Personal information

Information or assessment that can be linked to an individual. This can be name, address, telephone number, e-mail address, car number, photos or social security number.

GDPR

Abbreviation for The General Data Protection Regulation, the EU regulation (regulations) for personal protection. Also called the privacy regulation.

Processing of personal data

All use of personal data, such as collection, registration, compilation, storage and disclosure, or a combination of such uses.

Data controller

The person who determines the purpose of the processing of personal data and which aids are to be used. This is usually a business.

Data processor

The person who processes personal data on behalf of the data controller. This is usually a business.

Data subject

The individual to whom the stored information can be linked.

Personal data

Data provided by the user to identify himself when purchasing services or other inquiries to a business.

Automatically collected data

Data that the user does not provide directly, but which is automatically collected through interaction with the businesses' online platform and technical systems.

Information cookies

A cookie is a small text file that is downloaded and stored on the computer/mobile phone when the user opens a website. The cookie is used, for example, to store login details, remember shopping baskets in the online store or register where the user moves around the website.

Tracking

Action where you can follow the electronic traces a user leaves behind.

IP address

Unique number that identifies a device in a network. IP address comes from English: Internet Protocol address.

Consent

A voluntary, specific, informed, unequivocal and active declaration from the data subject that he or she accepts the processing of information about himself.

Special categories

Also called sensitive personal data. This is information that requires extra protection, such as information about racial or ethnic origin, religion, health information, sexual orientation and more.

This privacy policy explains how we collect and use (process) personal data in our business.

DigiUp – Prosjektjegeren AS, by owner and managing director Line Rødli Kristiansen, is responsible for the processing.  

N.B. It is not permitted to copy any text from this privacy policy, cf. copyright law.

Our contact information is:

Prosjektjegeren AS - DigiUp

Business address: Fyrstikkbakken 22, 0667 Oslo

Organization no.: 983 542 018

E-mail address: line@digiup.no  

This privacy policy was last updated: January 12th 2023.

We take your privacy seriously and we have taken several measures to ensure that we provide you with clear information about how we process your data and what rights you have. If you feel that something is unclear or missing, please do not hesitate to contact us.

Contact us if you have questions about or want to exercise one of your rights. You are entitled to a response within 30 days at the latest.

✔ Access to and correction of your own information: You can request a copy of all information we process about you and ask us to correct information that is incorrect.

✔ Deletion or restriction: In some situations, you can ask us to delete and/or limit the processing of information about yourself, but we cannot delete data we are required to process.

✔ Object to processing: If we process information about you on the basis of legitimate interest, you have the right to object to it.

✔ Data portability: If we process information about you based on consent or a contract, you can ask us to transfer information about you to you or to another controller.

✔ You also have the right to withdraw your consent at any time.

✔ If you are not satisfied with the processing of your data, you can complain to the Norwegian Data Protection Authority, but we hope that you will tell us directly first so that we can try to resolve the matter for you in a good way.

We process personal data about:

✔ Customers

✔ Potential customers/leads

✔ Visitors to the website

✔ Students/members in digital courses and workshops

✔ Contact persons at suppliers and partners

It is voluntary to provide us with personal information, but in order to use our services we do need a set of personal data from you.  

We process personal data when you:

✔ buy our products/services.

✔ become a member or a student and uses our member portal.

✔ contact us via phone, SMS, our website, e-mail or social media.

✔ sign up for a newsletter or another email list.

✔ order a free template, guide or other free content from us.

✔ sign up for our events, free and paid.

✔ answer a survey.  

There are two main categories of data we collect from you that may contain personal information.  

Personal data

Data you provide to us to identify you when you contact us, register for free services or purchase services.

This includes:

·  Identity data: name, username, title and identity of the company you represent.

·  Contact data: e-mail, telephone numbers and address.

·  Profile data: username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.

·  Financial data: bank account and payment card details. These are not received or stored by us, but by our third-party payment intermediaries Stripe and Paypal. Their processing of your personal information is governed by their privacy policy.

Automatically collected data

Data that you do not provide directly to us, but which is automatically collected by our system when you interact with our online platform and technical systems.

This includes:

·  Transaction data: automatic messages about payments/registrations/inquiries to and from you and other automatically generated system logs.

·  Technical data: IP address, login data, browser type and version, time zone setting and location.

·  Usage data: information about how you use and interact with our website, products and services.

