Privacy Policy

This Privacy Policy accounts for how Eys AS(from now on «we» or «us») gather and use information pertaining to visitors on our websites. The policy contains information you are entitled to when information is gathered on our websites and general information concerning how we manage personal information.

Eys AS is the service manager for the company’s processing of personal data. It is voluntary for those who visit the website to provide personal information in connection with services such as receiving newsletters and using the share and tip service. The treatment basis is the consent of the individual unless otherwise specified.

Web analytics and cookies

As an important part of the work of creating a user-friendly website, we look at the user pattern of those who visit the site. We analyze user behavior to make the user experience better. The purpose of using cookies is therefore to improve the customer experience. To analyze the information, we use the analysis tool Google Analytics.

Google Analytics uses cookies (small text files that the site stores on the user’s computer), which records the user’s IP address, and provides information about each user’s online movement. Examples of what the statistics give us answers to are; how many people visit different pages, how long the visit lasts, which sites the users come from and which browsers are used. None of the cookies allows us to associate information about your use of the site with you as an individual. Cookie data is automatically deleted 14 months after registration. You can do it yourself and manage the use of cookies by adjusting settings on your browser. The information collected by Google Analytics is stored on Google’s servers in the United States. Information received is subject to Google guidelines for Privacy.

An IP address is defined as personal information because it can be traced back to a particular hardware and thus to an individual. We anonymize the user’s IP address before the information is stored and processed by Google. Thus, the anonymized IP address cannot be used to identify the individual user.

Your IP address is also logged for a short period by our web servers. The user’s IP-address, time of day, website address, HTTP status, number of bytes sent, HTTP referrer and HTTP user agent is logged for 15 days. Beyond this point, the data is deleted.

Search

Eys stores information about which keywords users use on our sites through Google Analytics. The purpose of the storage is to make our information offer better. The usage pattern for search is stored in aggregate form. Only the keyword is stored, and they cannot be linked to other user information such as IP addresses.

Share/tips-service

The “Share with others”- feature is voluntary and can be used to forward links to the site by email, or to share the content of social networking sites such as Facebook. Information about tips is not logged with us but is only used there and then to post the tip on the social networking site. However, we cannot guarantee that the online community will not log this information. All such services should, therefore, be used wisely. You may contact the relevant service provider or online community to receive information about its collection, use, processing, and personal data protection. If you use the e-mail feature, we only use the e-mail addresses given to forward the message without any form of storage.

Newsletter

It is possible to subscribe to newsletters and information about our events for anyone wanting to receive such information. In order for us to be able to send an email, you must register an email address. The legal basis for processing for this purpose is consent, cf. GDPR Article 6, paragraph 1, letter a. To be able to invite you to relevant events, we also record which business you are working for, the legal basis for this is GDPR Article 6, paragraph 1, letter f, a legitimate interest. This information is not shared with other businesses and is deleted when we are told that you no longer wish to receive information from us. The information is also deleted if we receive feedback that the e-mail address is no longer active. HubSpot is our data processor for the newsletter.

Comments

Where it is possible for the users to make comments on articles, the name and e-mail address are required. The name and email address will not be published with the comment but will be stored with us so that the user can easily comment on the articles later. The legal basis for the treatment is Article 6 (1) (f) of the GDPR, a legitimate interest.

Social Media

In addition to this website, we maintain social media sites on Facebook, Instagram, YouTube and LinkedIn. If you visit one of these presences, personal data may be transmitted to the provider of the social network. We draw your attention to the fact that user data may be transferred to a server in a third-party country and may therefore be processed outside the European Union.

