Privacy Policy

Last updated: 18. March 2022

1. About this Privacy Policy

1.1 Definitions

Account: The Customer is provided with an Account. An Account is necessary to access the Products. The Account will be accessible through a set of credentials, consisting of a username and password combination for authorization.

Customer: The legal entity that has entered into an agreement with Pixotope Technologies to purchase Pixotope Technologies' products or services.

Director: Pixotope Technologies' front-end application. The Director allows the End Users to log in to the Account and access any licenses connected to the Account.

End User: A physical person connected to the Customer as an employee or by other means, and which has been given authorization to use Director, a Product or otherwise be in contact with Pixotope Technologies on behalf of the Customer.

GDPR: Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (this regulation is referred to as GDPR which is an abbreviation of the General Data Protection Regulation)

PaaS: Product-as-a-Service fuses software products and accompanying services to enable new offerings where the buyer (the Customer) or the End User may no longer own a physical thing. With PaaS the product is delivered to the Customer and the End User as a service or virtualized experience. Instead of a one-time-transaction the Customer subscribes to the Product and pays the Supplier a recurring fee

Personal data: Any information relating to an identified or identifiable natural persons, see GDPR article 4 (1).

Products: The standard software products developed by Pixotope Technologies, which Pixotope Technologies supplies separately or jointly to the Customer, pursuant to the agreed upon terms in the agreement with the Customer. The Products may be standalone applications or features that may be licensed (subscribed to) separately or as packages. A detailed description of each Product with prices and license period may be found on Pixotope Technologies' website, see www.pixotope.com.

Pixotope Technologies AS (also referred to as we or us): Pixotope Technologies AS with org.nr. 812 664 522 and registered business address Sommerogata 13-15, 0255 Oslo.

1.2. Introduction

Our Products are sold as PaaS, and it is up to the Customer how the Products are used. If the Customer chooses to store or otherwise process personal data through on of our Products, this will in no way be accessible, visible or transferred to Pixotope Technologies. Our Products have no purpose or aim to process personal data, and we have no control or insight in how the Customer uses our Products.

The only exception is Director, which is the interface between the Customer and us. We are the supplier of Director, as well as all Products and services made available through and which can be administered in Director. To a small degree, it is necessary for us to process personal data in and through the Director, in order for the Director to function as the interface it is intended for. For all intents and purposes, the processing described in this Privacy Policy are for the processing in Director, not our Products.

In the event we should offer a specific Product at a later time, which process personal data in a way that we have insight to such personal data, a separate Privacy Policy will be created and made available for all potential End Users for such Product.

We are committed to your privacy and want your personal data to be private and secure.

1.3. Overview

In this Privacy Policy, we explain:

  • What personal data we collect and how

  • The purpose of collecting your personal data

  • Disclosure of data to third parties

  • Our security measures when processing your personal data

  • Your rights as a data subject

Pixotope Technologies is a Norwegian company. We adhere to relevant Norwegian privacy law and meet the requirements of applicable laws and regulations within the EU/EEA. We will ensure that your privacy rights and our processing of your personal data are held to the highest standard. Pixotope Technologies is GDPR compliant.

1.4. The Account and the Director

Pixotope Technologies may process personal data related to physicals persons that may be identified by using the Account. This Privacy Policy is relevant to you if you are a data subject that may be identified by the username used to log-in to the Account.

Pixotope Technologies may process personal data related to the End Users that a Customer chooses to connect to Director. This Privacy Policy is relevant to you if you are an End User of Director with Account access.

For the purposes described in this Privacy Policy, Pixotope Technologies is the controller, which collects and processes data as described herein. It is important for us that you read this Privacy Policy thoroughly. We want you to be aware of your rights so you can help us improve our policies. If you do not accept this Privacy Policy, you will not be able to access or use Director or any other products as they rely on the use of Director.

1.5. Contact Information

If you have any requests concerning your personal data or any queries with regards to this Privacy Policy, please contact us by our Data Protection Officer at: privacy@pixotope.com.