·  Marketing and Communication Data: your preferences for receiving marketing from us and our third parties and your communication preferences.

Our websites also use cookies, which can be used to identify individuals if you are already registered in our platform.

See our Cookie statement.

Your personal information is stored in different systems depending on the type of processing involved. For security reasons, we do not provide all details about this openly on the website. Please get in touch if you would like to know more.

We use several business systems for websites, member portals, orders/purchases, communication, customer support and surveys. All personal data is stored on secure servers and they comply with GDPR - the personal data protection regulation in all our systems.

According to Article 6 No. 1 of the General Data Protection Regulation (GDPR), we process personal data on the basis of:

a.     Your consent

b.    An agreement we have with a third party

c.     A legal obligation we have

f.     A legitimate interest we believe we have

As a general rule, personal data must not be processed and stored for longer than is necessary to fulfil the purpose of the processing.  

We retain data for as long as we are required to do so by applicable legal obligations, for example related to accounting, tax or employment legislation, and/or other relevant rules and regulations. You can contact us at any time if you want us to stop processing or delete your personal data, but please note that we cannot delete personal data we are legally obliged to process.  

As a general rule, your personal data is stored as long as you are registered for our services or are a customer with us, and for up to 3 years after the services and the customer relationship have ended. Personal information relating to invoices and payments is kept for at least 5 years, as required by Norwegian accounting legislation.   This is how we process personal data: Here we describe in detail when and how we process your personal data, for what purposes, on which legal basis and for how long.

This is how we process personal data:

Here we describe in detail when and how we process your personal data, for what purposes, on which legal basis and for how long.  

We process personal data when:

You use our websites

When you use our websites, we process personal data in line with our "cookie" statement. Our websites use cookies, which can be used to identify individuals if you are already registered in our platform.

See our Cookie statement.

The purpose is to manage our website, promote the company and respond to inquiries from visitors. The legal basis for cookies, which store or process information that falls under § 2-7b of the Electronic Communications Act, is consent through a preset in your browser, in line with Nkom's recommendations as described here (November 2020).

When you visit our website, you must approve the use of cookies.

You communicate with us

When you contact us via the website (contact form, help desk, chat or similar), by e-mail, via telephone (call, text message) or social media, we process personal data. Depending on where and how you send us a message, this may be your name, contact information, IP address and other information you choose to send to us. We use an LMS (Leads Management System) which is also a customer support system to process personal data about potential and existing customers. The purpose is to be able to respond to inquiries from you, for contact and purchase history, and to have documentation in case we receive claims, complaints or legal claims. The legal basis is f) legitimate interests. We review, archive and delete inquiries as necessary, but no less often than every three years. Accounting material is kept for up to five years, according to the rules in the Bookkeeping Act.

You buy our products or services or become a member of our member portal

When you buy products and services from us, we process personal data such as name, contact information, order and payment information, delivery address and purchase history. If you have purchased a service where all or part of it is delivered digitally, e.g., in the member portal or in video conferences, we process more personal data. In video conferences, either one-to-one between us and you, or one-to-many between us and a group of people, we also process personal data such as name, profile picture, video (picture and sound), messages and other activity you undertake, times of participation and IP address. Depending on the type of service, the content from video meetings with several participants can also be shared in the member portal, e.g., where the service is structured as a group program. The content is not shared with third parties. The platform we use has integrated analysis and cannot be deactivated. If you do not want your information to be processed in this way, you should not purchase a service that contains such digital arrangements. The purpose is to be able to deliver products and services to you after ordering/purchase, to have a history of sold products and services and otherwise to manage and follow up the customer relationship with you. The legal basis is b) agreement and c) legal obligation according to e.g., the Bookkeeping and Tax Act. Accounting material is kept for up to five years, according to the rules in the Bookkeeping Act. Personal information is stored for up to 3 years after the customer relationship ends. Any recordings from group conversations are kept for as long as the product/service is offered and then deleted within three years at the latest.

Marketing in existing customer relationships

When you become a customer or use free services, we process personal data as mentioned above. If you have an existing customer relationship with us, we will be able to send you marketing by e-mail and SMS, in line with § 15 of the Marketing Act. Without a customer relationship, we can send e-mail and SMS with consent. The purpose is to be able to provide good customer service. The legal basis is f), where the legitimate interests are to be able to offer you relevant products and services. The legal basis can also be a), where you have given us your consent. You can unsubscribe from e-mail and SMS marketing at any time. Information on how to unsubscribe is stated in all e-mails and SMSs we send that are linked to marketing. The information is stored as long as the customer relationship exists, until you unsubscribe or until you object to the processing, if necessary.  