In addition to the storage of the specific data you have entered in this social medium, further information may also be processed by the provider of the social network. If you are logged into the network with your personal user account while visiting the corresponding website, this network can assign the visit to this account. The purpose and scope of the data collection by the respective medium and the further processing of your data there, as well as your rights in this regard, can be found in the respective provisions of the respective person responsible, e.g. below:

Google/YouTube: Privacy statement
Instagram: Privacy statement
LinkedIn: Privacy statement
Meta: Privacy statement

Course Systems

When you enroll in courses and events, we ask you to register your name, organization, email, optometrist license number and invoice reference. With the exception of name and organization, which will be published on participant lists, information is not shared with others, with the exception of sharing with data processors we have engaged for this purpose (e.g. for managing course submissions and for conducting the actual course event). The legal basis for the processing of personal data in connection with this is the GDPR Article 6, paragraph 1, letter a, consent, or alternatively letter b, to fulfill an agreement that the data subject is party to or to take action on the data subject’s request before sourcing.

Customer Relationship Management

HubSpot is an integrated software solution with which we cover various aspects of our online marketing activities, among contact management via the CRM system. The legal basis for the use of the services of HubSpot is our rightful interest according to art. 6 I f GDPR due to the optimization of our marketing measures and the improvement of our service quality on the website.

HubSpot meets the minimum requirements for legally compliant order data processing by concluding the European standard data protection clause. In addition, there is a Data Processing Agreement (DPA) with HubSpot. This ensures that HubSpot uses the user’s data only within the framework of EU data protection standards and does not pass them on to third parties. For more information, please refer to HubSpot’s data privacy policy.

Login with general user management

Some services require that you log in via our general user management. In these, it will be possible to register names, e-mail, telephone, organization, and website. The information is not shared with others.

Page and service functionality

Cookies are used in the operation and presentation of data from websites. Such cookies may include language code information for the language selected by the user. It can be cookies with information that supports the load balancing of the system so that all users are guaranteed the best possible experience. For services that require login or search, cookies can be used that ensure that the service presents data to the right recipient.

Sharing information

We may share your information:
With the public, if you submit content to one of our forums, such as blog comments, social media posting, or other features of our services that are publicly visible; with third parties such as other sites that integrate with our API or our Services; or those with an API or service that we integrate with; any necessary third party engaged by us, including data processors, vendors, consultants, marketing partners, and other service providers who need access to such information to perform work on our behalf; in response to an information request by a competent authority if we believe disclosure is under or otherwise required by applicable law, regulation, license or legal process; if we otherwise notify you and you consent to the sharing; and in an aggregate and/or anonymous form which cannot be reasonably expected to be used to identify you.

Security

We have established procedures for managing personal information in a secure manner. The measures are of a technical and organizational nature. We make regular assessments of the security of all key systems used for the handling of personal data, and agreements have been entered into that require suppliers of such systems and partners to ensure satisfactory information security.

Your rights

You can at any time request; access, limitation, correction, relocation (the right to data portability) and the deletion of personal information we hold. You also have the right to request a copy of the personal information in a machine-readable format. In some cases, we are required by law to process certain personal data and in these cases, your rights will be limited. If you do not wish to publish or give us access to your personal information, you are in your full right, but it is not necessarily possible for us to offer you the service you request. If you disagree with the way we process your personal information, you can appeal to Datatilsynet.

Changes to the Privacy Policy

We reserve the right to make minor changes to this Privacy Policy. In the event of significant changes to this Privacy Policy, we will inform you of this on our website. You will always be able to find the latest updated version on our website. If you do not accept the new changes, we may not be able to provide you with the services you request.

Contact us

If you use the “Contact us” service on our website, you are asked to leave information about your name, email address and a custom description of what we can help you with. The purpose of this function is that we can easily follow up inquiries from you as a user, customer, or potential customer. The basis for the treatment is consent, cf. GDPR Article 6, no. 1, letter a. If you have inquiries regarding our privacy statement or wish to exercise your rights, please contact us: Contact by email: info@eys.care Postal address: Øvre Slottsgate 18-20, 0157 Oslo.

Governing law and venue

This privacy statement is governed by Norwegian law. Venue is Oslo District Court.