Privacy Policy
1. Introduction
Papirfly AS (“we“, “our” or “Papirfly“) value the trust of our platform visitors, and your privacy is important to us.
We are committed to protecting the privacy and security of your personal data. This privacy policy describes how we collect, store, process and protect your personal data in accordance with the General Data Protection Regulation (GDPR). The privacy policy applies to all individuals who visit or use our platforms.
2. Our contact details
Papirfly is the controller for the processing activities set out in this privacy policy. Please feel free to contact us if you have any questions related to how we process your personal data through the following contact details:
Address: Papirfly AS, Universitetsgata 2, 0164 Oslo, Norway
Contact person: Marianne Barstad
Email: dpo@papirfly.com
3. How we process your personal data
Personal data means any information about an individual from which that person can directly or indirectly be identified. We collect and process personal data about our platform users directly from our users when they login and then we anonymise their personal data before they interact with our platform, in accordance with applicable laws, regulations and our internal routines.
Papirfly processes personal data for the following purposes:
- We process your name, email, UserID and username when you login for the purpose of enabling you to access and use our service. The legal basis for the processing of personal data for such a purpose is our legitimate interest in enabling access to our services.
- We process your anonymised personal data as well as operational events in your interaction with our services (such as when clicking “downloads”, “uploads”, “creations, “Log In”, “deleted” and “View”) for the following purposes:
- improving, customising, and expanding our service.
- understanding and analysing how you use our service.
- developing new products, services, features, and functionality.
We do not process special categories of personal data about you.
4. Who do we share your personal data with and processing outside the EEA
We use data processors to assist us with various processes and services, to whom we share personal data. The data processors we use are suppliers of IT systems and other technical systems who perform tasks on our behalf and according to our instructions. We have entered into data processing agreements with our data processors to ensure that personal data is processed lawfully and according to our instructions, and where the data processors undertake the same level of security as we have for our processing of personal data.
In some situations, we need to share your personal data with third parties in connection with mergers, demergers and possible acquisitions. We may also share personal data with other third parties, if necessary, for example, if required by law (for example, with public authorities).
Our processing of personal data may involve transfer to countries outside the EEA. We are taking appropriate measures, in accordance with GDPR Chapter V, to ensure that such transfers are lawful. For more information, please contact us.
5. Use of cookies
We use cookies on our website. Cookies are small text files that are stored on your computer. More information about cookies and which cookies are used on our website can be found in our cookie policy.
6. Security
We have physical and technical measures as well as procedures appropriate for protecting personal data depending on the type of data. These measures are designed to protect your personal data from accidental loss, unauthorised access, accidental copying, use, alteration and disclosure.
7. How long we store your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements, after which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or for another legitimate and lawful purpose. To determine the appropriate retention period for personal data, we take a number of factors into account.
In some circumstances we may anonymise your personal data so that you are no longer identifiable, in which case we may use such information without further notice to you.
8. Your rights
You have a number of rights related to our processing of your personal data. You have the right to access, correction, limitation, deletion and data portability in connection with our processing of your personal data. You also have the right to object to our processing of personal data.
Please note, however, that certain personal data may be exempt from such access, correction and deletion requests pursuant to applicable data protection laws or other laws and regulations.
If you want to make a request in respect of your rights relating to your personal data, please email or write to our contacts which are shown above. We will respond to your inquiry as soon as possible, and at the latest within 30 days. If it takes longer than 30 days, you will be notified. If your request or concern is not satisfactorily resolved by us, you can contact Datatilsynet at datatilsynet.no or your local supervisory authority.
9. Changes to this privacy policy
We might update this privacy policy when there is a change in our practices, change in legislation or when we have a need for it. You can always find our latest privacy policy on our platforms, and we will provide you with a new policy when we make any substantial updates.
If you have any questions about this privacy policy, please contact us through the contact details set out above.
This Privacy Policy was last updated on: 07/10/2024