Privacy Policy for Yatek Solutions

Last revised: 25.09.2022

This privacy policy provides information on how personal data is processed by Yatek Solutions AS, organisation number 926 743 384 (“Yatek Solutions”) when Yatek Solutions is acting as a controller under the General Data Protection Regulation (“GDPR”).

All references to “we” and “us” refer to Yatek Solutions. All references to “you” and “your” refer to the data subject.

  1. The purpose of processing personal data

  1. Processing personal data in order to respond to inquiries

In order to respond to inquiries, it is necessary to process personal data.

We process personal data on customers, potential customers and visitors of our websites. The personal data may be e.g. the name and contact info of the person sending us inquiries, including the information in the inquiry.

The legal basis for the processing of personal data is our legitimate interest according to article 6 (1)(f) of the GDPR. Our legitimate interests consist of being able to provide information about ourselves and our services upon request.

  1. Processing personal data for marketing purposes

We process personal data when we are marketing our services.

The purpose of the processing is to reach existing, potential and former customers and users in order to market our services. We process data such as name and contact information of the data subject, and data about the data subjects’ interests, interactions etc.

The legal basis for the processing of personal data is either consent according to article 6 (1)(a) of the GDPR or our legitimate interest according to article 6(1)(f). When legitimate interest is the basis, we have considered that we have an interest in being able to market our services for business purposes, and that this interest is not overridden by the interest of the data subject.

  1. Processing personal data on collaboration partners and contractors

We process personal data on collaboration partners and contractors with the purpose of delivering services and the exchange of services. Personal data processed may be names, phone numbers, addresses, e-mail addresses and invoice information.

The legal basis for processing this data is the agreements Yatek Solutions has entered into with each collaboration partner and contractor.

  1. Processing of personal data for user testers

We process personal data in connection with user testing of our services. The purposes are to recruit user testers and to carry out an agreement with the testers who has been chosen for participation.

The data we process for these purposes includes the applicant's contact information such as name, telephone number and e-mail address. To pay agreed fees we additionally process social security numbers and addresses.

In the recruitment process we also ask if the applicant has experience with social anxiety, which means we are processing health data according to GDPR article 9. We ask for the applicant's consent to process this data. The purpose is to recruit user testers which represent the actual users of our products and services.

Our legal basis for the processing is GDPR article 6(1)(b) for performance of the agreement, and GDPR article 9 (2)(a) for processing of health data.

  1. Security

We have implemented appropriate technical and organisational measures ensuring that personal data is processed in a level of security appropriate to the risk, e.g. ensuring confidentiality, availability and integrity of the personal data.

  1. Recipients of the personal data and the use of subcontractors

We do not disclose and/or share your personal data to third parties except where it is necessary for fulfilling our legal obligations.

For some administrative purposes we use subcontractors (processors). We have secured that the processing is in accordance with the requirements of GDPR by entering into data processing agreements with the data processor. The data processing agreements also ensure that the personal data is not used for any other purpose.

We do not process personal data outside the EU/EEA.

  1. The data subject’s rights

As a data subject, you may require

If consent is the legal basis for processing of your personal data, you may at any time withdraw your consent by contacting us.

You may also have the right to protest to the processing and require data portability.

If you have any concerns about how we process your personal data, you are welcome to file a complaint to the Norwegian Data Protection Authority (Datatilsynet): or the relevant data protection authority in your country.  We would appreciate if you contact us before filing a complaint.

  1. Contact information of the data controller

If you have any questions on how we process your personal data, or wish to execute one of your data subjects right please contact: