Signicat Privacy and Cookie Policy

Purpose

The purpose of this policy is to define requirements for processing personal data in Signicat. The policy is defined to ensure:
• demonstrable compliance with legislative requirements, including Regulation (EU) 2016/679 (GDPR)
• transparency of personal data processing for both Signicat’s customers, data subjects and data protection authorities.

Identity and contact details

This policy covers processing of personal data by Signicat AS, a private company registered in Norway under organization number NO989584022, with its registered main office at Gryta 2A, 7010 Trondheim, Norway.
The Chief Information Security Officer (CISO) of Signicat, is responsible for this policy and its implementation both within Signicat, and on behalf of third parties involved in the processing of personal data.
Any questions or requests can be directed to privacy@signicat.com, or via other channels for contact found on signicat.com.

Public websites

The website at signicat.com is developed and maintained by Signicat for the purpose of marketing our products and services online. Signicat is the data controller for personal data collected through these websites.

A list of third parties involved in personal data processing will be made available upon request.

The processing is based on the visitor’s consent. Individuals who have their data processed by Signicat as a data controller, based on consent, have the following rights under GDPR:
• the right to be informed (which is why we have published this policy)
• the right to access data we hold about the individual
• the right to have data rectified, if inaccurate
• the right to withdraw consent, and to be forgotten
• the right to have data blocked from further processing
• the right to object to direct marketing

Individuals who want to exercise any of these rights can contact Signicat.
If our handling of personal data is not found to be satisfactory, and issues cannot be resolved with us directly, individuals can complain to the Norwegian Data Protection Authority (Datatilsynet).
Each area of personal data processing is described in detail below:

Visitor logs and statistics

Signicat will process information about people visiting our websites, in order to improve content and be able to target communications. Information we collect potentially includes personal data, including the visitor’s IP address, and information about each page view and their duration.

Through a third party, we collect de-identified information about visitors for statistical purposes, such as web browser and operating system, device and screen resolution. This third party will also collect a part of the visitor’s IP-address to determine the visitor’s approximate location, however not the entire address (we replace the last octet with a 0, before any data is sent to the third party, e.g. 192.168.1.0).

Cookies

Cookies are used on our web pages, including third party cookies. The cookies are used to identify relevant markets and helping us improve and maintain the user experience and create relevant information to our web pages.
• _ga, _gid: Browsing tracking cookies from Google Analytics, both directly and via Unbounce
• IDE: Advertisement tracking cookie from Google, via Doubleclick.net
• pardot, lpv, visitor_id, visitor_id-hash: Browsing and action tracking cookies from Salesforce
• olfsk, _okbk, _oklv, _okdetect, hblid, wcsid: Chat status tracking cookies from Olark, via Salesforce
• dtTrace: Web application diagnostics from DynaTrace, via Salesforce
Website visitors can decide whether or not they want to accept these cookies, by changing cookie settings in their web browser. Visitors may also prevent tracking by using private browsing, and in some cases limit tracking via enabling the Do Not Track (DNT) setting. More information about controlling and deleting cookies can be found at https://www.aboutcookies.org/, and DNT at https://allaboutdnt.com/.

Newsletter

Signicat offers a newsletter service for those who actively sign up for this. The newsletter service is provided via a third party data processor. We collect the email address of subscribers through a form.
All emails we send to newsletter subscribers include a personal unsubscribe link. When clicking this link, you are instantly unsubscribed from Signicat’s newsletter, and you will receive no further communications from us.

Contact forms

Information you provide when filling in a form on the web page, such as email, name, country and company, will be used to fulfill your request to be contacted.
When using our contact forms, you will be offered a way to opt into signing up for our newsletter. If you choose to do this, the paragraph above on newsletter registration applies.

Targeted content

Through our data processor, we collect de-identified information about which pages our visitors visit. If at any time a visitor choose to identify themselves, by interacting with a form on our website which collects information about your identity, your previous browsing history on Signicat’s websites, and reading our newsletter, will become connected with this identity. This information will in combination be used to classify the user as a potential prospect for making business with Signicat.

It is possible to avoid this intersection of data from happening, by deleting your cookies before you submit a form. You can also request any such information we have collected to be deleted, by contacting us.

Demo application

Where an online demo application is offered, we may collect your personal information regarding registration and use of the demo application, in order to serve demonstration purposes.
The data collected by demo applications shall be deleted at periodic intervals.