2. What personal data we collect and how

We collect different types of personal data about End Users. It is up to the Customer which End Users we collect personal data about, as far as Pixotope Technologies is concerned, it is freely optional to be an End User of Director. The personal data we collect can be divided into three groups:

1. Minimum personal data needed to register an Account (these can be generic, non-personal data if the Customer chooses):

  • Email address or Telephone number

  • User name

  • Password

  • Associated Customer (typically employer)

2. Personal data which may be generated while you use the Director or a Product:

  • Information about your mobile device:

    • IP-address

    • Hardware Manufacturer

    • Operating system

  • Application usage statistics

3. Personal data concerning yourself that you might choose to provide us with through the Account or by other means whilst using our Products and services, for example:

  • Your first name and surname

  • Telephone number or email address

  • Place of work

  • Nationality

  • Gender

  • Occupation

  • Other details you actively choose to provide through Director or your contact with us directly

We do not process special categories personal data (sensitive personal data) and have no use for such data. Therefore, we ask that you do not share such data about yourself or others in the Director. Such data would for instance be religious beliefs, political opinions, physical or mental health, labour union membership, ethnic background, sexual history or sexual orientation.

3. Purpose

We collect personal data for these purposes:

  1. To communicate with our Customers and End Users, by answering service requests, and providing any necessary and agreed upon assistance for the Products and Director.

  2. To provide the application Director and Pixotope Technologies' Products and services to the Customer and its associates as agreed upon with the Customer.

  3. To ensure the technical functionality of the Director. We want the Director to function as well as possible. To do so we need information about how Director functions on your device.

  4. To be able to control and monitor Director’s user base and prevent fraudulent activity or similar.

4. Legal Basis for Processing

Pixotope Technologies processes personal data in order to make it possible to enter into and to fulfill the agreement with the Customer. As Pixotope Technologies and the Customer are two separate controllers, our legal basis for processing personal data is through our agreement with the Customer, and in turn, the Customer’s agreement with you as the End User. It is the Customer’s choice which End Users are connected to the Director through authorization and access via the Account.

In the event the Customer decides to use a generic business email address and not a personal email address related to an identifiable natural person, then the processing of personal data in Director will be much limited. Using a generic email address rather than a personal one, will not limit the Customer’s user experience of Director.

For the purpose of creating user statistics and to prevent fraudulent activity in or in relation to Director, Pixotope Technologies' legal basis for processing is our legitimate interest. This legitimate interest is Pixotope Technologies' desire to improve Director and the Account system for both End Users and Customers, so that Pixotope Technologies may provide a better product in the future. Furthermore, Pixotope Technologies has a legitimate interest in keeping Director secure and keeping the integrity and confidentiality of the underlying program behind Director, the contents in Director and the data related to Director, whether personal data or data otherwise considered commercially sensitive.

Furthermore, we may process your personal data when we are legally obliged to do so, or if it is necessary to establish, exercise or defend a legal claim.

We will also ask you as the End User to have read and accepted this Privacy Policy as well as the End User License Agreement from us. You will be presented with a link to this Privacy Policy in order to make sure each End User has been informed about how and why we process personal data.

5. Disclosure of data to third parties

Except in the instances described below, we do not disclose collected personal data to third parties.

We may disclose user base demographics and similar non-personal data to third parties. Such aggregated data does not identify any individuals and will not be linked to any personal data.

Your personal data is not transferred out of the EU/EEA.

6. Storage and personal data deletion

Upon your request or otherwise when the personal data we have collected is no longer necessary for the purposes described above, for instance in the event the End User’s authorization to use Director is removed by Customer or by another authorized End User, the personal data concerning you will be erased.

Personal data related to an Account will be erased no later than after 6 months after an Account has been deactivated or the Customer relationship has been terminated.

7. Your rights

This Privacy Policy is adherent to Norwegian law and falls under Norwegian jurisdiction. As such, you are entitled to certain rights. Please refer to the contact details provided in the first section (see section 1.5) if you wish to make use of or need assistance regarding the rights listed below.

Consent: To the extent our processing of your personal data relies on your consent, you may withdraw said consent at any time. If you wish to withdraw your consent, we will delete your account access and related personal data without undue delay. The withdrawal of consent does not affect the legality of our processing of your personal data based on the consent before it was withdrawn.

Access: You can at any time request access to the personal data relating to you. You can also request information about how we collect personal data at any time.

Erasure and rectification: You can at any time request that we erase or rectify any of the personal data relating to you that we have collected.

Objections: You may likewise request a restriction of the processing of your personal data or object to the processing of your personal data, but this may affect your user experience in Director. For our processing activities that are based on our legitimate interests, you may object to such processing on ground relating to your particular situation, by contacting us with using the email stated in section 1.5.

Data Portability: In the event our collection and processing of your personal data is based on automatic means and our legal basis is your consent or an agreement with you, you may request that the personal data concerning you and which you have provided us with, be transmitted to you or to another data controller.

Complaints: You have the right to lodge complaints with the Norwegian Data Protection Authority (Datatilsynet).