This privacy statement explains the processing of personal data for El-Watch AS.The privacy statement also applies to Neuron, which is a trademark of El-Watch.
Applies to all customers and employees of suppliers and cooperating partners.
El-Watch is committed to ensuring that you can trust us and how we process your personal data. For this reason, the following privacy statement explains why we collect information about you, how we use this information, and how we safeguard your privacy.
Personal data refers to information and assessments that can be linked to an identifiable individual person. This may include information such as a name, contact information, purchasing history, or information on interests.
El-Watch processes your personal data in accordance with the requirements of the Personal Data Act (GDPR). The Personal Data Act regulates how personal data that is collected from your usage can and will be processed, how it is secured, who can access the data, and whether it can be disclosed to a third party.
BUSINESS CLASSIFICATION OF PERSONAL DATA
The personal data of our customers and users is classified as internal and confidential information, and it is stored and managed as such, with limited access rights.
Our use of personal data is in compliance with the Personal Data Act. El-Watch processed personal data in accordance with the Personal Data Act with a basis in your consent or due to legal obligations (medical journals). Furthermore, it may be necessary to process personal data to fulfil an agreement with you as a registered user. You may withdraw your consent for the processing of personal data at any time.
As the data processor, we will ensure that we use personal data about you in compliance with legal provisions.
1. What personal data do we have about you?
Depending on the information you provide us with, how you use our services, and what permissions you give us, we have the following information about you:
- Data about you
When signing up on our website/for our services, you must provide some amount of information that we will store, such as your name, e-mail address, and mobile telephone number. In certain cases, we may need your address to reach you via mail, or to know more about where you are located. The information you provide may also be expanded upon through the use of lookup services.
- Data we obtain through your use of our services
Your device and internet connection: We can register information about the device you are using (mobile/PC, operating system, and browser). We can gather information about your connection to our services, such as IP addresses, network IDs, and cookies.
Purchases or the use of our services: we register information about your use of our services, such as the pages you visit when you are visiting our site, as well as what features you use on our site.
- Purchase information
The information we receive when you purchase something from us, such as what you purchased, your card number, and payment method (e.g., Visa). If you have a user account with us, you will get an overview of your past purchases with your account.
The information you provide when you contact us, such as e-mails communication between us and you.
Data we gather from other sources: We can receive data about you if you use any of the other services we offer. We also cooperate closely with third parties (e.g., business partners, suppliers of technical services and search engines), and we may receive data about you from these parties. This also includes publicly accessible
- Statutory data
We are legally obligated to retain certain personal data.
2. Why do we gather personal data?
We gather user and personal data in our services for the following purposes:
- To provide our website: We use data to customise our website to the technical equipment you are using. We may also use this data to customise the content on our website and app to suit what we think you will be interested in.
- Orders: We use information to complete your order, to provide services, receive payment, and store your purchase history.
- To create user accounts: We use data if you create a user account for purposes such as providing you with access to a username and password, to store your contact information and payment information, and to allow you to see your purchase history.
- Metrics: We compile metrics and survey market trends to improve and further develop our products and services. We do this with anonymised data, and we will not know that the data is specifically linked to you.
- To prevent abuse of our services: We use personal data to prevent attempts at abuse, fraud, spam, hate speech, harassment, and other acts that are prohibited by Norwegian law.
3. Categories of personal data, purposes, and basis for processing
El-Watch processes personal data on the following basis for processing.
- With your consent
When you, as our customer, have given your consent to allow us to gather your personal data, cf. GDPR Article 6(1)(a).
- Inquiries from you (including communication, support, customer, etc.)
When you make an inquiry to us via our website (contact form, comment box, communication tool), via e-mail, via telephone (calls, text messages), or via social media, we process personal data. Depending on where and how
you send us a message, this may include contact information, your IP address, and other information you choose to send us. We process this personal data to be able to enter or complete an agreement with you or the company you represent (cf. GDPR Article 6(1)(b) or (f), or on the basis of our legitimate interest in responding to your inquiries (cf. GDPR Article 6(1)(f).
We receive, archive, and delete inquiries as needed. Inquiries we are obligated to store, such as documentation in connection with claims/complaints, are stored until the deadline to raise a claim/complaint expires (two or five years).
Accounting materials are stored for up to five years in accordance with the Bookkeeping Act.
- Purchase of products and services
When you use the services we provide, we process personal data such as contact information, order and payment information, and your purchase history.
