Who we are and what this statement is about
The statement applies to the website: https://www.blueanalytics.no/
Blue Analytics AS (“Blue Analytics” or “we / our / us”), through the CEO, is responsible for the processing of your personal data.
Our address is: Kong Christian Frederiks plass 3, 5008 Bergen, Norway, e-mail: firstname.lastname@example.org.
Our organization number is: 924 600 497.
Our basis for the processing of your personal data
As stated in the points below, Blue Analytics will be able to process specified personal information about you, mainly:
• on the basis of Blue Analytics’ legitimate interests (according to GDPR, Article 6, No. 1 letter f), including Blue Analytics’ legitimate interest in showing you what services we offer, and in order to further develop and improve our services,
• to be able to fulfill or enter into an agreement with you (according to GDPR, Article 6 No. 1 letter b), including an agreement on analysis assignments or employment agreement, and
• on the basis of your express consent, which you are at any time free to withdraw (according to GDPR, Article 6 No. 1 letter a, ref. Article 7).
We do not process sensitive personal information about you.
What personal information we collect and why we do it
Cookies are small text files that are placed on your computer when you visit a website.
Blue Analytics uses both necessary and functional cookies, as well as cookies for analysis / statistics. That is, cookies that ensure that our website works, cookies that provide additional functions and cookies that track the use and activity of our website. In other words, the purpose is both to ensure that various services on our website work, to make the user experience better for you and to compile statistics that we use to improve and further develop our services and the information offered on the website.
For the use of necessary cookies and cookies for analysis / statistics, we have turned on a function that means that your personal information is processed in deidentified and aggregated form. By deidentified, we mean that we can not trace the information we collect back to the individual user. We collect the entire IP address, but the IP address is deidentified so that only the first three groups in the address are used to create statistics. That is, if the IP address consists of the numbers 220.127.116.11, only 195.159.103.xx is used. In addition, the IP addresses are processed at an aggregate level, meaning that all data is merged into one group and not processed individually.
Examples of cookies used for Google Analytics are:
_ga: Will be deleted automatically after 2 years. Used to separate users.
_gid: Will be deleted automatically after 24 hours. Used to separate users.
_gat: Automatically deleted after 1 minute. Used to distribute traffic / queries. When Google Analytics is distributed through Google Tag Manager, this information is called _dc_gtm.
Instructions for more information:
• How to see which cookies are used on a website
• How to manage cookies (switch on and off the approval of storage of cookies)
If you have a user account and log in to this site, we will create a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal information and will be removed when you close the browser. But when you log in, we create multiple cookies to store your login information and screen settings.
Login cookies last for two days, and screen cookies last for one year. If you select “Remember me”, the login will last for two weeks. If you log out of your user account, the login cookies will be removed.
If you edit or post an article, a cookie will be stored in your browser. It does not contain any personal information, and only refers to the post ID of the article you edited. It expires after one day. Cookies may also be used in connection with the Gravatar service (see more below).
All cookies, except those that are strictly necessary for our website to work, require your consent. You give your consent to this via our pop-up when you enter the website or via the settings in your browser.
If it is open for comments on certain posts on the website, and you enter a comment in the comment field, then we collect the personal information that appears in the comment form, in addition to the IP address and information about the browser, to prevent spam comments. The comment will be visible to everyone who visits the relevant page until you delete it.
An anonymous text string created based on your email address (also called a “hash”) can be sent to the Gravatar service to check if you have an account there. Gravatar’s privacy statement is here: https://automattic.com/privacy/. After your comment has been approved, your profile picture will be visible to anyone in connection with your comment.
If you upload images to the site, you should avoid uploading images with built-in location data (EXIF GPS). If this data is not removed, those who access the images may be able to see where and when the images were taken and which camera was used.
When you contact us via a form on the website, the information you enter is stored behind logging in to the website, and is available to the administrator and our data provider, in addition to the information being sent to us by e-mail. Sensitive information should not be sent via forms since the e-mail with the data is sent unencrypted. We store the information in our systems for as long as it is needed to be able to provide the services you request.
Embedded content from other sites
Pages and articles on this site may contain content (for example videos, images, articles, social media sharing, etc.) from other sites. Such embedded content from other sites works just as if you had been on the other sites.
Our organization uses e-mail, online project tools and telephone as part of the daily work. The employee who has the dialogue with the contact person has the day-to-day responsibility for the processing of personal data in this context.
The individual is responsible for deleting messages and information that is no longer relevant, and at least every year reviewing and deleting unnecessary content in the e-mail box. If the employee leaves, the person’s e-mail accounts will be deleted, but some relevant e-mails will normally be transferred to colleagues.
Please note that regular e-mail is unencrypted. We therefore encourage you not to send confidential, sensitive or other confidential information via e-mail. This also includes username and password.
If you wish to enter into assignments for analyzes and any other services with us, we will process personal data that is necessary to carry out the analysis assignment. This will include processing the names of contact persons, e-mail addresses, invoice information, information about which services you subscribe to, what you have paid, etc.
Who we share your information with
Data that is submitted via a form on one of these services is stored on a server at our supplier (currently PRO ISP AS).
If you are a customer of Blue Analytics, we store information about you as a customer in various systems. Some of these are also shared with our accountant (currently AZETS INSIGHT AS) and our auditor (currently DELOITTE AS).
If an analysis assignment involves assistance from other laboratories or service providers, we will also share personal information that is necessary for assistance with the analysis assignment with the mentioned suppliers.
Blue Analytics ensures that a satisfactory data processor agreement has been entered into with all suppliers who process personal data on our behalf.
Blue Analytics may use subcontractors that involve the transfer of personal data to third countries. In such cases, Blue Analytics will ensure that agreements are entered into with adequate security mechanisms in accordance with Chapter 5 of the GDPR, such as the conclusion of standard privacy provisions.
Contact us if you want an overview of which data processors we use to process information about you.
How long we store your information
If you comment on a post, the comment and information about it will be saved. This is because we should be able to recognize and approve follow-up comments automatically instead of queuing them for approval.
We store information about the users who register here, for example anyone who has access to edit content on the site, as long as they themselves want to have user access. All users can view, change and delete their personal information at any time, but they cannot change their username. Webmasters can also view and modify this information.
If you have sent us information via a form, or have a customer relationship with us, we will store the information for as long as it is necessary to be able to provide services and / or fulfill an agreement with you. This means that personal information about people who send us a request will in principle be deleted after a request has been processed, and personal information related to customers will in principle be deleted after the customer relationship has ended. Some personal information will still be able to be stored a little longer, in order to be able to see the history and thus be able to better help you on any later occasions.
What rights you have over your information
As registered, you are, under certain conditions, entitled to:
• gain access to the personal data that we process about you,
• demand that incorrect, unnecessary, incomplete or outdated personal data be corrected or removed,
• protest against treatment in connection with direct marketing, as well as know about any profiling,
• withdraw any consent to process the personal data that you have provided to us,
• receive your personal information that you have provided to us and transfer it to another data controller (data portability),
• contact us if you have input or questions related to our processing of personal data,
• complain to the Norwegian Data Protection Authority directly if you consider that the processing of your personal data is contrary to current legislation.
We point out that personal data that we process on an independent basis, for example to fulfill reporting obligations or for legal reasons, will not be able to be deleted in the event of a request for this.
If you have questions about our processing of your personal data, or wish to carry through any of your rights, please contact us at: email@example.com.