SkillAid

Terms of Service & Privacy and Cookies Policy

Last Modified: March 21st 2023

***

Dynamisk Helse AS (hereafter “DH”, “we” or “us”) is a Norwegian company that offers you a digital platform for gaining professional knowledge within the health care sector, in addition to getting real-time feedbacks on your progression.

DH acts as a data controller for personal data that we process (which typically means to collect, store and use personal data) about our customers when entering into the end-users license agreement.

This privacy policy concerns any processing of personal data we do in the capacity of a data controller, which is normally the case when we provide you with our service.

1 About this Privacy Policy

As a data controller, we are responsible for ensuring that we use the personal data we have about you in accordance with applicable data protection legislation (i.e. the Norwegian Data Protection Act 2018 with further regulations and the EU regulation 2016/679 ("GDPR")). This privacy policy will help you understand what information we collect, how we protect and use your data, as well as information about your rights in this respect. We value your privacy and will not use or share your information with third parties except as described in this policy.

2 When, why and what type of data do we collect?

In short, we typically collect and process your data when you use our services, when you sign up for our services, subscribe to our newsletter and when you fill out voluntary forms issued by us. Below we have listed all the specific ways we collect data from you and what categories of data we typically process, as well as the legal basis for such processing.

Please note that we only process your personal data to the extent that it is necessary for the performance of the below-mentioned purposes.

2.1 Registration to our service

At the time of this privacy policy, our service consists in the activation of course licenses through our digital platform as mentioned above. When you register for a user account/profile, or when your employer assigns a user account to you, for our service, and you log in to this account, we process information such as your e-mail, as well as other personal information you choose to provide us with or which you have provided to your employer or principal for this purpose.

We process this information to be able to provide the contractual service, which you have signed up to (GDPR art. 6.1 b).

2.2 Management of your user account

As soon as you registered, thus entered into the end-users license agreement with us for using our service, we will need to manage your user account in order to perform the contract to which you are part, in accordance with the agreement´s terms and conditions. This might consist in:

- providing you with customer support at your request or whenever we need to update or amend our service. For that purpose, we will need to process your general contact information, such as your e-mail address.

- storing your profile settings in order to deliver the necessary course licenses in accordance with our end-users licence agreement. Such profile settings include your telemetric data and learning data.

- retrieving relevant information stored in the digital platform at your request or whenever necessary for us to perform the contract we have with you. For that purpose we will need to process network communication data such as your authentication/log-in data .

We process this information to be able to provide the contractual service, which you have signed up to (GDPR art. 6.1 b).

2.3 Use of our digital services

Website

We collect certain information from your computer or internet connection when you visit our website, such as your IP-address, date and time of your visit, duration of your visit, content of your request (such as the specific site/page you visit), the website you were referred from, which pages you visit on our website, your internet service provider, your browser type and version, as well as your operating system.

We collect this information to uphold our legitimate interest in being able to display our website to you, as well as our legitimate interest in measuring and improving the performance of our digital channels, and the marketing of our products and services (GDPR art. 6.1 f).

Mobile phone

The software (mobile application) serves as a front-end for our service.

In addition, we might collect telemetric data from the mobile application, including usage statistics, app installation IDs, IP addresses, mobile device type, OS version and error and crash reports. IP addresses are included in the telemetry as an intrinsic part of network communication logs and may also be used to correlate telemetry, for example to detect and restore application problems related to a specific internet service provider (ISP), cf. GDPR art. 6.1 f. Please note that IP addresses collected for that purpose are stored for a maximum period of 12 months before being deleted. We strongly encourage you to contact us (support@dynamiskhelse.no) should you have any questions regarding the processing of your personal data through the software.

Please also note that the software may contain links to third-party sites. If you click on a third-party link, you will be automatically directed to that third-party site. Note that those external sites are not operated by us. Therefore, we strongly advise you to review the privacy policies of those third-parties. For the avoidance of any doubt, DH do not have control over or assume any responsibility for any third-party sites´ processing of your personal data.

2.4 Contact form

You may from time to time contact us with questions or requests through the software or our website. When you do so, you may fill out forms with information about you. Upon doing so, we collect the information provided through use of the form, such as: Name, e-mail, phone number, as well as other information that you enter into the form.

