It is important to be aware that this privacy statement is legally binding when you share your personal information with us. By using our services, you consent to the collection, use, and storage of your personal data in accordance with this statement.
The data controller for your information is Tings AS (928976173, Maridalsveien 15E, 0178 Oslo). If you have any questions or concerns regarding our processing of personal data, you can contact our data controller at the following email address: firstname.lastname@example.org.
At Tings AS, we value your privacy and take the responsibility of protecting your personal information seriously. We understand that sharing your personal information requires a high level of trust, and we will always treat this information with respect. We will adhere to applicable laws and regulations for privacy. This privacy statement provides you with information on how we collect, use, store, and protect your personal information.
Personal information is data that can identify an individual, either alone or in combination with other information. This can include names, addresses, email addresses, IP addresses, phone numbers, or other information that can be linked to a specific person.
Depending on how you use our services, we may collect various types of personal information about you. We are committed to not collecting more information than is necessary to provide the service to the best of our ability.
We may collect the following information:
We are allowed to process your personal information for the following reasons:
We use your information for the following purposes:
When you confirm that you want to retrieve purchases automatically, you allow Tings to collect purchase data on your behalf from the selected retailer. Your identity is verified either by your phone number or by logging in through your member account with the relevant retailer.
Subsequently, purchase data is retrieved from the relevant retailers. Once the purchase data is received, it is stored in your Tings user account, and digital twins are created where possible.
From now on, Tings is responsible for the collected data and will be the data controller. The relevant retailer will still be the data controller for the original data.
The consent that allows us to collect purchase data on your behalf lasts until you have been inactive for 3 years.
When you confirm that you want to retrieve purchases automatically from an email account, you will be asked to log in with Google/Outlook and give consent for Tings to read and extract emails.
Tings only extracts relevant emails with receipts and/or order confirmations based on a strict set of rules to identify these and nothing else.
Emails with receipts that are extracted are stored in your Tings user account, and digital twins are created where possible.
Tings' use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the requirements for Limited Use.
We take the security of your personal information seriously and have implemented appropriate technical and organizational measures to protect them from unauthorized access, alteration, or deletion.
We never share personal data with third parties unless it is necessary to perform a service you have requested. We will never share more information than is deemed necessary to provide the service.
When you transfer a digital twin to another user, any purchase receipts will also be transferred. The purchase receipt may have been collected automatically from a retailer or by you taking a picture of the receipt. Any personal data on the purchase receipt or in the image, will be accessible to the new owner.
We do not sell your data, and we do not make it available in any way to third parties who do not directly contribute to providing or improving the service to you unless required by Norwegian law.
We may share your personal information with third parties who process the data on our behalf, such as IT service providers. To ensure the proper and secure processing of your personal information, we will enter into written agreements with such third parties, called data processor agreements.
We want to inform you that some of your personal data may be stored outside of the EEA, specifically in the USA. This only occurs in cases where it is necessary to provide our services to you. However, we will assure you that we only collaborate with service providers who have approved privacy standards and comply with applicable privacy laws and regulations. Additionally, we will only store your personal data in the USA if we have a signed data processor agreement that ensures your personal data is processed in accordance with applicable privacy laws and regulations.
We will only store your personal information for as long as necessary to fulfill the purposes stated in this privacy statement unless a longer retention period is required or permitted by applicable laws and regulations. When we no longer need to process your personal information, such as when you delete your user, we will securely delete or anonymize it.
If you are inactive and do not use our service for a period of 3 years, all your data, including all receipts you have stored in Tings, will be deleted. We will notify you well in advance before this happens so you have the opportunity to save your data.
To meet the requirements of accounting or bookkeeping laws, it may be necessary to store some of your personal information for a longer period. In such cases, we will store the necessary information for as long as the law requires. This may include information about purchases, payments, and invoices. We will limit access to your personal information when it is no longer necessary to retain it for this purpose.
According to the Act relating to the processing of personal data (The Personal Data Act), you have the right to request access to and knowledge of the personal information we have stored about you. You also have the right to request that the information be corrected, deleted, or supplemented. We will respond to your request as soon as possible and no later than 30 days from when we receive it. If we cannot comply with your request within this deadline, we will provide you with a justification for this and inform you of when we expect to be able to respond to your request.
To correct, delete, or supplement your data, you can contact our data controller at the following email address: email@example.com.
We reserve the right to update or change this privacy statement from time to time. Any changes will take effect immediately after being published in the app or on our website.
If you have any questions or concerns about our processing of personal information, you can contact our data controller at the following email address: firstname.lastname@example.org.
If you believe that our processing of personal information is not in accordance with what we have described here or that we are otherwise in violation of privacy regulations, you can file a complaint with the Norwegian Data Protection Authority.
You can find information about your rights and how to contact the Norwegian Data Protection Authority on the Norwegian Data Protection Authority's website: www.datatilsynet.no.