Privacy Policy

1. Introduction

Solix ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

This policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Norwegian Personal Data Act (Personopplysningsloven), and other applicable Norwegian and European data protection laws.

2. Data Controller

The controller responsible for your personal data is:

3. Information We Collect

3.1 Personal Information

We may collect the following types of personal information:

• Contact Information: Email address (for newsletter subscription)
• Location Data: Approximate location when using map features (processed locally)
• Usage Data: Pages visited, time spent, interactions (anonymized analytics)
• Device Information: IP address, browser type, operating system (anonymized)
• Cookie Data: Essential, analytics, and marketing preferences
• Communication Data: Any messages sent through contact forms

3.2 Automatically Collected Information

We automatically collect certain information when you visit our website, including:

• Log files and analytics data
• Cookies and similar tracking technologies
• Device and browser information
• Referral sources and search terms

4. Legal Basis for Processing

Under GDPR Article 6, we process your personal data based on the following legal grounds:

• Consent (Article 6(1)(a)): When you voluntarily provide information (e.g., newsletter subscription)
• Legitimate Interest (Article 6(1)(f)): For website analytics and improvement
• Contract Performance (Article 6(1)(b)): To provide requested services
• Legal Obligation (Article 6(1)(c)): To comply with applicable laws

5. How We Use Your Information

We use your personal information for the following purposes:

• To provide and maintain our services
• To improve user experience and website functionality
• To communicate with you about our services (only with prior consent for marketing)
• To analyze usage patterns and optimize our platform
• To comply with legal obligations
• To protect against fraud and ensure security

6. Third-Party Analytics Services

We use the following third-party analytics services to understand how our website is used and to improve our services:

6.1 Vercel Analytics

We use Vercel Analytics to collect anonymous usage statistics about our website. This service helps us understand:

• Page views and user interactions
• Geographic distribution of visitors (country-level only)
• Device and browser information (anonymized)
• Referral sources and search terms

Data Processing: Vercel Analytics processes data in compliance with GDPR and does not collect personally identifiable information. Data is stored for 26 months and is used solely for website analytics purposes.

Legal Basis: Legitimate interest (Article 6(1)(f) GDPR) for website improvement and analytics.

6.2 Vercel Speed Insights

We use Vercel Speed Insights to monitor website performance and identify areas for optimization. This service collects:

• Core Web Vitals metrics (anonymized)
• Page load times and performance data
• User experience metrics

Data Processing: Speed Insights data is processed anonymously and is used solely for performance monitoring and optimization.

Legal Basis: Legitimate interest (Article 6(1)(f) GDPR) for website performance optimization.

7. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With your explicit consent
• With service providers who assist in our operations (under strict data protection agreements)
• When required by law or legal process
• To protect our rights, property, or safety
• In connection with a business transfer or merger

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Typically:

• Newsletter subscriptions: Until you unsubscribe (immediate deletion upon request)
• Website analytics data: 26 months (Vercel Analytics retention period)
• Cookie preferences: Stored locally until cleared by user
• Contact form submissions: 3 years (for customer service purposes)
• Location data: Not stored (processed locally only)
• Legal compliance data: As required by applicable laws (typically 5–7 years)

9. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of Access (Article 15): Request copies of your personal data
• Right to Rectification (Article 16): Correct inaccurate or incomplete data
• Right to Erasure (Article 17): Request deletion of your personal data
• Right to Restrict Processing (Article 18): Limit how we use your data
• Right to Data Portability (Article 20): Receive your data in a structured format
• Right to Object (Article 21): Object to processing based on legitimate interests
• Rights Related to Automated Decision Making (Article 22): Human review of automated decisions

To exercise these rights, please contact us at privacy@solix.no.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. You can control cookie preferences through your browser settings.

9.1 Types of Cookies

• Essential Cookies: Required for website functionality
• Analytics Cookies: To understand website usage (Vercel Analytics)
• Preference Cookies: To remember your settings

9.2 Cookie Consent

When you first visit our website, you will be asked to set your cookie preferences. You can:

• Accept all cookies for the best experience
• Accept only essential cookies
• Customize your cookie preferences
• Withdraw consent at any time through your browser settings

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• SSL/TLS encryption for data transmission
• Secure server infrastructure
• Regular security assessments
• Access controls and authentication
• Staff training on data protection

12. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer your data internationally, we ensure adequate protection through:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules
• Certification schemes and codes of conduct

13. Children's Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

15. Contact Information

16. Supervisory Authority

You have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) if you believe we have not handled your personal data in accordance with applicable data protection laws.