It is important to us at Mpathic DA that we process your personal information in a way that reassures you and earns your trust when you visit this website (the “Website”). This privacy statement (the “Privacy Statement”) contains information you are entitled to, since our site and our affiliates collect information about you. Also, this statement contains general information about how we process personal data.
We know it can be overwhelming and tedious to wade through the Privacy Statement. However, important information is shared here, and we have done our best to convey it in an easy-to-understand way. We therefore encourage you to read the Privacy Statement carefully. If you have any questions or comments, please contact us. Contact information is located at the bottom of this page.
In order to offer you our service, we depend on collecting some information about you. If you do not wish to provide the requested information, you cannot buy any items from us. By using the Website, you confirm that you have read, understand and agree to the contents of the Privacy Statement.
You can withdraw your consent at any time by contacting us. However, once you withdraw your consent, we can no longer provide our services to you and we’ll no longer have any history of your relationship with us.
If persons under the age of 16 have provided us with personal information, we will delete that information as soon as their parents contact us and let us know of the situation.
DEFINITIONS OF PERSONAL INFORMATION AND PROCESSING
Personal information means information that can be linked to a natural person, such as information about name, place of residence and email address. Processing refers to any use of personal data, such as collection, registration, compilation, storage and delivery.
We try our best to protect your personal information to prevent its loss, misuse, unauthorized access, disclosure or modification.
OVERVIEW OF PERSONAL INFORMATION WE COLLECT, THE BASIS OF PROCESSING AND THE PURPOSE OF THE COLLECTION
In the event of a purchase
If you purchase with us, we collect the following information:
In the event of an email request
If you send us an email, we collect all the information you send us.
PROTECTION AGAINST TRACKING
We recommend using the browser extension “uBlock Origin” and using a VPN whenever you surf the Internet. In this way, you avoid unnecessarily and unwittingly giving away personal information to our third parties and other players who track your activity online.
COLLECTION OF PERSONAL INFORMATION THROUGH THIRD-PARTY SOLUTIONS
To fulfil our services, we use some third-party solutions. These third-party solutions also collect personal information about you and act as our data processors.
Your personal data is transferred within the European Economic Area and other countries that the European Commission considers have adequate protection of personal data based on Article 45 of Regulation (EU) 2016/679. Your consent to this privacy statement represents your consent to this transfer.
Hosting of WooCommerce (shopping cart solution)
For handling orders, we are using WooCommerce. All of of your order details are stored in the WooCommerce database. Our installation of WooCommerce runs on a server provided by PRO ISP AS.
Stripe (payment solution)
For processing payments, we use Stripe.
To track visitors to our website, we use our own installation of Matomo on a server we control. No person-sensitive statistics from Matomo are shared with any third parties.
We use ProtonMail as our email solution. The contents of all incoming and outgoing emails are stored encrypted on ProtonMail’s servers.
For our accounting, we use Fiken.
Data processor agreement: We have entered into a separate data processor agreement with Fiken. For more information see hjelp.fiken.no.
ROUTINES FOR DATA DELETION
We delete customers from our registers if they write to us and let us know they want to be deleted from our customer database.
We delete data about customers who have made made no purchases from us for a minimum of eight years.
PROVISION OF INFORMATION TO OTHERS
Should we disclose personal information to organizations that perform services on our behalf, we will require that service providers only use such personal information to provide such services to us. We will obtain the guarantees deemed necessary for the protection of your personal data.
All third parties who receive personal data from us are obliged to comply with our standards for the processing of personal data or equivalent standards, as well as obligations that follow from the privacy legislation in force at any given time.
If it is required by law or there is a suspicion that an offence has been committed in connection with the use of our services, personal information we have stored about you may have to be disclosed to public authorities.
If personal data may be subject to transfer to another organization in connection with a merger, financing, reorganization or dissolution transaction of all or part of us, we will only do so if the parties involved have entered into an agreement where the collection, use and sharing of personal data is limited to the purposes of the transaction, including a provision as to whether or not the transaction is to proceed, and the personal data shall only be used by the parties involved to complete the transaction. If another company buys us or our business or assets, that company will have access to the personal information collected by us and will assume the rights and obligations regarding your personal information as described in this privacy statement.
If you want to demand access, correction or deletion of personal data or if you have questions or requests about this Privacy Statement or about our processing or you have a complaint about our processing, you can find our contact information on this page.
You also have the right to lodge a complaint with the Norwegian Data Protection Authority about any matter concerning our processing of your personal data. Contact information can be found at www.datatilsynet.no.