This privacy statement describes the processing of personal information of the companies associated with Advanced Medical Support (AMS). Companies associated with Advanced Medical Support are: AMS Holdings AS, AMS Assistanse AS, AMS Transport AS and AMS eOmsorg AS. The privacy statement also includes eClinic, which AMS uses as a trademark.
Applies to all employees, suppliers, partners, patients
Introduction
AMS is concerned that you trust us and how we process your personal information. In this privacy statement, we therefore explain why we collect information about you, how we use this information and how we take your privacy into account.
Personal information is information and assessments that can be linked to an identifiable individual. This can be, for example, name and contact information, purchase history or information about interests.
AMS processes your personal data in accordance with the requirements of the Personal Data Act (GDPR). The Personal Data Act regulates how personal data collected from use can and will be processed, how it is secured, who can access the information and whether the data can be disclosed to a third party.
BUSINESS CLASSIFICATION OF PERSONAL DATA
Our customers 'and users' personal information is classified as internal and confidential information and is stored and managed as such under limited access rights.
Use of personal data complies with the Personal Data Act. AMS processes personal data in accordance with the Personal Data Act on the basis of your consent or because it is required by law (medical record). Furthermore, it may be necessary to process personal data in order to fulfill an agreement with you as a registered user. Consent to the processing of personal data may be withdrawn at any time.
We, as the data controller, will ensure that we use personal information about you in accordance with the rules of law.
1. What personal information do we have about you?
Depending on what information you give us, how you use our services, and what permissions you give us, we have this information about you:
- Information about you
When registering on our website / service, you must provide some information stored by us, such as name, e-mail address and mobile number. In some cases, we need an address to reach you by post or know more about where you are. The information you provide can also be expanded with the help of lookup services.
- Information we receive through the use of our services
Your device and your internet connection: We can register information about the device you use (mobile / PC, operating system and browser). We may collect information about the connection to our services, such as IP addresses, network IDs and cookies.
Use of service or purchase: registers information about your use of the services, such as which pages you are on, when you are on the pages and which functions you have used on our pages.
- Purchase information
Information we receive when you receive something from us, such as what you have purchased, card number and payment method (eg Visa). If you have a user account with us, you will get an overview of your previous purchases in your user account.
- Communication
Information you give us when you contact us, such as emails sent between us.
Information we receive from other sources: We may receive information about you if you use any of the other services we provide
offers. We also work closely with third parties (eg business partners, technical service providers and search engines) and may receive information about you from them. This also includes information that is public
available.
- Statutory information
We are required by law to hold certain personal information. Example of this is about regulations on patient records.
For the medical part of the services we offer, we may need a number of information from you. We do not use automated decisions or build user profiles based on personal information you provide to us. AMS does not buy, rent or sell personal information about you.
2. Why do we collect user information?
We collect user and personal information in our services for the following purposes:
- Offer website: We use information to adapt our website to the technical equipment you use. We may also use the information to adapt the content of our website and app to what we think you are interested in.
- Orders: We use information to complete your order, to provide services, receive payment and store purchase history.
- Create user account: We use information if you create a user account, e.g. to give you access with username and password, to store your contact information and payment information, and for you to see your purchase history.
- Statistics: We compile statistics and map market trends to improve and further develop our products and services. We do this with anonymous information, without knowing that the information is specifically related to you.
- To prevent misuse of our services: We use personal information to prevent attempts at abuse, fraud,
"Spamming", incitement, harassment and other acts that are prohibited under Norwegian law.
Categories of personal data, purpose and basis for processing
AMS processes personal data according to the following processing basis.
- With your consent
When you as a customer in our service have given consent for us to collect yours
personal information. - Inquiries from you (incl. Communication, support, customer service, etc.)
When you contact us via the website (contact form, comment field, communication tool), by e-mail, by telephone (call, text message) or social media, we process personal information. Depending on where and how
you send us a message, this can be contact information, IP address and other information you choose to send to us.
We review, archive and delete inquiries as needed. Inquiries we are obliged to keep, such as documentation in connection with a complaint / complaint case, are stored until the deadline for complaining / complaint has expired (two or five years).
Accounting material is stored for up to five years, in accordance with the rules in the Accounting Act. - Purchase of products and services
When you use services from us, we process personal information such as contact information, order and payment information and purchase history.
The purpose is to deliver products and services to you after ordering / purchasing, and to have a history of products and services sold. - Marketing in existing customer relationships
During your customer relationship with us, we can communicate with you via electronic communication in accordance with the Marketing Act, as well as the Norwegian Consumer Agency's guidelines.
Examples can be newsletters, inquiries about content, services and events from us, via e-mail, telephone, SMS and social media. You can unsubscribe from marketing by email and SMS at any time.
If you are not an active customer, we will only send you marketing if you have given us consent. - Surveys
It may be desirable to ask you how you experience our services. We always inform about the purpose of surveys we conduct, and whether they are anonymous or not. We do not share the information with others, or use it for purposes other than what we have provided. In anonymous surveys, no personal information is collected.
The information is stored for as long as it is relevant for the purpose, or until you withdraw your consent and possibly request that it be deleted.
4. Who do we share personal information with?
In order to run our business, it is sometimes necessary to share your personal information with other companies that perform services on our behalf. This is primarily to give you a safer and better user experience.
Examples of this are:
- data processors - for example, providers of various services that process your personal information on our behalf. These are not permitted to use this personal information for any purpose other than performing Advanced Medical Support services. (for example for IT and administration services, accounting, cloud storage, web hosting, sending e-mails and the like).
- User support for IT and administration systems.
- Public authorities we are obliged to report to.
- In case of suspicion of crime - information can be handed over to public authorities upon request. We will also be able to provide information in the event of suspected fraud, or information that is necessary to resolve specific disputes.
We require that everyone we share your personal information with, secures your data in accordance with good information security, and in accordance with the requirements of the Privacy Ordinance. We enter into a data processor agreement with all suppliers.
You can contact us for contact information for relevant partners and suppliers.
5. Personal information shared with third parties
In the following cases, personal data may be shared with a third party:
- When part of the order includes services provided by a third party
- For video consultation: Confrere: https://confrere.com/no Healthcare professionals who are our medical providers of digital services are registered in Confrere.
- When you place an order in eClinic, you create a user account. Your data is stored in your account until you delete your account yourself.
- When third party service providers perform tasks or work on our behalf and according to our instructions as data processors
- Payment services: Payex Swedbank https://www.swedbankpay.no/
- Data shared may include: Name, registration of payment transactions for the services
- When performing the services requires a third party service, such as by referring to a medical specialist
AMS ensures that all data processors are subject to the same duty of confidentiality as personnel employed by AMS and that agreements on the use of data processors meet the Personal Data Act's requirements for the use of data processors / content of data processor agreements.
6. Your rights
Personal information is information that can be linked to an identifiable individual. This can be the name, address, telephone number, e-mail address, IP address and history of your use of our services.
All processing of personal data, such as collection, registration, storage and disclosure, is subject to special rules, including in the Personal Data Act.
You can exercise your rights by sending us an e-mail: admin@amedsup.no. You are entitled to a reply as soon as possible, and no later than within 30 days.
More information about your rights can be found at The Data Inspectorate's pages. Here is a short summary:
You may have the right to ask us to:
- Provide you with additional information about how we process your personal information.
- Give you a copy of personal information about you.
- Update your personal information.
- Delete information that we no longer have a basis for storing.
- Limit or stop the processing of your information
- Withdraw any consent you have given us.
Be aware that there are restrictions on these rights. Feel free to contact us if you want more information about this. If you believe that we process personal data in violation of the Personal Data Act, you have the right to complain to the Norwegian Data Protection Authority. Before you do this, we would like you to contact us so that we can answer your questions or clear up any misunderstandings.
7. Patient consultations on video
With video consultation, you receive AMS´ services via a digital device (PC / mobile, tablet).
When you use the service, you also give consent for AMS to send an hourly reminder per
SMS.
- Informed consent - when you accept the terms of use, you have received information about what data we need and possibly store.
- We use BankID to verify the identity of our healthcare professional and you as a patient.
8. Security
AMS takes information security seriously and always makes sure to do our best to safeguard your personal information, cf. current legislation.
- Access control - We use recommended strong passwords, data encryption, access control, backup and two-factor authentication to secure our data and prevent unauthorized access to view, change, delete or in any way affect the data we store.
- Reputable suppliers - AMS only uses reputable providers of IT and administration services (web security, virus software, e-mail provider, backup, etc. Access to and / or processing of your personal data is only permitted in accordance with our instructions, and only where strictly necessary .
- Routines and risks - AMS has routines for handling breaches of data security. In the event of non-conformance, a non-conformance report is sent to the Norwegian Data Protection Authority within 72 hours after the breach is discovered. If the breach entails a high privacy risk, affected data subjects will also be notified.
9. Transfer of personal data outside the EU / EEA
Sometimes we transfer personal information outside the EU / EEA, for example where we use suppliers outside the EU / EEA to process your information to make services available via our website, to enable payment, for security and otherwise to be able to run our business on a safe and efficient way.
Transfer of personal data to outside the EU / EEA is only permitted to countries approved by the EU Commission, or under the necessary guarantees under the Privacy Regulation.
An example of such a guarantee is Privacy Shield for suppliers we use based in the USA, and the use of EU standard contracts or binding business rules.
Get in touch if you want to know which suppliers we use outside the EU / EEA, and get access to documentation of necessary guarantees.
10. Cookies
We use cookies on our websites to ensure functionality on the website, analyze internet traffic and see which areas of our website you have visited.
11. Changes to the Privacy Statement
We will be able to update the privacy statement from time to time. You will be notified of significant changes. You will always find the latest version of our privacy statement on the website.
Contact
Our contact information is:
E-Postadresse: admin@amedsup.no Phone: + 47 4000 2640
Do not email personal or health information about yourself to AMS.