PRIVACY POLICY
This Privacy Policy explains how Digital Trust AS ("Mravinsky", "we", "us", or "our") collects, uses, and protects personal data in connection with the website at mravinsky.ai. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Norwegian Personal Data Act.
1. Data controller
The data controller for personal data processed in connection with this site is Digital Trust AS, Org.nr 931 464 191, Hasleveien 28A, 0571 Oslo, Norway. For any privacy-related inquiry, contact us at hello@mravinsky.ai.
2. What we collect
We collect only the personal data necessary to operate the site and respond to inquiries. Specifically:
- Information you provide. When you contact us by email or another channel, we receive the contents of your message, your name and email address, and any other information you choose to share.
- Technical data. Our hosting provider may automatically log standard technical information when you visit the site — including IP address, user agent, requested URL, referrer, and timestamp — for the purposes of operating, securing, and analysing the service.
We do not knowingly collect special categories of personal data, and we do not use the site to profile visitors or make automated decisions.
3. How we use personal data
We use personal data for the following purposes:
- to respond to inquiries you send us and to maintain related correspondence;
- to operate, maintain, secure, and improve the site;
- to comply with legal obligations to which we are subject;
- to defend or pursue legal claims, where necessary.
4. Legal bases
Under the GDPR, we rely on the following legal bases:
- Consent (Art. 6(1)(a)) — where you have voluntarily provided information to us;
- Performance of, or steps prior to, a contract (Art. 6(1)(b)) — where we correspond with you about potential services;
- Legitimate interests (Art. 6(1)(f)) — to operate and secure the site, and to defend our rights; balanced against your rights and freedoms;
- Legal obligation (Art. 6(1)(c)) — where applicable law requires retention or disclosure.
5. Cookies
This site does not set marketing, advertising, or cross-site tracking cookies. Strictly necessary cookies may be set by our hosting provider for the basic operation and security of the site (for example, to load-balance traffic or to detect abuse). You can configure your browser to refuse cookies, although doing so may affect functionality.
6. Sharing of personal data
We do not sell personal data. We may share personal data with:
- Service providers — such as our hosting, email, and infrastructure providers, acting as processors on our behalf under appropriate contractual safeguards;
- Professional advisers — such as lawyers and auditors, where necessary for them to advise us;
- Authorities — where required by law, regulation, or legal process;
- Successors — in the event of a corporate transaction such as a merger or acquisition.
7. International transfers
Where personal data is transferred outside the European Economic Area, we ensure an adequate level of protection through mechanisms recognised under the GDPR, such as European Commission adequacy decisions or Standard Contractual Clauses, together with any supplementary measures required.
8. Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements. Email correspondence is typically retained for as long as the business relationship is active and for a reasonable period thereafter, then deleted or anonymised.
9. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. No method of transmission or storage is, however, completely secure, and we cannot guarantee absolute security.
10. Your rights
Subject to applicable law, you have the right to:
- access the personal data we hold about you;
- request rectification of inaccurate or incomplete data;
- request erasure of your personal data;
- request restriction of processing;
- object to processing based on legitimate interests;
- request portability of data you have provided to us;
- withdraw consent at any time, where processing is based on consent;
- lodge a complaint with a supervisory authority — in Norway, this is the Norwegian Data Protection Authority (Datatilsynet).
To exercise any of these rights, contact us at hello@mravinsky.ai. We will respond within the timeframes required by applicable law.
11. Children
This site is not directed at children, and we do not knowingly collect personal data from individuals under the age of 16. If you believe we have inadvertently collected such data, please contact us so we can delete it.
12. Changes to this Policy
We may update this Privacy Policy from time to time. The "Last updated" date above reflects the latest revision. Material changes will be reflected on this page.
13. Contact
For any privacy inquiry — including data subject requests — write to hello@mravinsky.ai.