By using the Site, you agree to allow us to collect and process information as described below, even if that includes sensitive data.
- ROLES AND PURPOSE
Thinfilm is the data controller for your Personal Information.
The purpose of processing your Personal Information is to enable and enhance the use of the Site, including enabling additional services and functionality. What that means in terms of what data we collect and process, how and where we process it, and for how long, is described below.
It is important that you read this, as you by taking the Site into use, gives us and our partners your consent to process your Personal Information.
- LEGAL BASIS FOR PROCESSING
The legal basis for the processing of Personal Information is your consent and data protection law.
Your Personal Information is processed in accordance with the Norwegian implementation of the General Data Protection Regulation (“GDPR”) (EU) 2016/679. This gives you strong rights as a data subject. Hereunder you have the right to:
- have your Personal Information deleted
- have any incorrect Personal Information corrected
- information from us, as data controller, regarding the data processing
Norwegian law applies. Exclusive legal venue is Oslo, Norway.
Any surrender of data is voluntary, but some basic information is needed to enable the Site to operate.
- COLLECTED PERSONAL INFORMATION
If you register with Thinfilm through the Site, Thinfilm collects and processes information including name, company name, job title, physical and email addresses, phone numbers, and product interests.
In addition, Thinfilm, through the Site, automatically collects and processes general data from your computer or mobile device, such as your web browser type and version, and operating system of your computer.
We may process this Personal Information for purposes of operating, debugging, maintaining, improving, and optimizing the Site, marketing, and/or to maintain customer relationships. Thinfilm performs analysis of the data, for the above purposes and also for the purpose of providing its business partners access to relevant data.
You consent to the above described collection and processing of Personal Information.
- WHERE WE PROCESS PERSONAL INFORMATION
The Personal Information we collect from you may be transferred to and computer processed on servers placed in the United States and the European Economic Area (EEA), depending on your location, and the Site instance to which you connect.
The data is stored on servers belonging to Amazon.com, Inc., Seattle, Washington, USA and Google Inc., Mountain View, California, USA. These companies are certified under the EU US Privacy Shield framework. The EU Commission deems transfer of data to companies certified under the framework to offer adequate protection of personal data (more info).
The processing is conducted by personnel that may be located in the United States, Norway, India, and Russia.
You consent to the above described transfer and processing of Personal Information.
- DATA SHARING
Thinfilm does not share Personal Information for any commercial or marketing purpose unrelated to the delivery of Thinfilm services without asking you first.
The following are the situations where we may share Personal Information:
- With your explicit consent: We may share Personal Information when we have your consent. One example of this would be if you sign up for additional programs offered by our partners. If you do this, we may share certain information with the partner.
- For external processing: We have vendors, service providers, and partners who may help with some of our data processing and storage, including customer support services at our partners. They may also assist with monitoring our servers for technical reasons. These vendors (as well as Thinfilm personnel) can access certain information about you and your account in order to carry out their work. Such vendors are not allowed to use this data for non-Thinfilm purposes.
- For legal reasons: We may provide information to a third party if we believe in good faith that we are required to do so for legal reasons. For example, to respond to legal process, or comply with EU law.
- We may share non-Personal Information (for example, aggregated or anonymized customer data) publicly and with our partners. For example, we may publish research, or help us generally improve our system. We may also share non-Personal Information with our partners, for instance if they are interested in offering other services on the Site. We take steps to keep this non-Personal Information from being associated with you and we require our partners to do the same.
You consent to the above described sharing of Personal Information.
- SECURITY OF PERSONAL INFORMATION
Thinfilm has implemented various physical, electronic and procedural safeguards to protect the confidentiality and security of Personal Information under our control. For instance, Thinfilm limits access to Thinfilm systems that store such information to authorized personnel. Thinfilm also employs the Transport Layer Security (TLS) protocol to protect your Personal Information.
Thinfilm will maintain your Personal Information for as long as a business need exists, or as required by applicable laws, regulations, or government orders. When we dispose of Personal Information, we use commercially reasonable procedures to erase or render it unreadable.
Thinfilm restricts its personnel from processing user data without authorization by Thinfilm. Thinfilm will impose appropriate contractual obligations upon its personnel, including relevant obligations regarding confidentiality, data protection and data security.
Thinfilm will not disclose any Personal Information to any government, except as necessary to comply with the law or a valid and binding order of a law enforcement agency.
- CHANGES TO THIS POLICY
If you have any questions regarding the terms of this policy, please contact Thinfilm writing to Thin Film Electronics ASA, House of Business, Fridtjof Nansen plass 4, 0160 Oslo, Norway.
Effective as of 1 November 2019