Compera Joins ITSA Growth 2024 – Empowering Growth and Driving Sustainable Innovation
New
Privacy Notice
Effective Date: 17.02.2025
1. Introduction
At Compera AS (“Compera”, “we” or “us”), we are committed to protecting the privacy of our customers, the end users of our services and products, visitors to our website and other third parties we are interacting with.
This Privacy Notice (the “Privacy Notice”) outlines the types of personal data we collect and how we use it. The Privacy Notice also describes how you may exercise your rights under the General Data Protection Regulation (the “GDPR”) and the Norwegian data protection legislation (together “data protection legislation”).
2. The Categories Of Personal Data We Collect
We collect and process the following categories of personal data:
- Contact details: This may include your name, email address, phone number, or any information you provide voluntarily when signing up, filling out forms, or communicating with support via chat, telephone, email, or surveys.
- Company data: If you register an account or communicate with us on behalf of a company, we may collect data regarding your affiliation with this company, including your role.
- Payment data and other financial information: This may include payment- and credit card information that we may need in order to provide our services.
- Usage data: Information regarding your interactions with our website and platform, including the pages you visit, the amount of time you spend on the platform, and the actions you take while using it.
- Device and browser information: We may collect details about your device, browser, operating system, and IP address to enhance performance and improve user experience.
- Cookies and tracking technologies: We may use cookies or similar technologies to track your preferences, analyse usage, and maintain your session within the application.
3. Purpose and Legal Basis for Processing Personal Data
We collect the personal data described above for the following purposes and based on the following legal grounds:
- Service provision: We process personal data about individuals who have signed up for a user account or in order to provide you with access to the services made available by Compera. This includes arranging access to your account, responding to inquiries from you and enable your use of various features within our services. We process your personal data in this respect to manage our contractual relationship with you and/or in reliance of our legitimate interests in fulfilling our obligations towards the company/ies you are affiliated with.
- Personalization: We process personal data for the purpose of tailoring the user experience based on your preferences and behaviour in the web application, in furtherance of our legitimate interests in enhancing our services and features.
- Analytics: We may process your personal data to perform data analytics in reliance of our legitimate interest in further developing our services.
- Security: We process personal data for the purposes of detecting and preventing unauthorized access, fraud, or other security breaches in order to protect against abuse of our services, ensure compliance with our agreement(s) with you and applicable law, in line with our legitimate interests in providing a secure web application.
- Communication: We may need to communicate with you about your account and provide you with support to perform our contract with you for use of the Service or, where we have not entered into a contract with you, in reliance of our legitimate interest in administering and supporting our services.
- Marketing: We may process your personal data to serve you marketing information, product recommendations, information about promotions and campaigns, but only if you opt-in to receive such communication. We may also process certain personal data for marketing purposes in reliance of our legitimate interests to promote our offerings.
- Customer Support: If you contact us through forms, chat, or other channels, we use that data to respond to your inquiries and resolve any issues, a purpose in furtherance with our legitimate interests in providing and enhancing our service to our customers.
- Performance Enhancement: We may use your personal data to improve our services in reliance of our legitimate interests in fulfilling our obligations towards the company/ies you are affiliated with.
- Compliance with Legal Obligations: We are subject to certain legal obligations that may require us to disclose your personal data to courts, law enforcement agencies, or regulatory authorities. Additionally, we process your personal data to comply with other legal obligations we are subject to, such as accounting regulations.
We may use your personal data for purposes other than those described in this Privacy Notice where permitted by law, provided that the new purpose is compatible with the original purpose for which we collected the data. If we wish to use your personal data for a purpose that is not compatible, we will notify you and explain the relevant legal basis for such use.
4. Our Use of Cookies
Cookies are small pieces of text used to store information on the user’s web browser. They are widely used to store and receive information to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
The cookies we use allow us to collect information such as browser type, anonymous traffic data and IP address, and enable us to, for example, see how users navigate on our website. While the cookies that we use may change from time to time as we improve and update our services, we use them for the following purposes:
- Necessary cookies: These cookies are required for the operation of our platform and website. They ensure basic functionalities and security features, anonymously.
- Analytical or performance cookies: We use cookies to better understand how our services are used to improve them further. These cookies allow us to measure and improve the performance of our platform.
- Functional cookies. These are used to recognize you when you return to our platform. This enables us to, inter alia, personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
You can find more information about the individual cookies we use, and the purposes for which we use them, in the table below:
| Cookie | Category | Description | Provider |
| __Host-next-auth.csrf-token | Necessary | Used for authentication. Expires after ended session. | Compera |
| __Secure-next-auth.callback-url | Necessary | Used for authentication. Expires after ended session. | Compera |
| __Secure-next-auth.session-token | Necessary | Used for authentication. Expires after ended session. | Compera |
| _ga | Analytical | Google analytics cookie. | |
| hubspotutk | Functional | Allows for Hubspot integration for support requests. | HubSpot |
You may disable the cookies we use through the settings in your internet browser. Please note that if cookies are disabled, some of the features available through our website may become unavailable or not function as intended.
