Introduction

Jarnskjold AS, with its system/trademark AppUp, strives to protect and respect your privacy in accordance with the Act on the processing of personal data (Personal Data Act) which makes the EU’s personal data protection regulation (2016/679) of 27 April 2016 (General Data Protection Regulation, GDPR) valid in Norway from 20 July 2018. This privacy policy explains when and why we collect personal information, how we use it, under what circumstances we can pass it on to others, and how we safeguard the security of the information. The privacy policy applies to the use of our software AppUp, as well as services and activities related to sales and marketing

About AppUp

Jarnskjold AS owns and operates AppUp, which is a web-based project monitoring system, with control and documentation.

Use of personal data

We use personal data mainly to give you access to AppUp, as well as fulfill contractual obligations, provide support and consulting assistance, as well as send you information that is relevant with regard to the contractual relationship. We also carry out sales based on personal data.

We may use your information for the following:

  • Send you newsletters. This may include important information about our products and services, as well as events and activities.
  • Carry out direct sales activities in cases where a legitimate and mutual interest has been established.
  • Give you information about a course or event you have signed up for, for example about content and meeting place.
  • Respond to a contact form or other web forms you have filled in on AppUp’s website.
  • Follow up on incoming requests (customer support, e-mail or phone calls).
  • Carry out contractual obligations such as order confirmation, license details, invoices, reminders and the like. The agreement can be entered into with Jarnskjold AS / AppUp directly, or with a partner who supplies and uses AppUp’s system.
  • Notify you of interruptions in our services (system messages).
  • Contact you to conduct surveys about your opinion of our products and services.
  • Detect, minimize and prevent security threats and prevent misuse of our products and services.

The basis for collecting personal data

Collection of personal data based on consent

AppUp processes consent-based personal data using consent, when you create and use your user login in AppUp. Individual consents will always be stored and documented in our system. If you are a registered user of our services, you can manage your user profile yourself via your login to the system.

Collection of personal data based on agreements

AppUp processes personal data to fulfill obligations related to agreements with customers, partners and suppliers.

Collection of personal data based on legitimate interest

AppUp processes personal data if it is considered to be of legitimate interest, and if the privacy interests of the data subjects do not exceed this interest. In order to establish the basis for the data collection, we usually carry out an assessment that identifies a mutual interest between AppUp and the individual.

How and when we collect personal data

Users of our products and services have registered some basic personal data such as name, telephone number, username and e-mail address. The information is collected and registered when a user account is created.

Personal data may be stored when you contact us via web form, e-mail, telephone, social media or visit if this information is considered to be of legitimate interest to us and if this interest is not exceeded by your privacy interests.

What types of information are processed

We collect and process your name, address, telephone number, position, username and email address in addition to the name and contact information of the company you work for. We also have information about which applications you have access to and when you last logged in as a user in AppUp.

We log inquiries, comments and questions that we receive and send in service-related communications, as well as activities such as meetings, telephone calls, documents and e-mails. If you send us photos, videos, documents or comments with personal information, this will be logged and the information can be read by our case managers.

AppUp does not collect and process special categories of personal data, such as unique identifiers and sensitive personal data.

Logging:

All use of the system is logged with user/person, action performed and time. The purpose is to have a full overview of all entered data for control and documentation. Logging can also be used for any errors and reconstructions.

AppUp runs in the cloud and stores everything in the Microsoft Azure cloud (see Azure Policy)

Do we share your information with anyone?

We neither share, sell, rent or exchange your information with third parties without your consent, with the exception of what is described below.

Third party service providers working on our behalf:

We may pass your information on to our subcontractors and other associated organizations for the purpose of providing services to you on our behalf.

If required by law:

We publish your personal data if it is required by law, or if we as a company reasonably believe that this publication is necessary to protect the company’s rights and/or to comply with requirements in connection with a court case or court order. However, we will do what we can to ensure that privacy rights are still protected.

Use of subcontractors (data processors and sub-processors)

We may use subcontractors to process personal data on our behalf. In that case, we are responsible for ensuring that they undertake to follow this privacy policy and applicable privacy legislation.

If the subcontractor processes personal data outside the EU/EEA area, such processing must be in accordance with the EU-US Privacy Shield framework, the EU’s standard contract terms for transfer to third countries or another specifically determined legal basis for the transfer of personal data to a third country.

How long we keep the data

AppUp processes collected personal data for as long as we believe it is necessary to fulfill the purpose of the processing. At the same time, we assess the need to respond to requests from you or resolve possible problems, comply with statutory requirements under applicable legislation and process statutory claims/complaints. In addition, we take protective purposes into account.

This means that we can keep your personal data for a reasonable period after your last interaction with us. When the personal data we have collected is no longer necessary, we delete it securely. In such a case, we will delete the information without notice, unless otherwise agreed between AppUp and the person concerned. Normally, we will delete information no later than 3-4 years after the last interaction.

Your rights

If you are dissatisfied with the way your personal data has been processed, you can contact AppUp in the first instance by sending an email to:  post@appup.no If you are still dissatisfied, you have the right to contact the Norwegian the supervisory authority to obtain a decision. The supervisory authority in Norway is the Norwegian Data Protection Authority and contact information can be found at: www.datatilsynet.no

Changes to this statement

AppUp reserves the right to change this privacy policy at any time. The current version is always available on our website www.appup.no We encourage you to check the privacy policy from time to time to ensure that you are familiar with any changes.