Privacy policy

Privacy Policy

This Privacy Policy contains information about how Photocure processes your personal data when you use our Photocure.com or Hexvix.com websites, register for our newsletters or when you contact us. We advise you to read our Privacy Policy carefully.

The controller of the personal data mentioned in this privacy policy is Photocure ASA.

If you have any questions regarding our processing of personal data or want to execute your rights, please contact our data protection contact person:

Tone Onsøien Haslie

privacy@photocure.com

Key Concepts

Important definitions:

• Personal data refers to any information that can identify you directly or indirectly, such as your name, email address, or IP address.
• Processing refers to actions performed on personal data, such as collecting, analysis, storing, and sharing. Cookies are small files stored on your device when visiting a website. They help improve user experience and track behavior. CookieYes is a consent management tool used on websites to help manage your cookie preferences.
• Rebrandly is a link tracking tool used on Hexvix.com to measure digital engagement with shortened links.

How we collect data

We collect data through the following methods:

• Automatically, using cookies to help us understand your visit activity on Photocure.com or Hexvix.com, which can help us improve the online experience. CookieYes helps manage your consent for this data collection. If you don't want us to collect personal data using cookies, you may opt out using CookieYes or withdraw your consent pursuant to this Privacy Policy.
• When you sign up for our newsletters, by collecting your email address at time of registration.
• When you fill out a contact form or respond to a survey.
• When you click on a Rebrandly link used on Hexvix.com, we collect non-identifiable data such as click count, timestamp, referrer, and location.

You are not obliged to share any information with us but sometimes lack of information may prevent us from offering our services. For example, we will not be able to answer your questions if you don't share your contact information with us.

Legal basis for processing

We process personal data based on:

• Your consent for activities such as sending newsletters, setting cookies, and tracking Rebrandly link clicks. 
• Legal obligations where necessary to comply with laws such as fraud prevention and regulatory requirements.
• Legitimate interests, such as improving our websites and communicating with users so long as your rights are maintained and respected. 

The data we collect and why

When you visit our websites, we may collect your personal IP address, browser type, visit duration, and the pages you view. This information helps us understand how our sites are used and to improve user experience.

When you sign up for our newsletter, we collect your email address and the time and date for your registration, so we can send you our newsletters and for documentation purposes. You can unsubscribe at any time using the "unsubscribe" link at the bottom of our newsletter.

If you contact us or submit a survey, we collect the data you provide, such as your name, email, and message, in order to respond to your inquiry or feedback.

When you click on a Rebrandly link on Hexvix.com, we collect data such as the time of the click, general location, device type, and referring source. This helps us track campaign performance but does not personally identify you unless combined with other voluntarily provided data.
 

Data retention

We retain personal data only for as long as it takes to fulfil its purpose of collection.

• Newsletter data is retained until you unsubscribe or withdraw consent. 
• Survey data, contact form data, and personal data collected through emails to privacy@photocure.com is retained for one year after your case or inquiry is closed.
• Cookie and tracking data are retained per each provider’s policy:
  • CookieYes: www.cookieyes.com/privacy-policy
  • Google Analytics: developers.google.com/analytics
  • Hotjar: help.hotjar.com and https://www.getirwin.com/privacy
  • Rebrandly: www.rebrandly.com/privacy-policy 

Anonymized data that cannot identify you may be kept for statistical purposes.

The safety of your personal data / How we protect your data

We implement both technical and organizational safeguards to ensure the security of your personal data. These safeguards include: 

• Secure servers and encryption
•  Access controls and staff confidentiality measures
• Regular review and auditing of security practices
• Contracts with third-party service providers to ensure that they follow data protection standards.

In the event of a data breach, we will notify you and relevant authorities as required by law.

Who we share data with

We do not sell your personal data.

We may share data with trusted service providers and processors, such as web developers, analytics services, Rebrandly, and CookieYes. All such partners are bound by strict data protection agreements.

If required by law, we may also disclose data to authorities such as courts or law enforcement.

When we share data with others, it is in accordance with this privacy policy and because it is necessary for the services we offer.

Your rights

You have the right to:

• Know what personal data of yours we hold. 
• Request and require correction or deletion of inaccurate or unnecessary data. 
• Withdraw your consent at any time.
• Disable cookies using your browser settings or the CookieYes banner Object to the unlawful processing of personal data.
• Obtain a copy of your data that is on file with us (data portability).

To protect your data from unauthorized access, we may ask for proof of identity before processing any request.

If you believe we are not complying with data protection laws, please contact our data protection person. You also may file a complaint with your local data protection authority.