Privacy Policy for Nurofy

This statement describes the types of personal data Nurofy may collect and process about you if you are a customer or affiliated with one of our customers, if you have visited our website or requested information from us.

All references to “we” and “us” refer to the Norwegian company Nurofy AS. If you have any further questions after reading this statement, do not hesitate to contact us on lars.orgersen@nurofy.no.

1. The data we collect

1.1 Customers and user accounts

In connection with the purchase of our products, we process information about our customers in order to fulfill the contract and administrate the customer relationship. The customer data we collect is:

• Name of the customer or contact person affiliated with the customer
• E-mail
• Payment detail related to the business affiliated with the customer

The legal basis for the processing is the agreement we have with the customer.

We retain customer information for at least five years, pursuant to the storage obligation in Section 13 of the Norwegian Bookkeeping Act. In the event of outstanding amounts or customer disputes, we may store information for the duration necessary to legally solve the dispute.

1.2 Users of our services and website

We use cookies in our services and on our website to perform analysis of how you use our website and services. In our services we use cookies collecting information about which business you enter the service on behalf of, IP-address and how the service is used. The cookies are delivered by Hotjar.

Cookies are small text files that are stored on your computer, phone, tablet or any other device you may use to access our website.

The legal basis for the processing is our legitimate interest in developing and developing our services to become more user friendly.

We may also use cookies for marketing purposes, in such events the legal basis for the processing is consent.

2. Where we process your personal data

We mainly process personal data with hosting in the EU/EEA area.

Recipients of the personal data

We do not disclose and/or share your personal data to third parties except where it is necessary for fulfilling an agreement with you, we have received your consent or for fulfilling our legal obligations. For some administrative purposes we use subcontractors (processors). We have secured that the processing is in accordance with the requirements of GDPR by entering into data processing agreements with the data processor. The data processing agreements also ensure that the personal data is not used for any other purpose.

4. Your rights as a data subject

As a data subject, you may require:

• Access to the data we process about you. We would then provide you with a copy of the data we process.
• Correction of your personal data, if you believe the information, we keep about you is incorrect.
• Deletion of your personal data. In some events you may ask us to delete our personal data.
• If consent is the legal basis for processing of your personal data, you may at any time withdraw your consent by contacting us.
• You may also have the right to object to our processing of personal data when we process your data based on our legitimate interest or for direct marketing purposes. We would then have to stop the processing, unless we can demonstrate compelling legitimate grounds for the processing.

If you have any concerns about how we process your personal data, you are welcome to file a complaint to the Norwegian Data Protection Authority (Datatilsynet): https://www.datatilsynet.no/om-datatilsynet/kontakt-oss/hvordan-kan-jeg-klage-til-datatilsynet/ or the relevant data protection authority in your country.