You sign up for the newsletter

We send out newsletters by e-mail with relevant knowledge, tips and advice, as well as discounts, offers, free templates, checklists and similar. The newsletters occasionally contain information about our products and services. When you subscribe to the newsletter, we process personal data such as name, contact information and IP address. The purpose is to be able to share knowledge, inform about relevant news and offers, as well as to provide good customer service to potential and existing customers. The legal basis is a) consent. Subscribing to the newsletters is voluntary and you can withdraw your consent (unsubscribe) at any time by clicking on "Unsubscribe" at the bottom of one of the emails. The personal data for the list(s) you unsubscribed from will be deleted immediately. If you still have a customer relationship or other active registrations, these will still be stored. The supplier we use to send out newsletters has integrated analysis that shows that subscribers open and possibly click on links in the newsletters. This functionality is integrated into the system and cannot be disabled. If you do not want your data to be analysed in this way, you should not become a subscriber. We use the data to analyze the results of the newsletters and to tailor the content to our subscribers. The legal basis is f), where the legitimate interest is to continuously improve our products and services.

You sign up for an event or request access to content

When you participate in free events or request access to free content from us, we process personal data such as name and contact information. For payment arrangements, we also collect order and payment information. The purpose is to be able to offer relevant courses, lectures and workshops or to fulfil an agreement on an ordered event. The legal basis is a) consent or b) agreement and c) legal obligation according to e.g., the Bookkeeping and Tax Act. We may also use your personal information to send you a request for evaluation of the event you attended or the content you received, and possibly offer other similar events or content. The legal basis is f), where the legitimate interest is to continuously improve our products and services and offer you good customer follow-up. The information is kept until you request that it be deleted or at the latest up to three years after the event, or, by agreement, up to five years according to the rules in the Bookkeeping Act.

You fill out a survey

We always inform about the purpose of the surveys we carry out, and whether they are anonymous or not. We do not share the information with others or use it for purposes other than what we have stated. In the case of anonymous surveys, we do not collect personal data. The legal basis for surveys that are not anonymous is a) consent. The information is kept until you request that it be deleted or at the latest up to three years after you answered the survey, or the customer relationship ends.

You are a supplier or collaborate with us

When you enter into an agreement with us either as a supplier, partner or data processor, we process personal data such as name, contact information and correspondence. The purpose is to be able to enter into an agreement with you and the legal basis is b) agreement. The information is kept for up to five years according to the rules in the Bookkeeping Act. We process personal data related to general correspondence and communication as described above.    

In order to run our business efficiently and securely, we use third-party suppliers with whom your personal data is shared.

These are:

✔ Data processors: providers of various services who process your personal data on our behalf. *

✔ Professional advisers from industries such as lawyers, finance, accounting, auditing and insurance.

✔ User support for IT and administration systems.

✔ Public authorities we are obliged to report to.   We require that everyone we share your personal data with secures your data in accordance with good information security and in accordance with the requirements of the Personal Data Protection Regulation.  

* We use data processors for:

✔ Email, calendar and digital meetings

✔ Bookkeeping, accounting and invoicing.

✔ Cloud storage. ✔ The websites and member portal.

✔ Online payments and receipts for purchases.

✔ Newsletter.

✔ Project management tools

✔ Meeting booking.

✔ Video meetings/conferences.

✔ Surveys.  

Note that one data processor can cover several of these entries. For security reasons, we have not specified all of these by name, but feel free to contact us if you would like to know more about which data processors we use.

We take information security seriously, and we will always do our utmost to safeguard your personal information in the best possible way. Among other things, we use SSL on our website, strong passwords, access control and backups to secure our data and prevent unauthorized persons from accessing, changing, deleting or in any way influencing the data we store, including your personal data.

We only use reputable providers of IT and administration services such as web hosting, website and PC security, virus software, e-mail provider, backup, and more. We only allow others to access and/or process your personal data in accordance with our instructions, and only where strictly necessary (e.g., for IT support).  

N.B. It is not permitted to copy any text from this privacy policy, cf. copyright law.,l.nmjh