Processing of personal data at DiaGraphIT® AS and its subsidiary GotreatITCloud®AS (hereafter jointly referred to as “DiaGraphIT®”)
However, it is also important for us to notify other ways we work to implement appropriate measures to safeguard privacy for our products and how we process personal data in our capacity as data processor. Product development: As a supplier and developer of software in the health and welfare service sector, we act in accordance with the requirements applicable to our clients in accordance with prevailing legislation and standards for the processing of personal data, including the requirement to take account of privacy in Article 25 of the GDPR and standards for information security and privacy in the health and welfare service.
Installation and maintenance assignments etc.: Whenever we gain access to personal data in our clients’ systems through performing installation, maintenance or upgrading services at our clients, we act as data processor, and process personal data on behalf of our client who is the data controller. In such cases, we enter into a data processor agreement with the data controller and act in accordance with our obligations under this agreement, including the instructions we are given by the data controller.
Whenever you use our website and/or contact us to use our services and products, DiaGraphIT® will process your personal data. Below you will find information regarding the personal data that is collected, why we collect it, and your rights relating to the processing of personal data.
The data controller for your personal data is the CEO of respectively DiagraphIT® AS or GotreatIT®Cloud AS (depending on which company the personal data is processed by).
The contact information for DiagraphIT® AS is:
Address: Vestre Strandgate 27–29
NO-4611 Kristiansand, Norway
Tel.: +47 948 07 032
Organisation no.: 986 923 993
The contact information for GotreatIT®Cloud AS is:
Address: Vestre Strandgate 27–29
Tel. +47 948 07 032
Organisation no.: 914 947 901
If you have any questions about how we process your personal data, please contact Tone Speilberg Birkenes at firstname.lastname@example.org or on +47 948 07 032.
We collect and use your personal data for different purposes, depending on who you are and how we contact you. Below is a list of the types of personal data we collect and why we collect it:
We will not disclose your personal data to third parties unless there is a lawful basis for such disclosure. Examples of such a basis will typically be an agreement with you or a legal requirement that instructs us to disclose the information.
DiagraphIT® uses data processors to collect, store or otherwise process personal data on our behalf. In such cases, we enter into agreements to safeguard information security in all stages of the processing. We currently use the following processors:
With the exception of processing performed in the Jira IT system, which we use as a case handling system and where the service provider states that data may be processed on their platform in countries such as the USA and Australia, all the personal data we process is processed in the EU/EEA. The transfer basis to the USA is the US Privacy Shield and the EU’s standard agreement.
We store your personal data for as long as is necessary for the purpose of collection. This means, for example, that the personal data that we process on the basis of your consent is erased if you withdraw your consent. The personal data we process to fulfil an agreement with you is erased when the agreement is fulfilled and all of the obligations arising from the agreement have been satisfied.
You have the right to request access, rectification or erasure of the personal data we process relating to you. You also have the right to restrict processing, to object to processing and to claim the right to data portability. You can read more about these rights on the Norwegian Data Protection Authority’s website: www.datatilsynet.no.
If you believe that our processing of personal data is not consistent with the description given above or that we are in breach of data protection legislation in any other way, you may submit a complaint to the Norwegian Data Protection Authority.
For information about how to contact the Norwegian Data Protection Authority, please visit their website: www.datatilsynet.no.
Any amendments made to our services or to the regulations governing the processing of personal data may result in changes to the information provided here. If we have your contact information, we will notify you of these amendments.