The purpose of this is to deliver products and services to you as ordered/purchased, and to maintain a log of products and services that have been sold. We process personal data in order to fulfil an agreement with you (cf. GDPR Article 6(1)(b) or the company you represent (cf. GDPR Article 6(1)(f).
- Marketing in existing customer relationships
As part of your customer relationship with us, we may communicate with you via electronic communication in accordance with section 15 of the Marketing Act, as well as the Norwegian Consumer Council’s guidelines.
Examples of this may include newsletters or information about our content, services, and events, sent via e-mail, telephone, text message, and social media. You can opt out of marketing via e-mail and text message at any time.
If you are not an active customer, we will only send you marketing materials with your consent. We process personal data on the basis of your explicit consent (cf. GDPR Article 6(1)(a) or on the basis of our legitimate interest in sending you marketing materials (cf. GDPR Article 6(1)(f).
It may be desirable for us to ask you how you perceive our services. We always report the purpose of the surveys we conduct, and whether these are anonymous or not. We do not share your data with others nor use it for purposes other than those we have stated. We process personal data on the basis of our legitimate interest in receiving feedback regarding our services (cf. GDPR Article 6(1)(f). In anonymous surveys, no personal data is collected. The data will be stored for as long as it is relevant to its purpose, or until you withdraw your consent and, if applicable, request its deletion.
4. Who do share personal data with?
In order to operate our business, we are sometimes required to share your personal data with other companies that perform services on our behalf. This is primarily done to give you a better, safer user experience.
Examples of this include:
- Data processors – such as suppliers of different services that process your personal data on our behalf. These parties are not permitted to use this personal data for any purposes other than performing services for El-Watch. This may include IT and administrative services, accounting, cloud storage, web hosting services, sending e-mails, and similar objectives.
- User support for IT and administrative systems.
- Public authorities that we are obligated to report to.
- Data may be disclosed to public authorities following a request where there is a suspicion of illegal acts. We will also be able to disclose data on suspicion of fraud, or information that is needed to resolve specific disputes.
We require all parties with whom we share your personal data to secure this data in accordance with proper information security and the provisions of the General Data Protection Regulations. We enter data processing agreements with all our suppliers.
You can contact us to receive the contact information of relevant partners and suppliers.
5. Personal data shared with a third party
In the following cases, personal data may be shared with a third party:
- When part of your order covers services that are provided by a third party
- When you make an order from El-Watch
- When a third-party service provider performs tasks or work on our behalf, and following our instructions as data processors
- Payment services:
- Data that can be shared may include: Your name and the registration of payment transactions for the services.
- When performing these services requires a third-party service, such as by referral to a partner
El-Watch ensures that all data processors are subject to the same duty of confidentiality as personnel employed at El-Watch, and that agreements on the use of data processors comply with the Personal Data Act’s provisions for the use of data processors/the contents of data processing agreements.
6. Your rights
Personal data refers to information that can be linked to an identifiable individual person. This may include names, addresses, telephone numbers, e-mail addresses, IP addresses, and your usage history for our services.
All processing of personal data, such as collection, registration, storage, and disclosure, are subject to special rules provided in the Personal Data Act and elsewhere.
You can exercise your rights by sending us an e-mail: email@example.com. You are entitled to receive a response as soon as possible, and within no more than 30 days. If this will take longer, you will be informed.
More information on your rights can be found on the website of the Norwegian Data Protection Authority. This is a short summary:
You are entitled to ask us to:
- Provide further information on how we process your personal data, and you are entitled to access this personal data as well (right to access).
- Disclose or transfer your personal data to another supplier in a structured, commonly used, and machine-readable format (data portability). This applies to data that you have with us and that is needed to fulfil an agreement with us, and that we process automatically (i.e., we do not process it manually).
- Update your personal data if it is incomplete or inaccurate (right to rectification).
- Delete data that we no longer have a basis to store (right to erasure).
- Restrict or stop the processing of your personal data if you ask us for it, e.g., if you are of the impression that we are processing your personal data illegally and you do not want us to delete the personal data in accordance with our procedures until the situation has been clarified (right to restrict processing).
- Withdraw any consent you have given us.
- You have the right to object to our processing of your personal data if this is justified by special circumstance on your side (right to object).
Please be aware that there are limits to these rights. Feel free to get in touch with us if you would like further information on this topic. If you believe we are processing personal data in violation of the Personal Data Act, then you have the right to complain to the Norwegian Data Protection Authority. Before doing so, we would ask that you contact us so that we can answer your questions or clear up any misunderstandings.
