This policy describes how we collect and process personal data about our customers and users of our products and services. All references to “we” and “us” refer to the Norwegian company No Isolation AS and its subsidiaries located in the European Union/European Economic Area. If you have any questions you are always welcome to contact us at firstname.lastname@example.org.
Our products and services feature video stream transmission, among other functions. All video streams transmitted through our products and services is encrypted and inaccessible to anyone but the people on each end of the transmission. The data is only stored ephemerally and deleted immediately after the transmission is concluded. For KOMP, we also process pictures and messages. These pictures and messages are stored safely in the cloud, only accessible to technical staff working under strict obligations of confidentiality.
In addition to the data transmitted through video streams we collect customer data, user profile data and contact data from anyone who has requested information from us. In the following we will describe in further detail what types of personal data we collect, how we process it and what your rights you have as a data subject.
The information we collect and how we use your information
When you conclude a subscription agreement with us or buy a product from our website, we collect the following data about you:
- phone number
- email address
- delivery address
- payment details
The information is stored for the duration of the customer agreement in order to administer the customer relationship we have with you. We may continue to store the information after the expiration of the agreement for the following reasons:
- Bookkeeping (we have a duty to store accounting information for 5 years in accordance with Norwegian law)
- Collecting any outstanding amounts (if you still owe us money after expiration of the agreement)
- Defend any legal claims (if we are in dispute over the rights or obligations of the agreement)
All KOMP app users register with a user profile. You are requested to provide the following information:
- Profile picture
- Phone number
This information is used to identify you on the KOMP device (e.g. if you start a video call), and is accessible for all the app users connected to the same KOMP as you. It is also accessible to No Isolation through our internal CRM system for support and security reasons.
Your data is deleted when you discontinue your user profile or if the KOMP device is reset (if the device is registered on a new customer or returned to us).
No personal data is required to use the AV1 application. If you want to contact our support team after our opening hours you will be given the option to give us your email address so we can contact you the following day.
We collect the following log data when you use AV1 in order to provide technical support, give proactive support, ensure correct billing and maintain adequate information security:
- Video stream session length and quality
- Date and time of a video stream
- WiFi network information
- Connection strength
- Cellular network information
The AV1 device is not registered on the user, but the customer of the device. Hence, the log data will not be traceable to the individual user of the device, such as children. The log data may be associated with the customer as long as the device is registered on the customer. Only technical personnel working under strict obligations of confidentiality have access to the above mentioned categories of data. The log data is never disseminated to third parties, unless required by law.
Our admin tool
If you are a customer with (typically) more than one product to manage, you might opt to use our Admin tool, wherein you can organise and see the status of your products. We offer this so you can administer your products yourself. If you want a Data Processing Agreement for your Admin tool, please feel free to contact us.
If you have access to the Admin tool you are requested to provide:
- Email address
Subscription to waitlists, newsletters and request for information
If you contact us or subscribe to a waiting list or to one of our newsletters, we collect the following data:
- Waiting list subscription: location (country of residence) and email address
- Newsletter subscription: email address
- Chat: you may chat with us without providing any personal data, but you can give us your email address so we can contact you again
- Email contact: if you contact us by email we store the correspondence in order to respond to your requests.
We need your consent to keep you on waiting lists and newsletter subscriptions. You may at any time withdraw your consent to be on such lists and we will correspondingly delete your personal data.
Chat logs and email correspondence is kept for 5 (five) years in the case you contact us again for a similar enquiry. You may nevertheless at any time request us to delete such data if you want to.
If you are a customer, we retain the chat logs and email correspondence as long as you are an active customer in order to give you the best possible customer support. The information may also be necessary to retain in relation to customer complaints or returns. You may request us to delete chat logs and email correspondence. We will consider your request reasonably. If we decide to retain your data, we will explain our reasons for doing so in a timely manner.
Your rights as a data subject
If you have any questions about how we process your personal data, we will provide you with an answer to your inquiry in a timely manner. You may also request us to:
- Provide you with all the personal data we have stored about you
- Correct any errors in the personal data we have stored about you
- Delete any personal data we have stored about you if we do not longer have a legal reason to retain it.
You may at any time file a complaint to the data processing authorities in your country if you are displeased with how we process your personal data.
Our data processors
This section describe our data processors and the services we use.
No Isolation use the following processors:
- Twilio Inc. for hosting a TURN server (relay server) that facilitates communication between AV1 and the associated user (application). For KOMP, Twilio is also used for sending SMS that allows users to gain access to the service.
- Amazon Web Services Inc. cloud based server for storing system data including customer data.
- Mongo DB Inc. for storing system data including customer data.
- Functional Software Inc. (Sentry) for logging errors/events. Used to monitor failures that occur in our system and/or applications.
- Wildbit llc. (Postmark) for sending emails to customers (like order/payment confirmation).
- Digital Ocean, Inc. for cloud based server hosting for diagnosing issues with AV1.
- Zendesk, Inc., for customer support in the app.
Transfer of personal data outside the EU/EEA
No Isolation may use the following sub-processor outside the EU/ EEA, under the legal basis described below:
- Twilio Inc. Processing takes place in the US. The legal basis for this transfer is Privacy Shield, under which the sub-processor is certified.
- Amazon Web Services Inc. Processing takes place in EU/EEA.
- Mongo DB Inc. Processing takes place in EU/EEA and the sub-processor is certified under the Privacy Shield Framework.
- Functional Software Inc. (Sentry). Processing takes place in the US. The legal basis for this transfer is Privacy Shield, under which the sub-processor is certified.
- Wildbit llc. (Postmark) Processing takes place in the US. The legal basis for this transfer is privacy shield, under which the sub-processor is certified.
- Digital Ocean, Inc. Processing takes place in the US. The legal basis for this transfer is privacy shield, under which the sub-processor is certified.
- Zendesk, Inc. Processing takes place in EU/EEA and the sub-processor is certified under the Privacy Shield Framework.
No Isolation has strict policies for data security, including, but not limited to, strict need-to-know access, two-factor authentication, and physical, contractual and digital protections for our data. We will never share your personal information with third parties that are not mentioned in our Privacy Statement or Terms and Conditions, unless you give your explicit consent.
Last updated: May 25th, 2018