NO
EN
TRData Controller
The Data Controller is LumaCare Mental Helse AS, organization number 933 066 894, Meltzersgate 4, 0257 Oslo. Contact: hello@lumacare.example.com.
What Data We Process
We process contact information (name, email, phone number), the content of inquiries you send us, technical data necessary for the website to function, and, for patients, medical record information necessary for proper clinical follow-up.
Inquiries via email, WhatsApp, or contact forms should not contain sensitive health information. Such information belongs in consultations and medical records, not in open messaging channels.
Purpose and Legal Basis
Personal data is processed to answer inquiries, schedule consultations, manage payments, and provide healthcare services. The legal basis is consent (GDPR Art. 6(1)(a)), the necessity to provide healthcare (Art. 9(2)(h)), and legal obligations under healthcare legislation.
Duty of Confidentiality and Medical Record Keeping
As healthcare professionals, our practitioners are bound by a duty of confidentiality. Patient data is documented in medical records in accordance with current Norwegian healthcare legislation and is stored separately from general website inquiries and marketing data.
Storage and Security
Medical records are stored in a record system that complies with Norwegian information security requirements. Website inquiries are stored no longer than necessary to respond to them and to follow up on practical arrangements.
Data Processors and Third Parties
The clinic may use external providers for technical operations, mapping, email/communication, payments, and record keeping. This may include Google Maps for maps, WhatsApp/email for basic contact, and payment solutions such as MediPay/Payex where applicable.
Optional analytics are only loaded upon consent if analytics tools are activated. reCAPTCHA or equivalent bot protection is only mentioned and activated if actually in use.
Your Rights
You have the right to access, rectify, erase, and port your data in accordance with the GDPR. Medical record information is concurrently subject to specific rules under healthcare legislation. Privacy complaints can be directed to the Norwegian Data Protection Authority (Datatilsynet) at datatilsynet.no.
Cookies
The website uses strictly necessary cookies to function. Optional analytical cookies are only loaded after you have given active consent in the cookie banner.
You can withdraw your consent at any time via "Cookie Settings" at the bottom of the page. Your choice is stored locally in your browser for up to six months before we ask again.