GDPR Policy

Last updated: February 10, 2025

Introduction

Dazebook, a project of Dazewood AS, is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This policy explains how we collect, process, and protect your personal data in accordance with GDPR requirements.

Data Controller Information

Dazewood AS, operating as Dazebook (referred to as "we", "us", or "our"), acts as the data controller for personal information collected through our website dazebook.com and our services. You can contact our Data Protection Officer at:

  • Email: support@dazebook.com
  • Address: Dazewood AS, Att: Dazebook, Hauanveien 11, 3213 Sandefjord, Norway

Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of your personal data.
  • Right to Rectification: You can request corrections to your personal data if it's inaccurate or incomplete.
  • Right to Erasure: You can request deletion of your personal data (the "right to be forgotten").
  • Right to Restrict Processing: You can request limits on how we process your data.
  • Right to Data Portability: You can request your data in a structured, commonly used format and transmit it to another controller.
  • Right to Object: You can object to the processing of your personal data.
  • Rights Related to Automated Decision Making: You can request human intervention in automated decisions that affect you.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: When you explicitly agree to the processing of your personal data.
  • Contract: When processing is necessary for the performance of a contract with you.
  • Legal Obligation: When we need to comply with a legal requirement.
  • Legitimate Interests: When processing is necessary for our legitimate interests or those of a third party, provided those interests do not override your rights and freedoms.

Data We Collect

Personal Data

We collect and process the following personal data:

  • Identity Data (name, username)
  • Contact Data (email address, phone number, address)
  • Financial Data (payment information for ebook purchases, if applicable)
  • Technical Data (IP address, browser type, device information)
  • Usage Data (how you use our website and services)
  • Marketing Data (your preferences in receiving marketing from us – only with your explicit consent)

How We Use Your Data

We use your personal data only for specified, explicit, and legitimate purposes:

  • Providing access to our ebooks and related materials
  • Processing your payments (if applicable)
  • Sending you important updates about your purchases or account
  • Providing customer support
  • Improving our services and website
  • Marketing communications (only with your explicit consent)

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including:

  • The duration of your access to purchased ebooks
  • Legal and accounting requirements
  • Handling any disputes
  • Marketing purposes (if you've consented)

International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we will ensure a similar degree of protection by implementing appropriate safeguards, such as:

  • Using standard contractual clauses approved by the European Commission
  • Transferring data to countries deemed by the European Commission to have adequate data protection laws
  • Using providers certified under recognized data protection schemes

Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized way. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection

Data Breach Procedures

In the event of a personal data breach, we will notify you and any applicable regulator when we are legally required to do so. We will provide you with details of the breach, its likely consequences, and the measures we've taken to address it.

Third-Party Processors

We may use carefully selected third-party service providers to process data on our behalf (e.g., payment processors, email marketing services). All processors are bound by contracts that ensure they:

  • Process data only on our instructions
  • Implement appropriate security measures
  • Assist us in fulfilling data protection obligations
  • Delete or return data at the end of their service

Cookies and Tracking

We use cookies and similar tracking technologies in accordance with GDPR requirements. You can control cookies through your browser settings and our cookie consent manager. Essential cookies required for our service to function may not be able to be disabled.

Children's Data

We do not knowingly collect or process data from children under 16 without parental consent. If you become aware that a child has provided us with personal data without appropriate consent, please contact us.

Your Right to Complain

You have the right to lodge a complaint with your local data protection authority if you're unhappy with how we've handled your personal data. In Norway, this is Datatilsynet (https://www.datatilsynet.no/).

Changes to This Policy

We may update this GDPR policy from time to time. We will notify you of any significant changes by posting the new policy on our website and updating the "Last updated" date.

Contact Us

For any GDPR-related queries or to exercise your rights, please contact our Data Protection Officer:

  • Email: support@dazebook.com
  • Address: Dazewood AS, Att: Dazebook, Hauanveien 11, 3213 Sandefjord, Norway