Skip to content

Privacy Policy

The company is referred to as Visuado AS incorporated and registered in Norway, whose registered office is at Industrigata 59, NO-0357 Oslo, Norway, reg no 922 937 877,

  1. Data Controller and Contact Information

This privacy policy explains how we collect and use (process) personal data in our business. We are the data controller for the processing.

  1. Your Rights

If you want to exercise one of your rights, you can contact us. You are entitled to a response as quickly as possible, and no later than within 30 days. Read more about all your rights on the Norwegian Data Protection Authority’s pages.

General Rights:

  • Access to and correction of your own information: You can request a copy of all information we process about you, and ask us to correct information that is not correct.
  • Deletion or restriction: In some situations, you can ask us to delete and/or restrict the processing of information about you.
  • Object to processing of personal data: If we process information about you based on legitimate interest, you have the right to object to it.
  • Data portability: If we process information about you based on consent or a contract, you can ask us to transfer information about you to you or to another data controller.
  • You can complain to the Norwegian Data Protection Authority about our processing of personal data. We hope that you will inform us directly first, so we can try to resolve the matter for you in a good way.
  1. Who We Process Personal Data About

We process personal data about:

  • Customers.
  • Customers’ customers if the delivery of the service requires this.
  • Potential customers.
  • Contact persons at suppliers and partners.
  • Visitors to the website.
  • Job applicants.
  • Employees.
  • Former employees.
  • Customers’ employees if the delivery of the service requires this.
  • Customers’ former employees if the delivery of the service requires this.
  1. How We Collect Personal Data

It is voluntary to provide personal data to us. However, for us to be able to deliver products or services, we need a number of details from you to be able to carry out the delivery. We neither rent, buy, nor sell personal data from/to others. We do not use automated decisions or profiling in the processing of your personal data.

We process personal data when someone:

  • enters into an agreement with us to purchase products/services
  • becomes a member with us
  • sends us e-mail, SMS, social media, or other correspondence
  • subscribes to our newsletter
  • orders content from us, free and paid
  • signs up for events (courses, lectures, workshops, etc.) organized by us, free and paid
  • uses our website (cf. the section on cookies)
  • leaves a comment on our website
  • submits an inquiry via communication tools or contact forms on our website
  • responds to a survey
  1. Categories of Personal Data, Purposes, and Legal Basis for Processing

We process personal data according to the following legal bases in the General Data Protection Regulation (GDPR) Article 6(1):

  • “Consent”: when you have given us your consent.
  • “Agreement”: to be able to fulfill an agreement to which you are a party, or to be able to implement measures at your request, before we enter into an agreement.
  • “Legal obligation”: for us to be able to fulfill a legal obligation.
  • “Legitimate interest”: to be able to safeguard a legitimate interest that we believe outweighs the consideration of the individual’s privacy.

We process personal data related to:

Inquiries from you, including communication, support, customer service, etc.

When you contact us via the website (contact form, comment field, communication tool), by email, by phone (call, text message) or social media, we process personal data. Depending on where and how you send us a message, this may be contact information, IP address, and other information you choose to send us.

The purpose is to be able to respond to inquiries from you, for history, and to have documentation in case we receive complaints, claims, or legal demands. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to be able to respond to inquiries from you, for history, and to have documentation in case we receive complaints, claims, or legal demands.

We review, archive, and delete inquiries as needed, but not less frequently than every two years. To maintain any history and logic in the comment field, comments are not systematically deleted.

Inquiries we are obliged to keep, such as documentation in connection with a complaint/claim case, are stored until the deadline for complaining/claiming has expired (two or five years). Accounting material is kept for up to five years, according to the rules in the Bookkeeping Act.

Purchase of products and services, including membership

When you purchase products and services from us, including membership, we process personal data such as contact information, order and payment information, and purchase history.

The purpose is to be able to deliver products and services, including membership, to you after order/purchase, and to have a history of sold products and services. The legal basis is GDPR Article 6(1)(b) agreement, or (c) legal obligation.

Accounting material is kept for up to five years, according to the rules in the Bookkeeping Act.

Marketing in existing customer relationships

When you become a customer or member with us, we process personal data as mentioned above. If you have an existing customer relationship with us, we may send you marketing by email and SMS, in accordance with the Marketing Act § 15, as well as the Consumer Authority’s associated guidance.

The purpose is to be able to provide good customer service. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to be able to offer you relevant products and services. The legal basis can also be GDPR Article 6(1)(a), where you have given us your consent. You can unsubscribe from marketing by email and SMS at any time.

Information on how to unsubscribe is provided in all emails and SMS messages we send that are related to marketing. The information is kept until the registered person requests to be deleted.

Newsletter

We may send out newsletters in the form of email, with articles, blog posts, discounts, offers, free templates, checklists, and the like.

The newsletters may occasionally also contain information about our products and services. When you subscribe to newsletters, we process personal data such as contact information and IP address.

The purpose is to be able to inform about relevant news and offers, as well as to provide good customer service to potential and existing customers.

The legal basis is GDPR Article 6(1)(a) consent. It is voluntary to subscribe to the newsletters, and you can withdraw your consent at any time (unsubscribe) by clicking on “unsubscribe” or “opt out” at the bottom of one of the emails. The information is kept until the registered person requests to be deleted.