7. Security and storage
El-Watch takes information security seriously, and we always do our best to safeguard your personal data in accordance with prevailing legislation.
- Access control: We use recommended strong passwords, data encryption, access management, back-ups, and two-factor authentication to secure our data and prevent unauthorised parties form viewing, editing, deleting, or in any other way affecting the data we store.
- Recognised suppliers – El-Watch only uses recognised suppliers of IT and administrative services (web security, anti-virus software, e-mail providers, back-ups, etc.). Access to and/or processing of your personal data is only permitted in accordance with our instructions, and only where strictly necessary.
- Routines and risks – El-Watch has routines for the management of data security breaches. In the event of any non-conformities, a non-conformity report will be sent to the Norwegian Data Protection Authority within 72 hours of it being discovered. Affected data subjects will also be informed if the breach poses a high data protection risk.
We will not store your personal data for longer than is necessary to fulfil the purpose of this processing and our statutory obligations. For example, this means that personal data we process on the basis of your consent will be deleted if you withdraw your consent. Personal data we process to fulfil an agreement with you will be deleted when the agreement is fulfilled and all duties pursuant to the agreement have been completed, such as statutory duties relating to accounting, follow-up of customers with regard to claims, etc. Personal data we process pursuant to a statutory duty will be deleted as soon as our duty to store the data ceases to apply.
8. Transfer of personal data outside the EU/EEA
We may at times transfer personal data outside the EU/EEA, such as where we use suppliers outside of the EU/EEA to process your data in order to make services available via our website to enable payment, for security purposes, or to otherwise operate our business in a safe, efficient manner.
The transfer of personal data to locations outside of the EU/EEA is only permitted to countries approved by the EU Commission, or under necessary guarantees in accordance with Chapter 5 of the General Data Protection Regulations.
An example of such a guarantee is the use of EU standard contracts or binding business regulations.
Please get in touch with us if you wish to know which suppliers we use outside of the EU/EEA, and to gain access to documentation of necessary guarantees.
On our website, we use the following cookies for the stated purposes:
|Used by LinkedIn to make it easier to select data centres.
|LinkedIn uses this to track the effectiveness of advertisements on LinkedIn.
|LinkedIn uses this to store the user’s synchronisation history for analysis.
|Used by LinkedIn to track users on different websites to present relevant advertising.
|A cookie set by LinkedIn to permit a “Keep me logged in” function on a shared computer.
|Used by Facebook to deliver, measure, and improve the relevance of advertising.
|Used by Facebook for security and integrity purposes, including user approval.
|Used by Facebook for user approval.
|LinkedIn applies this cookie to recognise browser IDs.
|Used by Facebook to recognise your browser for security and integrity purposes.
|Used by Facebook for security and integrity purposes, to identify browsers and prevent the creation of fake Facebook accounts.
|Google Analytics cookies used to measure how users interact with the website.
|Registers a unique ID that is used to generate statistical data on how visitors use the website.
|Used by LinkedIn to ensure the proper functioning of their services.
|All websites that implement Google Analytics, including Google services, use the “_ga” cookie. Each “_ga” cookie is unique to each specific asset, so it cannot be used to track a given user or browser on unrelated websites.
|WordPress cookies that are used to adapt the user’s display of the administration interface and possibly also the main website’s interface.
|This cookie is used by LinkedIn, but its purpose is unclear without further context.
|Collects a combination of the user’s browser and unique identifier that is used to customise advertisement to users.
|WordPress cookies that are used to adapt the user’s display of the administration interface and possibly also the main website’s interface.
|This cookie is used to identify LinkedIn members in the specified countries for analysis.
|Facebook Pixel is used to deliver, measure, and improve the relevance of advertisements.
|Used by Facebook to adapt to monitor resolutions for an optimal visual experience.
|This cookie stores a user’s language settings to display content in the selected language the next time the user makes use of the website.
|This cookie is used by the WPForms WordPress plugin. This cookie is used to permit the paid version of the plugin to connect records from the same user, and is used for some extra features such as the Form Abandonment add-on.
10. Changes to the privacy statement
We may occasionally make updates to this privacy statement. You will be notified in the event of any significant changes. You can always find the latest version of our privacy statement on our website.
Our contact information is:
E-mail address: firstname.lastname@example.org // Telephone: +47 71 66 69 08