5. Transfer and Disclosure of Personal Data to Third Parties
We do not sell or rent your personal information to third parties. However, we may share your data with trusted third-parties to support the delivery and operation of our web application or to fulfil requirements under applicable law. These third parties include:
- Third party service providers: these are third-party services that assist with website operation, payment services, analytics, and customer support, cloud storage providers and customer management solutions.
- Courts, law enforcement agencies, or regulatory authorities: Information may be disclosed if required by law or in response to a valid legal request.
- Professional advisors: Information may be disclosed to our lawyers, accountants, bankers and insurance providers where necessary in the course of the professional services they provide to us.
Our service providers act as data processors on our behalf. We have entered into data processing agreements with our processors which contain obligations for the data processor to implement technical and organizational measures to ensure an appropriate level of security, confidentiality and integrity for the personal data, as well as to only process the relevant personal data in accordance with the data protection legislation and our instructions. We conduct internal audits and compliance checks to ensure our data processors follow applicable privacy standards.
A list of additional details about our current sub-contractors will be provided upon request.
For clarity, when you submit reporting data through Compera’s service upon the instruction of a third party entity (e.g., a customer of the company you are reporting data on behalf of), certain data about you, such as your name and contact details, will be made available to such third party entity. For the processing of such data, Compera acts as a data processor, and the receiving entity acts as the data controller, responsible for determining the purposes and means of processing in accordance with its own Privacy Policy.
6. Transfer of Personal Data to Third Countries
Some of our processors are based in a country outside the European Economic Area (“EEA”) and the processing may, therefore, involve the transfer, storage, and processing of your personal information outside of your country of residence, consistent with this Privacy Notice.
The country may not be on the list of countries deemed as adequate by the European Commission. However, whenever we transfer personal information to countries outside of the EEA, we take appropriate measures, in compliance with applicable law, to ensure that your personal information remains protected. Such measures include the use of Standard Contractual Clauses to safeguard the transfer of data outside of the EEA.
To request more information or to obtain a copy of the contractual agreements in place, please contact us by using the contact information below.
7. Data Minimization
We adhere to the principle of data minimization, meaning we collect only the essential data necessary to operate the service. We will not ask for excessive personal information, and we will avoid collecting data that is not required for the specific functionality of the application.
8. Data Security
As a controller, we are responsible for the security and confidentiality of the personal data we process. We are furthermore responsible for implementing appropriate technical and organizational measures to ensure an appropriate level of security for the processing.
We are, for security reasons, not entitled to disclose detailed information on the security measures which we have implemented. However, documentation on information security measures can be provided upon request.
9. Data Retention
We retain your data only as long as necessary to provide the service or fulfil legal and regulatory obligations. Upon discontinuing the service or submitting a data deletion request, identifiable information, including your name, address, company, email, and phone number, will be permanently deleted. Any remaining non-identifiable data will be anonymized and preserved strictly for statistical, research, or service improvement purposes. Data deletion can be requested through the user interface or by contacting us directly.
10. Your Rights
You have the following rights regarding your personal data:
- Access: You may request a copy of the personal data we hold about you. You may also contact us if you want to obtain confirmation with respect to whether we are processing your personal data, as well as access to and further information regarding our processing of your personal data, such as the purposes, legal basis and methods of involved.
- Correction: You may request that we correct any inaccurate or incomplete information. Please note that you may also correct, update or remove certain information yourself through your account settings on the user interface.
- Deletion: You may request that we delete your personal data in cases where the processing is no longer necessary for the purpose for which it was collected or processed.
- Restriction: You may request that we restrict the processing of your personal data.
- Objection: You may be entitled to object to certain processing activities.
- Opt-Out: You can opt out of receiving marketing communications at any time.
- Complaint: You may file a complaint with your applicable data protection supervisory authority. Please contact your local data protection authority for more information. You can find the contact information for the Norwegian Data Protection Authority here.
Please note that the abovementioned rights may be subject to further exceptions and limitations in accordance with the data protection legislation.
You are welcome to contact us if you want to exercise any of these rights. Please note that we may request additional information from you if such information is necessary to confirm your identity.
11. Changes to This Policy
We may update this Privacy Notice from time to time. When significant changes are made, we will notify users through the application interface or, if applicable, by email. We encourage users to review this policy periodically to stay informed about how we protect your privacy. The most recently updated version of the Privacy Notice will always be accessible on our website.
12. Contact Us
If you have any questions or concerns about this Privacy Notice, please contact us at:
Compera AS
support@compera.no
Byfjordparken 15
4007 Stavanger
Norway.