we may hand over personal data to public authorities upon request. We will also be able to provide information to other entities in the event that it is necessary to prevent fraud.
Data processors that process personal data on behalf of HoloCare may be given access to your personal data. Our data processors are subject to confidentiality and may not use the information for other purposes than performing the service for us. All data processors have entered into data processing agreements with HoloCare before they process personal data.
We do not transfer personal data to third countries.
7.1 Combining personal data with third party information
HoloCare cannot combine personal data you have provided with information obtained from third parties.
- Security of personal data
We have procedures and measures at different levels to prevent unauthorized persons from accessing your personal data, prevent personal data from being lost, corrupted or damaged, and to ensure that all processing of personal data is in accordance with applicable law. These measures include, but are not limited to, regular risk assessments, technical systems, and physical procedures to safeguard information security and routines to verify inspection and rectification requests.
9.1 Right of access
You have the right to know what personal data HoloCare stores about you. You also have the right to request that personal data that is inaccurate or incomplete be corrected, deleted, or supplemented. You have the right to object to your personal data being stored. Such requests must be answered no later than 30 days, and be processed free of charge. In order to make a request, please send an e-mail to: firstname.lastname@example.org
9.3 Delete personal data
Personal data will not be stored longer than is necessary to fulfil the purpose of the processing, unless applicable law requires us to store your personal data for longer.
You may at any time request that we delete information relating to you as a user, unless the information is required to provide a service you still wish to have access to, or if HoloCare is required by law to keep the information in question.
You may recall your consent for the processing of personal data at any time.
Change of Privacy Statement
HoloCare reserves the right to change this privacy statement to reflect changes to laws, regulations and technical progress, and ensure that it conforms to good business practice.
If HoloCare changes its privacy practices, an updated version of this Privacy Statement will reflect these changes, and we will inform you of such changes by updating the date of entry into force at the top of this Privacy Statement.
If you have questions relating to our privacy statement, the handling of personal data, or about changing or deleting the personal data you have given us, please contact us by e-mail: email@example.com
If you would like to delete, change or correct your personal data and do so by contacting us through email, we ask you to use the subject field "Request Deletion" or "Request / Change / Correction Request" depending on your inquiry. If you would like to know what personal data we have stored about you please send us an email with the heading “Data Subject Request”. Please also provide us with the e-mail address you used for registration, if you registered using an e-mail address. We will do our best to process your inquiry as soon as possible.
Any complaints about the processing of personal data by HoloCare can be addressed to Datatilsynet, PO Box 8177 Dep, 0034 Oslo or email: firstname.lastname@example.org
When using HoloCare's web pages, we collect the following information from you as a user:
Your IP address, browser, and operating system
Location of visitors
Time of visit
Which pages on holocare.org you have visited through the registered IP address and the duration of the visit
Possibly which link you came from when visiting www.holocare.org
What you clicked during the visit and any downloaded files
The information will be sent from your browser to Googles server.
1.3 Details of the cookies used
The following cookies are used on the site:
COOKIE NAME DEFAULT EXPIRATION TIME DESCRIPTION
__utmt 10 minutes Used to throttle request rate.
__utmc End of browser session Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the__utmbcookie to determine whether the user was in a new session/visit.
__utmv 2 years from set/update Used to store visitor-level custom variable data. This cookie is created when a developer uses the_setCustomVarmethod with a visitor level custom variable. This cookie was also used for the deprecated_setVarmethod. The cookie is updated every time data is sent to Google Analytics.