Privacy Statement for GlucoSet AS
Data Controller
The CEO is, on behalf of GlucoSet AS, the data controller responsible for the company’s processing of personal data.
Personal Data Stored
We store the following personal data about our business partners:
For our suppliers, we collect the following personal data: Name, contact information, address, bank account number, SWIFT code, IBAN, phone number, and email address.
For our investors/UBO (Ultimate Beneficial Owners)/shareholders, we collect the following personal data: Citizenship, date of birth, address, SWIFT code, IBAN, contact information, phone number, and email address.
Purpose of Processing
We process this information to fulfill our legal and contractual obligations.
The Legal Basis for Processing
Information such as name, address, phone number, and email address is used to fulfill the agreement. The legal basis for this processing is Article 6(1)(b) of the General Data Protection Regulation (GDPR) and in accordance with the Medical Device Regulation 2017/745.
For investors, we process citizenship information in accordance with the AML/CFT (Anti-Money Laundering/Combating the Financing of Terrorism) requirements.
Collection of Personal Data
We store personal data that you have provided in connection with the conclusion of a contract.
Disclosure of Information to Third Parties
To fulfill our contractual obligations, the necessary information is disclosed to our business partners [Greenlight Guru, Google Drive, Tripletex].
Storage Period and Deletion of Personal Data
Information that we are obligated to retain according to the Bookkeeping Act will be stored for up to 5 years, as required by the law.
We are obligated to retain information about investors/UBOs/shareholders for up to 10 years after the termination of the collaboration, for the prevention of terrorism financing.
Rights of the Data Subject
We process your personal data in accordance with the Personal Data Act and applicable regulations. Please note that you have the right to request access to and transfer of your personal data, as well as to request correction or deletion of information. You can submit a complaint to the Data Protection Authority for any processing that violates the rules.
Data Protection Officer
The company’s CEO serves as the data protection officer on a daily basis, ensuring compliance with the rules of the Personal Data Act regarding the processing of personal data.
Information Security
We secure your personal data by both physical and virtual access and entry control, as well as by encrypting sensitive parts of the information provided.
Contact Information
Inquiries about the information stored, correction, and deletion can be sent in writing to the following address:
GlucoSet AS
Sluppenvegen 6
7037 Trondheim
Norway
Telephone: +47 97 78 90 77