Privacy Policy

This privacy policy covers our collection, use and disclosure of information collected through our site www.caplist.no including any connected applications that have been developed by Caplist to work as a part of our Service.

The use of information collected through our service and connected applications are limited to the purpose of providing the service for which the customer has engaged Caplist.


Data collection

Caplist collects and processes information under the direction of our customers. Caplist has no direct legal relationship with each individual user of our service. Each of our customer acts as data controller whereas Caplist is the data processor. A Data Processor Agreement is entered into between our customers and Caplist, included as part of the Terms of Service (TOS). This agreement includes the necessary data processing provisions to ensure that the processing of our customers data is in accordance with EU GDPR. 

Caplist act as a data controller for information we collect when you access our site, newsletter subscriptions and “Landing Pages”.  


Data processing

Data is processed in line with the requirements of GDPR, for some of the processing Caplist uses subcontractors. These subcontractors are typically vendors of cloud services or other IT hosting services. 

When using subcontractors, Caplist will enter into a Data Processing Agreement (DPA) with subcontractors in order to safeguard your privacy rights and to fulfil our obligations towards our customers.  When subcontractors are located outside the EU/EEA, Caplist ensures legal grounds for such international transfers on behalf of you or our customers, by using the EU Model Clauses. 

For our services all customer and personal data are processed under the control of Caplist in data centres within the EU/EEA area. 

Our contact details are as follows:

Caplist AS, post@caplist.no 


Information we collect 


Use of information

The information collected is maintained for the purpose of fulfilling our contractual obligations with our client and is used as such or in order to contact you for the purpose of demonstrating our services. 

The information we collect is not shared with any organisations, except to provide products or services requested, when we have your permission, or under the following circumstances: 


Cookies and Tracking Technologies

Caplist and our analytics provider use technologies such as cookies, beacons, tags and scripts, to analyse trends, administer our site, tracking users movements and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis. 


Log files

As is true of most web sites, we gather certain information automatically and store it in log files.

This information includes internet protocol (IP) addresses, browser type, referring/exit pages, operating system, date/time stamp and clickstream data and may be stored in system logs such as network, intrusion prevention logs, firewall logs, web server logs in order to maintain our high level of security of our service.

Caplist is the data controller for these logs and they are maintained for a period of 12 months. Our legal basis for this processing is our legitimate interest to maintain sufficient network and information security. 


3rd Party disclosure

For analytics purposes and user profiling some personal data is transmitted to external services. This is to help us improve our site and the Caplist service and to be able to provide relevant content based on your interest. 

Our Site: 

Google Analytics 

We use Google Analytics as an Analytics Provider. For this only aggregated and anonymized data is transferred. 

Webflow

We use Webflow as a tool for creating landing pages on our site. By clicking the consent form on these landing pages, you accept that your personal contact data may be shared with third parties outside of the EU/EEA. For more information, please visit the Webflow GDPR page. 

Payment Processing

We are using Stripe, a global payments infrastructure company as our payment partner. Users will be transferred to a secure payment processing service powered by Stripe.

Access to your information

The Norwegian Data Protection Act and EU General Data Protection Regulation (GDPR) give you the right to access the information we hold about you. 

An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to Caplist. Caplist will make reasonable commercial efforts to promptly fulfil our customers’ requests. 


Security

Caplist has security and the protection of our customer’s data as a top priority. The following are our primary information security goals: 


Compliance

Caplist complies with the following Norwegian laws and regulations concerning IT security, including Norwegian and European (EU/EEA) regulations for protection of personal data: 


Retention

Caplist will retain personal data we process on behalf of our customers as long as needed to provide services to our customers. Caplist will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. 

Information we collect in order to demonstrate our services is maintained until the purpose of the collection has been fulfilled. 


Cancellation or termination of account

Caplist can completely remove all the client’s documents, files and meta-data upon request. If your account is terminated for any reason, please contact us with any request to access your data. 


Changes to this Statement

We may amend this Statement from time to time. The latest version will at all times be available on our site. You are advised to consult this Statement regularly for any changes. 

If we make significant changes to our Statement that materially alter our privacy practices, we may also notify you by other means, such as sending an email or posting a notice on our site prior to the changes taking effect. 

The last update of this Privacy Statement was 11th January 2021.


Further information

For further data processing details, compliance or security, you may contact Caplist on: post@caplist.no