When you use our website, ventizolve.com, Navamedic ASA will process personal data about you. This policy explains what personal data we collect, why we collect it, and your rights in relation to the processing of your personal data.
Data Controller
The data controller for the personal data processed through this website is:
Navamedic ASA
Organisation number: 985 012 059
Henrik Ibsens gate 100, 0255 Oslo, Norway
Email: info@navamedic.com
Telephone: +47 671 12 540
For questions about our processing of your personal data, or to exercise your rights, please contact us at gdpr@navamedic.com.
What Personal Data We Collect and Why
Website analytics
We use Google Analytics to collect information about how visitors use our website. This helps us understand traffic patterns and improve the site. Google Analytics collects data such as your IP address (anonymised where possible), browser type, device information, pages visited, and the duration and timing of your visit. This data is collected through cookies. You can read more about the specific cookies in our Cookie Policy.
Legal basis: Consent. Analytics cookies are only placed after you have given your consent through our cookie banner.
Contact enquiries
If you contact us by email using the contact details provided on this website, we will process the personal data you provide in your message, such as your name, email address, telephone number, and any other information you choose to include. We process this data in order to respond to your enquiry.
Legal basis: Legitimate interest (GDPR Article 6(1)(f)). We have assessed that it is necessary and proportionate to process this data in order to respond to enquiries we receive. You have the right to object to this processing.
Data Processors
Navamedic ASA uses the following third-party service providers (data processors) to collect, store, or otherwise process personal data on our behalf. Data processing agreements are in place with each processor in accordance with GDPR Article 28.
- WP Engine (United Kingdom) — website hosting and infrastructure
- Cloudflare, Inc. (global) — DNS and content delivery network
- Google LLC (United States) — website analytics (Google Analytics)
- Web development and analytics provider (Norway) — website development and maintenance
International Data Transfers
The majority of personal data processing is carried out within the EU/EEA. Where personal data is transferred to countries outside the EU/EEA, we ensure that appropriate safeguards are in place:
- Google LLC is certified under the EU-US Data Privacy Framework, which has been recognised by the European Commission as providing an adequate level of data protection.
- Cloudflare processes data at edge locations globally but maintains Standard Contractual Clauses and additional safeguards for transfers outside the EU/EEA.
Disclosure of Personal Data to Others
We do not disclose your personal data to third parties unless there is a lawful basis for doing so. Examples include where disclosure is required by law, or where we use data processors as described above. We do not sell personal data.
Retention
We retain your personal data only for as long as necessary for the purpose for which it was collected. Analytics data is retained in accordance with our Google Analytics configuration. Data relating to contact enquiries is retained for as long as necessary to resolve the enquiry and for a reasonable period thereafter.
If you withdraw your consent to the processing of personal data, we will delete or anonymise the data we process on the basis of your consent.
Your Rights
Under the General Data Protection Regulation (GDPR), you have the following rights in relation to your personal data:
- Right of access — to request a copy of the personal data we hold about you
- Right to rectification — to request correction of inaccurate data
- Right to erasure — to request deletion of your data in certain circumstances
- Right to restriction of processing — to request that we limit how we use your data
- Right to data portability — to receive your data in a structured, machine-readable format
- Right to object — to object to processing based on legitimate interest
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, please email gdpr@navamedic.com. We will respond to your request without undue delay and in any event within 30 days. We may ask you to verify your identity before processing your request.
Complaint to a Supervisory Authority
If you believe that our processing of your personal data is not in accordance with this policy or with applicable data protection law, you have the right to lodge a complaint with a supervisory authority. The lead supervisory authority for Navamedic ASA is:
The Norwegian Data Protection Authority (Datatilsynet)
www.datatilsynet.no
You may also complain to the supervisory authority in the EU/EEA country where you reside or work, or where the alleged infringement took place.
Changes to This Policy
We may update this policy from time to time. Any changes will be published on this page. We encourage you to review this policy periodically.