Privacy Policy

Privacy Policy


1.       Introduction and scope 

This privacy policy covers our collection, use, and disclosure of information collected through our site including any connected applications that have been developed by Caplist to work as a part of our Service.

The use of information collected through our service and connected applications is limited to the purpose of providing the service for which the customer has engaged Caplist.

2.     Our approach to data collection and processing

Caplist collects and processes information under the direction of our customers. Caplist has no direct legal relationship with each user of our service. Each of our customers acts as a data controller whereas Caplist is the data processor. A Data Processor Agreement is entered into between our customers and Caplist, included as part of the Terms of Service (TOS). This agreement includes the necessary data processing provisions to ensure that the processing of our customer´s data is in accordance with EU GDPR. Caplist acts as a data controller for the information we collect when you access our site, newsletter subscriptions and “Landing Pages”.  


Data is processed in line with the requirements of GDPR, for some of the processing Caplist uses subcontractors. These subcontractors are typically vendors of cloud services or other IT hosting services. 


When using subcontractors, Caplist will enter into a Data Processing Agreement (DPA) with subcontractors to safeguard your privacy rights and fulfil our customers’ obligations.  When subcontractors are located outside the EU/EEA, Caplist ensures legal grounds for such international transfers on behalf of you or our customers, by using the EU Model Clauses.


For our services, all customer and personal data are processed under the control of Caplist in data centres within the EU/EEA area. 


Our contact details are as follows:

Caplist AS, 

3.      How and why, we collect your personal data


The information we collect stems from:


The information collected is maintained to fulfil our contractual obligations with our client and is used as such or to contact you to demonstrate our services. We process your data for one or more of the following purposes:


The information we collect is not shared with any organizations, except to provide products or services requested, when we have your permission, or under the following circumstances: 

4.      The legal basis for our processing of your personal data

We process your personal data for the purposes stated in this policy where it is necessary for our legitimate interests and/or for the performance of our contractual obligations with our clients. 

5.      The data being processed


Our platform and services require the processing of your personal data. The processed data depends on the application, website, and technology being used. This may include one or more of the following:  


If you are visiting our website or try to contact us for information, assistance, or technical support, then the personal data we process or may ask for could include:

6.      Third party disclosure


For analytics purposes and user profiling some personal data is transmitted to external services. This is to help us improve our site and the Caplist service and to be able to provide relevant content based on your interest. 


The third parties in question are the following:


The information we collect is not shared with any organizations, except to provide products or services requested, when we have your permission, or under the following circumstances: 

7.      Security 

Caplist has security and the protection of our customer’s data as a top priority. The following are our primary information security goals: 

What kind of security measures are we implementing?

8.      Retention 


Caplist will retain personal data we process on behalf of our customers if necessary, to provide services to our customers. Caplist will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. 


Information we collect to demonstrate our services is maintained until the purpose of the collection has been fulfilled.

9.      Compliance


Caplist complies with the following Norwegian laws and regulations concerning IT security, including Norwegian and European (EU/EEA) regulations for protection of personal data: 

10.    Cancellation or termination of account


Caplist can completely remove all the client’s documents, files, and meta-data upon request. If your account is terminated for any reason, please contact us with any request to access your data. 


11.    Your data privacy rights 


The rights provided to your as a data subject is as follows:



12.   Changes to this Statement


We may amend this Statement from time to time. The latest version will always be available on our site. You are advised to consult this Statement regularly for any changes. 

If we make significant changes to our Statement that materially alter our privacy practices, we may also notify you by other means, such as sending an email or posting a notice on our site prior to the changes taking effect. 

The last update of this Privacy Statement was 14th of June 2021.  


Further information


For further data processing details, compliance, or security, you may contact Caplist on: