Privacy Policy

The Safety of Your Personal Data is important to us!

We believe in transparency. We appreciate that you trust us with information that is important to you, and we want to be transparent about how we use it. Here we describe our privacy practices. We describe it for our devices, applications, software, websites, and services.

You will learn more about the data we collect, how we use it, the controls we give you over your information, and the measures we take to keep it safe.

We collect data when you are signing up for more information at our website, when you are signing up for a Somnofy account, when you use a Somnofy unit, and when you use the Somnofy apps and services.

The privacy policy

This privacy policy’s purpose is to give you an understandable way of knowing how Somnofy, through VitalThings AS (from now on “Somnofy”, “us” or “we”) collect and process your personal data. Based on our position as a Norwegian company, our policy is to adhere to the local data privacy legislation, which in Norway and EU-/EEA-area is the General Data Protection Regulation (GDPR).

Users outside the EU-/EEA-area will not be covered by GDPR. However, we will take care of your information in the same way as we do for European users.

Somnofy processes your personal data as the data controller as defined in GDPR. This means that we determine the purpose of our services and what data we collect.

If you have any questions, don’t hesitate to contact us through the contact information you will find at the bottom of this privacy policy.

Relevant regulations, laws, and standards:
GDPR (General Data Protection Regulation)
The Norwegian “Personopplysningsloven”

Use of personal information
Somnofy processes your personal information when you
— Visit our web-site
— Buy a Somnofy
— Use a Somnofy
— Use our applications and services
— Contact Somnofy’s customer service
— Sign up to Somnofy newsletters or surveys

Information you provide us
To use Somnofy and create a personal profile we need to collect information about you, including name, e-mail address, age, sex, height and weight.

Information received through the use of our services
When submitting the form to show interest in Somnofy, we process and store your personal information to be able to follow up your interest in Somnofy. In the form, you submit your name and e-mail address. The purpose of processing these personal data is to be able to enter into and carry out assignments for you as a customer.

We have newsletters for our services and on that occasion, we collect email addresses. The purpose is to update those who voluntarily want information about our products, projects and other general information. In the case where we are doing surveys with giveaways, we collect information to reach out to the winners.

We use cookies to collect analytical information on how our various user interfaces are used. This is done to optimize and customize your user experience.

When you buy a Somnofy, we collect information including name, address, and phone number to handle and ship your order.
In order to use the Somnofy unit and services, you need to register as a user. By doing so, you will be required to accept our terms and conditions.

When you are using the Somnofy unit we collect information to give you analysis of your sleep pattern and insights into your sleep. We collect body movement, respiration rate, heart rate, light spectrum, air quality, temperature, sound level and coarse location where the Somnofy unit is used. Based on collected data, we process, analyze and present your sleep pattern and insights. We also collect information about your use of the Somnofy unit and the Somnofy apps and services, to improve future versions of our solution.

We will not in any case give personalized information to other parties.

Health and special categories of information
We take your privacy and the security of all your personal information seriously. To the extent the data we collect or process is health data and then a special category of personal information, we ask for explicit consent. Your vital signs and sleep pattern are seen as health data according to GDPR. This means that we will take special care of these data. We work hard to keep your data safe.

How do we process personal information
Personal information we receive and which is processed in connection with any interaction based on or related to Somnofy, personal information processed through cookies, has the legal basis in the GDPR Article 6 (1) (b) "necessary to fulfill the agreement". The purpose of this is to be able to implement the agreement and deliver a desired and optimized product to the individual customer.

Personal information processed through cookies by visiting our website is used for statistical purposes so that we can analyze our website and customize it to users' behavior patterns. The use of cookies must be actively accepted by the individual user inside our website and based on the basis of the processing consent, cf. Article 6 (1) a.

For our newsletters, each one reports on the website. The treatment basis for obtaining personal data for newsletters is based on consent, cf. 6 no. 1 letter a) in that each customer signs up on our newsletter.


Our Policies for Children
We appreciate the importance of taking additional measures to protect children’s privacy.

Somnofy does not knowingly collect personal data from children under the age of 16 without parents´ consent. If you have reason to believe that a child under the age of 16 has provided personal data to Somnofy through the services without consent, please contact us and we will endeavor to delete that information from our databases.

How long do we retain your information
Your personal information is stored with us as long as it is necessary to achieve the given purpose of the processing based on the duration of the customer relationship.

If there is a legal obligation, the information can be kept longer. For example, in accounting, by the Norwegian “bokføringsloven § 13”.

We keep personal information for one year after the last contact with the customer.

Third parties
Somnofy use third party products and services as part of our solution.

Information security
We have a strong focus on information security in a combination of technical, administrative, and physical controls, in order to provide the security of the data we process. This includes in flight and at rest encryption of data.

Your rights as a data subject
As a data subject with EU/EEA residency, you have certain rights according to GDPR. These can be found in GDPR article 12-23.

Right to withdraw consent:
If the processing is done due to prior consent to the processing of personal data, you can withdraw such concent at any time by contacting us.

Request access:
As a user you have the right to know what kind of information we have stored about you. Such information can easily be obtained from us upon request. In order to ensure that the personal information is published to the right person, we may request that access requests be made written or by other identification of you as a user.

Moving Your Data:
The right to data portability allows you, as a customer at a simple request, to disclose your personal information to have it available as a data export.

Getting Information Changed or Deleted:
You can always ask us to correct inaccurate information about you or ask us to delete your personal information. As far as possible, we will request a deletion request. If there are weighty reasons, such as the need for documentation, to not delete information, this will have to be presented and proven by us.

Appeals to the Data Protection Authority:
The Appeals Board in privacy matters in Norway is the Data Inspectorate (Datatilsynet). We have high priority on privacy, but if you as a user of our services still feel that we have not adequately protected your privacy or have acted in violation of this statement, you have the opportunity to appeal to the Data Protection Authority.

To exercise these rights, we can be contacted at our e-mail address. We are obliged to respond within a reasonable time and no later than 30 days after inquiry.

Governing law and venue
Disagreements with this privacy policy or how we process your personal information will be solved through negotiations and by an amicable settlement.

If disagreements cannot be resolved through negotiations, the Norwegian law that is the applicable right for any lawsuit is the right venue Trøndelag District Court.

Changes in privacy policy
We reserve the right to make changes to this Privacy Policy. There will always be an updated version of this privacy statement on our website.

In case of significant changes in the privacy statement, you will be notified via email.

Contact information
If you have inquiries or wish to exercise your rights, please contact us at:
Phone - +47 40205300
Email - privacy@somnofy.com