Privacy Policy

Last updated: July 2026

Introduction

droslo.com ("we," "our," or "us") respects your privacy. This policy explains what data we collect, why, and what you can do about it. We follow GDPR and the Norwegian Personal Data Act (Personopplysningsloven).

Information We Collect

Information You Provide

  • Email address (when subscribing to our newsletter)
  • Search queries and filter preferences
  • Feedback and correspondence you send to us

Information Collected Automatically

  • Browser type and version
  • Operating system
  • Pages visited and time spent
  • Referring website
  • Approximate geographic location (city level)
  • Device type (desktop, mobile, tablet)

How We Use Your Information

  • To provide and maintain our healthcare search platform
  • To improve user experience and search relevance
  • To send newsletters (only with your explicit consent)
  • To analyze usage patterns and improve our services
  • To detect and prevent technical issues or abuse

Legal Basis for Processing

Under GDPR, we process your data based on:

  • Consent: For newsletter subscriptions and optional cookies
  • Legitimate interest: For basic analytics and service improvement
  • Legal obligation: Where required by law

Cookies

We use minimal, privacy-respecting cookies. We do not use third-party tracking cookies or sell your data to advertisers.

  • Essential cookies: Required for the website to function properly
  • Analytics cookies: Privacy-first analytics (only with consent)

You can manage cookie preferences through your browser settings or our cookie banner.

Data Sharing

We don't sell, trade, or rent your personal information. Period. We may share anonymized stats for research purposes.

Data Retention

We retain personal data only as long as necessary for the purposes described in this policy. Analytics data is anonymized after 26 months. Newsletter subscriptions are maintained until you unsubscribe.

Your Rights Under GDPR

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured format
  • Object: Object to processing based on legitimate interest
  • Withdraw consent: Withdraw consent at any time

To exercise any of these rights, contact us at privacy@droslo.com.

Data Security

We implement appropriate technical and organizational measures to protect your personal data, including HTTPS encryption, secure hosting, and access controls. However, no method of transmission over the Internet is 100% secure.

Children's Privacy

droslo.com is not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

Supervisory Authority

If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) at datatilsynet.no.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by posting a notice on our website. The "Last updated" date at the top indicates when the policy was last revised.

Contact Us

For privacy-related inquiries, contact our Data Protection team: