1 Definitions

 

"Vendor" refers to Compleasy AS, also referred to as "we," "us," "our," "Compleasy," or "the Company."

"System" refers to the Compleasy® software and its associated modules, along with all related and connected documentation. The System includes, but is not limited to, content, design, functionality, and documents or components thereof.

"Solutions" refers to the System, websites, or other services from Compleasy AS.

"Customer" refers to the natural or legal person, public authority, agency, or other body that, alone or jointly, uses the Solutions, as mentioned in this Privacy Policy.

"Corporate Customer" refers to the legal person, public authority, agency, or other body that enters into an agreement with the Vendor for the purchase of the System, as mentioned in this Privacy Policy.

"Privacy Policy" means this document that describes how Compleasy AS, as the Data Processor, processes the Customer’s personal data.

"Personal Data" means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

"GDPR" refers to the EU General Data Protection Regulation, "Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC." It was adopted by the European Parliament and the Council of the European Union on April 14, 2016, and is also referred to as the General Data Protection Regulation.

"Privacy Legislation" refers to all applicable laws and regulations concerning data protection and privacy, including the GDPR and the Norwegian Personal Data Act.

"Terms" refers to the terms and conditions for the use of the System.

"Data Processing Agreement" refers to the provisions outlined in the Data Processing Agreement entered into between the Customer, as defined in the Data Processing Agreement, and the Vendor upon purchasing the System.

"Processing" means any operation or set of operations performed on personal data, whether automated or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

"Data Subject(s)" refers to one or more natural person(s) whose personal data is registered in the Solutions.

"Users" refers to the natural persons to whom the Customer grants access to the System.

​

2 Introduction

​

Compleasy is committed to protecting the privacy of its Customers. This Privacy Policy describes how the Vendor collects, uses, stores, and shares Personal Data when the Customer uses the Solutions.

​

Compleasy is a Norwegian company with business processes, management structures, and technical systems that deliver software and services to businesses both inside and outside of Norway. The company’s headquarters are located in Asker, Norway, and are subject to European Privacy Legislation.

​

The Company’s management makes all strategic decisions regarding privacy in the Solutions.

​

  2.1 Scope

​

This Privacy Policy applies to all business processes within Compleasy and all Compleasy websites, domains, mobile solutions, cloud services, and online forums. Additional provisions are outlined in the Terms & conditions and the Data Processing Agreement.

​

The Privacy Policy provides information on the Processing of Personal Data where Compleasy is the data controller and determines the purpose of the Processing. It also includes information on the Processing of Personal Data that Compleasy performs on behalf of Corporate Customers as the data controller, with Compleasy acting as the data processor. The relationship between Corporate Customers as the data controller and Compleasy as the data processor is regulated by the Data Processing Agreement.

​

  2.2 Duration and Amendments

​

This Privacy Policy is valid as long as Compleasy processes Personal Data. Compleasy may update and revise the Privacy Policy as needed. The latest version of the Privacy Policy is always available on compleasy.no.

​

3 Collection and Processing of Personal Data

​

Processing of personal data is necessary for Compleasy to serve its Customers. Compleasy collects and processes Personal Data to provide and improve the Solutions. This includes:

• Contact Information: Name, email address, phone number, job title, and company of contact persons.

• User Information: Name, username, email, password, and other information provided by the User when creating an account. Other personal data voluntarily provided by the Customer.

• Usage Data: Information about how Customers use the Solutions, including technical data such as IP address, device type, browser type, and operating system. Compleasy also processes information about clicks and movements within the Solutions.

• Communication and Feedback: Any messages Customers send to Compleasy, including support requests.

• Potential Customers: Information about customers who contact Compleasy via compleasy.no, email, phone, or other channels.

• Finance: Information such as contact person, billing address, etc.

• Job Applicants: Information submitted by job applicants in the form of application letters, CVs, or other supplementary documentation related to the application process.

 

Compleasy processes personal data to assess the potential of hiring job applicants. The legal basis for such processing is the applicant's consent.

​

As a data controller, Compleasy does not process sensitive personal data.

​

4 Use of Personal Data

​

When Compleasy determines the purpose and means of Processing Personal Data, it is considered the data controller. This includes scenarios where Compleasy collects Personal Data in connection with the individual being a job applicant, a contact person for a Corporate Customer or potential Corporate Customer, or when the individual is a Customer in the Solutions.

​

Compleasy uses Personal Data for the following purposes:

• Creating and managing accounts and providing Users with access to the System.

• Communicating with and providing quality services to Corporate Customers and their Users.

• Understanding how Customers use the Solutions, providing support, and improving and developing the Solutions.

• Responding to inquiries and providing important information about the System, including updates and changes.

• Maintaining the security and integrity of the Solutions.

• Carrying out sales processes with existing and potential new customers.

• Detecting, mitigating, and preventing security threats and preventing misuse.

• Processing orders, billing, payments, and other administration.

• Mapping interests on Compleasy’s websites to offer relevant content to Customers.

​

The legal basis for Processing Personal Data according to purposes 1 to 8 is that Compleasy believes it has a legitimate interest in Processing Personal Data for these purposes from a business perspective, and that this does not infringe on the privacy of Customers and Users.

​

The legal basis for Processing Personal Data according to purpose 9 is consent.

​

  4.1 Collection of Personal Data

​

Compleasy usually collects Personal Data directly from Customers.

​

Compleasy also uses cookies and other tracking technologies when individuals use Compleasy's websites and interact with the company via email to optimize the customer experience.

​

Occasionally, information about individuals may be collected from other sources. These sources may be publicly available or from third-party social networks such as LinkedIn or proff.no. Compleasy may combine personal data about an individual from one data source with data collected from another. This provides Compleasy with a more complete picture of the individual and helps in offering the best possible customer service.

​

Compleasy uses various digital tracking technologies to collect information about activity on Compleasy’s websites and when individuals interact with the Company.

​

5 Sharing of Personal Data and Subcontractors

​

Compleasy shares Personal Data with third parties only when necessary to deliver services or when the Company is legally obligated to do so.

​

  5.1 Sharing of Personal Data

   

    5.1.1 Online Forums

​

If an individual posts comments, contributions, or similar on Compleasy’s online forums or other forums on Compleasy’s websites, such information may be read and used by anyone with access to these forums and may be used for purposes beyond the control of the users or the individual. Compleasy is not responsible for information individuals make available in such online forums, Compleasy’s websites, or other similar forums. Compleasy reserves the right to remove offensive or inappropriate posts. Compleasy also reserves the right to ban individuals from such forums.

​

    5.1.2 Compleasy Partners

​

Compleasy may share Personal Data with partners in accordance with applicable data protection laws. For example, if an individual purchases a product or service on behalf of their employer that Compleasy offers through a partner, Compleasy and the partner may share Personal Data to provide the product or service to the Customer.

​

    5.1.3 Public Authorities

​

The police and other authorities may request the disclosure of Personal Data from Compleasy. In such cases, Compleasy will only disclose Personal Data and data if a court order or similar is in place.

​

    5.1.4 Mergers and Acquisitions

​

In the context of mergers, acquisitions, or the reorganization of Compleasy’s business, the acquiring entity and its advisors may gain access to the data managed by the company, which may include Personal Data in some cases. In such situations, external parties will sign a confidentiality agreement with Compleasy.

​

  5.2 Cookies

​

Cookies are small text files containing a string of characters that give the browser a unique identity. This identity can be used to recognize an individual and, for example, tailor website content to what the individual was interested in during their last visit. Most browsers are initially set to accept cookies. The settings in the browser can be changed to deny the use of cookies in general, block third-party cookies, or specify when a cookie should be accepted.

​

    5.2.1 Cookies from Wix

 

Cookies are used to collect and analyze visitor data when individuals land on Compleasy.no. This helps Compleasy offer the best user experience to website visitors.

​

  5.3 Relationship with Subcontractors

 

Compleasy uses subcontractors to process personal data and may export Compleasy’s or Customer’s data to other companies within the EU. These subcontractors are typically providers of cloud services or other IT services.

​

When subcontractors are used, Compleasy will enter into a data processing agreement to protect the Customer’s privacy rights in accordance with applicable data protection laws and to fulfill obligations to Customers.

​

Compleasy reserves the right to use third parties in its business processes. These third parties include, but are not limited to: