Conductor of Light is following the law on personal data by The Norwegian Data Protection Authority. The Norwegian Data Protection Authority shall facilitate protection of individuals from violation of their right to privacy through processing of their personal data. Personal information given by customers will not be forwarded to any third parties, and are only used to deliver our product.
All web pages where you as a customer leave personal information in conjunction with a transaction, are on secure pages (encrypted transfer of information). The pages are enabled with SSL (Secure Socket Layer). If you can see the lock symbol in your status or address line, and the the address https (s = secure), you know SSL is used.
We use one SSL on our domain, and one delivered by our system, Squarespace. HSTS Secure from Squarespace adds a second layer of security. Enabling HSTS Secure ensures the connection is encrypted and prevents potential attackers from accessing or impersonating your site. If you think of a visit like a letter being sent from the visitor’s browser to your site, HSTS certifies that letter and ensures that only the correct recipient can open it.
We use the web hosting supplier PRO ISP. Information collected in connection with site operation is stored on own servers operated by the provider. Only Conductor of Light (in this case Jørgen Håland) and PRO ISP have access to the information collected.
We use Stripe as for our online payment processing. This is one of two option given by Squarespace. Only Conductor of Light (in this case Jørgen Håland) have access to the information collected. Stripe and the GDPR, you can read a snippet here or read about it over at Stripe.
"At Stripe, privacy, data protection, and data security are at the very heart of everything we do. We’re continuously working to reset the bar for ourselves in the security and data privacy realm, and view the GDPR as an opportunity for the entire industry to come together on this and improve.
Stripe started its efforts towards GDPR compliance back in 2016, and we are working to ensure that our services are GDPR-compliant on the effective date of May 25, 2018."
User accounts created on Squarespace are also secured by our SSL provider. By creating an account, customers can securely save payment methods, shipping addresses, shopping carts, and order information, making for a faster checkout experience. Only Conductor of Light (in this case Jørgen Håland) have access to the information collected. We will never share your email address with others
We use Google Analytics and Squarespace embedded analytics to collect visits to our site. The information is used to strengthen the website to create a better service for our customers. Examples of what the statistics provide is how many people visit different pages, how long the visit lasts, what websites users come from and what browsers are using.
We can not track the information we collect back to the individual visitor.
Conductor of Light sends out newsletters when it suits them. Less than four times a year. We hate spam. In order for us to be able to send e-mail, you must register an e-mail address. Mailchimp is the data processor for the newsletter and has its own privacy statement. The e-mail address is stored in a separate database and deleted when you unsubscribe. The e-mail address will also be deleted if we receive feedback that it is not active. We will never share your email address with others. You can choose if you want to enter your name when you sign up.