Job application and employment

When you apply for a job with us, we process personal data such as contact information, CV, and other information we need to be able to assess your application. The legal basis is GDPR Article 6(1)(b) agreement, and possibly Article 9(2)(b) and (h) if your application contains special categories of personal data. The information is stored as long as it is relevant for the purpose, and then deleted.

For employees, we process personal data as mentioned above, in addition to information that is necessary to be able to pay salaries and otherwise administer the employment relationship. The legal basis for this is GDPR Article 6(1)(b), and possibly Article 9(2)(b) and (h) for special categories of personal data. Information about employees is generally deleted when the employment relationship ends, unless special reasons (such as disputes about termination or dismissal) make it necessary to keep them longer. Information related to payroll administration is kept for up to five years, according to the rules in the Bookkeeping Act.

Events, including digital ones

When you participate in free events with us, we collect and process personal data such as contact information. For paid events, we also collect order and payment information. The purpose is to be able to offer customers and potential customers relevant courses, lectures, and workshops.

The legal basis is GDPR Article 6(1)(a) consent or (b) agreement. The information is kept until you withdraw your consent and possibly request that it be deleted, or, in the case of an agreement, for up to five years according to the rules in the Bookkeeping Act.

Surveys

We always inform about the purpose of surveys we conduct, and whether they are anonymous or not. We do not share the information with others, or use it for purposes other than what we have stated. For anonymous surveys, no personal data is collected.

The legal basis for surveys that are not anonymous is GDPR Article 6(1)(a) consent. The information is stored as long as it is relevant for the purpose, or until you withdraw your consent and possibly request that it be deleted.

Suppliers, partners, and data processors

When you enter into an agreement with us either as a supplier, partner, or data processor, we process personal data such as contact information. Other information is normally related to a business, and thus not personal data.

The purpose is to be able to enter into such agreements, and the legal basis is GDPR Article 6(1)(b) agreement. The information is kept for up to five years, according to the rules in the Bookkeeping Act.

Use of the website

When you use our website, we process personal data such as IP address and other technical data, collected via cookies and analysis tools.

The purpose is to give you a good user experience, as well as to prepare statistics to be able to improve and develop our website and service offering. The legal basis is GDPR Article 6(1)(f), where the legitimate interests are to give you a good user experience, as well as improvement of our website and service offering.

  1. Who We Share Personal Data With

To be able to run our business, we sometimes need to share your personal data with parties such as:

  • Data processors: suppliers of various services and products that process your personal data on our behalf (for example, for IT and administration services, accounting, cloud storage, web hosting, sending emails, and the like)
  • Professional advisors from industries such as legal, finance, accounting, auditing, and insurance
  • User support for IT and administration systems
  • Public authorities we are obliged to report to

We require that everyone we share your personal data with secures your data in accordance with good information security, and according to the requirements of the GDPR. We enter into data processor agreements with all suppliers.

  1. Transfer of Personal Data Outside the EU/EEA

In some cases, your personal data is transferred outside the EU/EEA, for example where we use suppliers outside the EU/EEA to handle the sending of newsletters, to process customer information, to make products and services available on our website, to enable payment, for security on our website, and otherwise to be able to run our business in a safe and efficient manner.

Transfer of personal data outside the EU/EEA is only permitted to countries approved by the EU Commission, or under necessary guarantees according to the GDPR. This can be Privacy Shield for suppliers we use based in the USA, use of EU standard contracts, or according to binding corporate rules. If you want to know which suppliers we use outside the EU/EEA, and get access to documentation of necessary guarantees, you can contact us.

  1. Security

We take information security seriously, and we will always do our utmost to protect your personal data in the best possible way. Among other things, we use strong passwords, data encryption, access control, backup, and two-factor authentication to secure our data and prevent unauthorized access to view, change, delete, or in any way affect the data we store, including your personal data.

We only use recognized suppliers of IT and administration services such as web hosting, website and PC security, virus programs, email providers, backup, and more.

We only allow others to access and/or process your personal data in accordance with our instructions, and only where strictly necessary (e.g., for IT support).

We have established procedures for handling data security breaches, and we will, in case of deviations, send a deviation report to the Norwegian Data Protection Authority within 72 hours after discovering the breach. If the breach poses a high privacy risk, we will also notify affected registered individuals.

Cookies and Analysis Tools on This Website

What are cookies?

A cookie is a text file that is stored in your browser when you visit a website. Below we describe how we use cookies and analysis tools on our website, in accordance with the Electronic Communications Act, in the so-called “cookie paragraph”: 2-7 b Use of cookies.

Deactivate or delete cookies

You can turn off and/or delete cookies in your browser yourself. On the website nettvett.no, you can learn how to do this for most browsers. There you can also learn more about safer use of the internet. If you turn off or delete cookies, however, you may change your user experience on a website, and sometimes services on a website will no longer function properly.

Affiliate links / Sponsored links

We may recommend various products and services through so-called affiliate links (sponsored links), which are created uniquely for us. When you click on such a link, a cookie is stored in your browser, so that it should be possible to track any purchase. We always clearly inform about the use of such links.

Approval of cookies

We use cookies. We use cookies to personalize content and ads, to provide social media features, and to analyze our traffic.

Your Consent applies to this website.