We collect this information to be able to carry out our contract with you whenever you are a customer/user of DH´s service (GDPR art. 6.1 b) or to uphold the legitimate interest we have in replying to your requests or questions when you haven´t signed up to our service yet (GDPR art. 6.1 f).

2.5 Improving our service

In some cases, we will need to conduct internal analyses for improving our service, thus your learning experience. All such analyses will be based on aggregated and anonymised data, which cannot identify you as an individual.

Anonymised data is not defined as personal data according to the GDPR, thus is not subject to the data protection requirements.

2.6 Newsletters and service updates

If you subscribe to our newsletter and information on our service updates, we collect your name and e-mail address. If you are an existing customer or user, we may also send you such communication even though you do not expressly subscribe.

The basis for sending such e-mails to contact persons with our existing customers is to uphold our legitimate interest in following up our customers by providing relevant news and relevant information about our service (GDPR art. 6.1 f), see also the Norwegian Marketing Act art. 15(3)). If you are not an existing customer or user, the basis for sending such e-mail would be your express consent (GDPR art. 6.1 a).

Anyone receiving the information items above can easily opt out using the link included in our e-mails.

2.7 Applying for a position with us

You are welcome to apply for a position with us. If you decide to do so, we will ask you to provide certain categories of personal data:

Basic information: E.g. name, age, date of birth, sex, nationality and your photo.

Contact information: E.g. your address, e-mail address and phone number.

Qualifications: E.g. your CV/résumé, application, diplomas and transcripts of records, language knowledge, courses, certifications and other information you provide us with in your application or interviews with us.

Background information: E.g. information provided to us by your references, which we either collect through official sources or through references you provide us with.

Our assessments: E.g. assessments and comments we make in relation to our internal assessment of your application.

You provide us with such personal information, as well as any other information that you might choose to share with us in this respect, on a voluntary basis. We will collect and process this information in order to respond to your application and to consider whether to enter into an employment contract with you (GDPR art. 6.1 b). We will delete the information related to your application as soon as it is no longer relevant for this purpose. 

2.8 Visits to our social media pages

When you visit our social media pages, such as our Facebook and LinkedIn pages, the social media providers will collect and process your personal data and use cookies. For information about how these providers use your personal data, we recommend that you read their privacy policies.

2.9 Customer relations

When you register as a customer/user with us, you provide us with certain information that we collect and process in our customer relation management systems. This includes your name and contact information, payment information, customer history, your communications with us, as well as other information you provide us with in relation to your customer relationship with us.

We collect and process this information to be able to provide you with a contractual service (GDPR art. 6.1 b) and to uphold our legitimate interest in improving our relations to our customers and to be able to provide you with good customer care and service (GDPR art. 6.1 f). In some cases, we are also compelled to process your information for compliance with a legal obligation, such as compliance with the Norwegian Bookkeeping Act, or when required by law, court orders or legal processes (GDPR art. 6.1 c).

3 Do we share your personal data WITH THIRD PARTIES?

We will not share your personal data with others unless you either give us your consent to do so (GDPR art. 6.1 a), or if we have another legal basis to share your data, e.g. if it is necessary to provide you with a contractual service (GDPR art. 6.1 b), if we are required by law, court orders or legal processes to disclose your personal data (GDPR art. 6.1 c), or it can be justified on the basis of our legitimate interest in doing so (GDPR art. 6.1 f).

When we use data processors in order to provide our service, we will take appropriate legal precautions and corresponding technical and organisational measures in order to ensure that your personal data is protected in accordance with this privacy policy and the applicable data protection legislation. Please be ensured that our data processors are legally prevented from making use of your personal data for any other purpose than the ones which we have agreed on in a separate data protection agreement.

If our data processors are to be based in locations all over the world, this means that your personal data may be transferred outside the EU/EEA. If that is the case, we will implement appropriate security measures to protect your data such as agreements with EU standard contractual clauses or by ensuring that our data processors are Privacy Shield certified.

At the time of this privacy policy, we do not have and data processor on our behalf.

We might also share your personal data with third parties such as your employer, our public accountant, our lawyers and other advisors, as well as public authorities, whenever legitimate or required by law.

4 How do we protect your personal data?

We have implemented appropriate technical and organizational measures to ensure a sufficient level of security when processing your personal data and to prevent loss or unlawful processing. Such measures are, for example, internal routines, data processing agreement and IT-security procedures to verify and strictly control access rights. On a general basis, we ensure that only specifically authorised personnel at DH who have a need to access your personal data for fulfilling a predefined purpose, are given such access.

