The website you are visiting is developed by Secure Practice AS (org.nr. NO 919 420 197) to market and sell our own products and services. The following privacy policy applies to your use of our online services, including both this website, our exercise web app, and other interactions with us which you do as an individual, not already covered by a data processing agreement with the organization you are employed at.
Our basic attitude is that we want to process as little information about identifiable individuals as possible. At the same time, we want to offer relevant information and contact to those who request this, and to use anonymous data for analytics and further development of our own services.
The following applies when using our online services:
Responsibility
Secure Practice, under supervision by our Chief Executive Officer, is the data controller for our own websites, including public exercises, which we manage ourselves. Infrastructure is hosted by a third party, under a data processing agreement between Secure Practice and our data processor, which specifies how our data shall be processed and protected at this level. The agreement ensures that – along with technical measures – the data shall only be processed upon our instructions, that they shall only be processed in the EU/EEA, and that they shall only be accessed by Secure Practice employees, yet always only on a need-to-know basis.
Statistics
Secure Practice collects deidentified information about visitors on our websites. This is done to allow us to analyze how our websites are used, so that we can develop and improve their contents and structure.
When you visit one of our websites, we store information about which pages are visited and at which time this happens, and which web browser is used. In addition, we process the IP address as required, but we only store a limited part of it for statistical purposes after making an approximate geographical lookup through using a local database.
In order to collect statistics, we use an internally operated statistics tool, which does not process or share data with external parties.
Cookies
The statistics tools we use store something called cookies on the device you are using. Cookies are used to identify your device aross page views, so that we can collect deidentified statistics as described above.
The video player will store cookies when you play an embedded video. Our service provider Vimeo will also store deidentified information about your nationality, duration of video play, and similar (privacy policy), but only upon your specific consent to enable embedded content when using our website.
We also store our own cookie ("spid") on your device, and this is today used in relation to any download of exclusive content or when you sign up for our services (see below).
You have full access to deny websites from storing cookies on your device, see allaboutcookies.org for more information (external site). Unless you do this, you have given your consent to our use of cookies. You can also activate the Do-Not-Track-setting in your web browser to partially avoid being tracked.
Exercises
If you sign up for an exercise session, and this is not facilitated under the governance of your employer, for instance in public settings with participations from many organizations, our data processing is based on the consent you give us at the time of sign-up.
As described during sign-up in these cases, data from such exercises, including your name, email address, phone number and data you provide as exercise input, are processed anonymously, and only for the purpose of completing the given exercise session, and are automatically deleted within 30 days.
In case a diploma is offered through this exercise, the diploma is made available on a unique link, which makes it possible to share on social media. Since this link becomes unavailable due to the deletion of your data after 30 days, you can download the diploma on your personal device within this time frame.
You can exercise your rights as a data subject according to GDPR, including access and erasure, by sending a request to: privacy@securepractice.no
Newsletter
If you sign up for our newsletter, we will store your email address. This address will not be shared with other parties, and is only used to send you relevant communications in a limited fashion.
You can be removed from our mailing list at any time by emailing us: privacy@securepractice.no
Contact form
If you contact us via our contact form, we store any relevant information you input to allow us to follow up on your request.
Unless you actively specify approval of additional use of your contact information, we will not use this information for any other purpose.
Other communications
Whenever you get in touch with us, either via email, phone or by other means, we exercise our legitimate interest to process these communication data with a purpose is to follow up on potential customers.
In relation to this, your contact details may be stored in our customer relations management (CRM) system for further follow-up, with our service provider HubSpot.
Questions?
Feel free to send us an email via privacy@securepractice.no or call us at (+47) 92 12 1337.