Privacy policy

Privacy Policy

This Privacy Policy contains information about how Photocure processes your personal data when you use our homepage, register for our newsletters or when you contact us. We advise you to read our Privacy Policy carefully.

The controller of the personal data mentioned in this privacy policy is Photocure ASA.

If you have any questions regarding our processing of personal data or want to execute your rights, please contact our data protection contact person, Tone Onsøien Haslie, by email: privacy@photocure.com

Key Concepts

Important definitions:

• Personal data means any information relating to an identified or identifiable natural person. Examples of personal data include name, phone number and IP address.
• Processing means any operation which is performed on personal data, including collection, analysis and storing
• Cookies are small text files stored on your computer when you download a website.

How we collect data

We collect some data automatically, using cookies. Our cookies collect information about how you use our websites to help us improve. If you don't want us to collect personal data using cookies, you may change this in the settings of your browser or withdraw your consent pursuant to this Privacy Policy.

We also collect some data from you when you register for our newsletter or when you contact us (by e-mail or via a website visitors survey).

You are not obliged to share any information with us, but sometimes lack of information may prevent us from offering our services. For example, we will not be able to answer your questions if you don't share your contact information with us.

The legal basis for the processing

We only process personal data on the following legal bases:

• When you have given consent to the processing of your personal data for one or more of the specific purposes.
• When it is necessary for compliance with a legal obligation to which we are subject, such as fraud prevention.
• When it is necessary for the purposes of our legitimate interest to inform you about our products and services, to deliver, develop and maintain our products and provide and develop our services, ask you for feedback, or provide you other relevant marketing information about our products and services and to maintain the customer relationship. Where we rely on legitimate interests as a legal basis for processing personal data, we have considered whether or not those interests are overridden by your rights and freedoms and have concluded that they are not.

What kind of data we handle and why

We handle different kinds of personal data depending on how you use our websites or contact us.

When you visit our websites, we collect some data about how you use them. This may contain information about the time and date for your visit, for how long you stay, which pages you visit and how you entered our websites, collected through electronic identification and behavior data such as cookie data and IP address.

We process this information because we have a legitimate interest in knowing how you use our websites to help us improve, and this is considered to be little invasive to you.

When you register for our newsletter, we collect data about your email address and the time and date for your registration. We need these data to be able to send you our newsletters and for documentation purposes.

We will only collect these data and send you our newsletter with your consent. You may withdraw your consent at any time using the "unsubscribe"-link in the bottom of our newsletter.

If you reply to the occasional website visitors survey, you may also decide to leave your e-mail address in order to be contacted by Photocure.

When you contact us, we handle any personal information you give us in addition to the time, date and channels for your request. We have to handle this information to be able to respond to your request.

For how long personal data is stored

We only process personal data for as long as it takes to fulfil the purpose of their collection.

We may anonymize data to be able to keep them to make statistics. Anonymized data is not connected to an identifiable person and is not considered personal data.

• When registering for our newsletters, we process your email address until you unsubscribe or until the consent is no longer valid for other reasons.
• Personal data collected from cookies are stored here:
  https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies, 
  https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
  https://www.getirwin.com/privacy
• Requests and personal data collected from privacy@photocure.com or via a website visitors survey are stored for one year after the case is closed. This is to enable us to follow up requests.

The safety of your personal data

To make sure your data is safe, we have safety measures in our office facilities and our systems as well as routines to prevent anyone who don't need them to access your personal data. We are regularly going through our safety measures to make sure they are satisfactory and up to date.

In addition to the safety in our systems, we have routines to make sure that our partners and subcontractors are processing personal data in accordance with this privacy policy.

In case of any data breaches, we will notify the appropriate data protection supervisory authority and you, to the extent required under applicable law. Furthermore, we will inform any other regulatory authority if required by law.

Who we share personal data with

Sometimes we have to share personal data with others, such as our subcontractors or with public authorities. We have data processing agreements with all our subcontractors and partners, regulating any processing of personal data to make sure that they are processing personal data in accordance with this privacy policy.

We may share personal data with:

• Third-party developers of the website and data processors we use as subcontractors. This is necessary to be able to offer our services.
• Public authorities when we are obliged to do so by law, for example on the order of police or the court.

We do not sell your personal data to any third party.

Your rights

You have the right to:

• Get to know what information we have about you.
• Demand that wrongful, unnecessary, inadequate or outdated personal data are corrected or deleted.
• Withdraw your consents at any time.
• Deactivate automatic collection of data (cookies).
• Protest against processing of personal data you find unlawful.
• Have a copy of the information we have about you for yourself or others you want to share it with (data portability).

Be aware that by execution of these rights, we will ask you to identify yourself. That is to make sure that we don't hand out your personal data to others.

If you think we don't follow these terms or any law, please notify us by contacting our data protection contact person. Her contact information is available in the beginning of this privacy policy. You also have the right to complain to your local data protection supervisory authority.