We will also carry out data protection impact assessments when it is likely that the processing of your data may result in a high risk with respect to your rights and freedoms in relation to your personal data.

5 How do we use Cookies?

Cookies are small text files that are saved on your hard drive and associated to your browser and which provide us with information. They serve to make our web-service www.dynamiskhelse.no more user-

friendly and efficient. We mostly use cookies to store your website preferences, analyse and improving our website and to fulfil other legitimate purposes, cf. section 2.3.

For these purposes, we use both necessary cookies and functional cookies. We also use Squarespace Analytics for statistical purposes. These statistics use information about your visit and usage patterns on our website (such as how often you visit our website as well as what specific pages you visit, the length of your visit, your geographical location when visiting us and more). Squarespace Analytics collects the IP-address you use on the date you visited our website and anonymize your data before sharing it with us. Squarespace Analytics does not collect not your name or other personal data. We do not combine information collected by Squarespace Analytics and other personally identifiable information.

Some of those cookies are persistent, which means that they will be stored on your electronic device when you leave our website for a restricted period of time. For session cookies, those will be deleted as soon as you leave our website.

You may opt out of collection and analysis of data collected through Squarespace Analytics. You can read more about that here: https://support.squarespace.com/hc/en-us/articles/360000851908-GDPR-and-Squarespace

If you have a Google Account, you may alter your personal advertisement settings here: https://myaccount.google.com/?pli=1

You may find more information on Google’s advertisement services here: https://safety.google/privacy/ads-and-data/

You can also configure your browser settings for other type of cookies here (NO): https://nettvett.no/slik-administrer-du-informasjonskapsler/

6 What are Your rights?

You have several rights under the applicable data protection regulations. We have provided a list of the rights you can exercise in your relationship with us as a data controller below. If you wish to exercise your rights, please contact us and we will respond to your inquiry as soon as possible, but no later than a month after the receipt of your enquiry.

Consent withdrawal: Where you gave us your consent to process your personal data, you have a general right to withdraw such consent. Please note that the withdrawal of your consent might in some cases prevent us from delivering the service, which you have signed up to.

Access: You have a general right of access to the personal data we have registered about you.

Rectification and erasure: You have a general right to request that we should rectify any incorrect personal data about you and erase personal data about you. Please note that personal data that is essential to the customer relationship with us cannot be deleted, unless you also explicitly request termination of the customer relationship with us.

Restriction: You have a general right to ask us to stop (“freeze”) the processing of your personal data, e.g. where you are of the opinion that we process personal data about you illegally and you do not wish us to erase these data pursuant to our routines for such erasure until the matter has been clarified.

Data portability: You have a general right to request transfer of your personal data in a common, machine-readable format.

Objection: You have a general right to object to our processing of personal data about you if this is justified by special circumstances on your part.

Right to appeal: If you do not agree with the way in which we process your personal data, you may submit an appeal to the Norwegian Data Protection Authority (Datatilsynet). We ask that you contact us beforehand, so that we may clarify any misunderstandings.

7 How long do we store AND WHEN DO WE DELETE your data?

Your personal data will not be stored for longer and to a greater extent than needed for the purposes mentioned in this privacy policy. This means that when our customer relationship with you is terminated, we will erase your personal data as soon as our purpose with processing such data is no longer relevant, unless we are compelled by law to store this data any longer. If your account has been inactive in two years and you still haven´t terminated the ends-users license agreement, we will as a main rule delete all personal data which we are not compelled by law to store any longer.

Please note that in some cases, your personal data might be anonymised instead of deleted. By the mean of anonymization, you will neither be identified nor identifiable in the terms of the GDPR.

8 Do we keep this policy up to date?

Yes. We may amend this privacy policy from time to time. You will be notified if we make any significant changes. The most up-to-date version of our privacy policy and its associated terms and conditions (https://www.dynamiskhelse.no/terms-of-service-privacy-and-cookie-policy) is available at any time on our digital services. Please be ensured that we will notify you if such update results in our obligation to collect your further consent.

9 How can you contact us?

Please contact us if you have any questions or comments or if you wish to exercise your rights as mentioned in section 6 above. Our contact details are support@dynamiskhelse.no.