Personal information

Information or assessment that can be linked to an individual. This can be name, address, telephone number, e-mail address, car number, photos or social security number.

GDPR

Abbreviation for The General Data Protection Regulation, the EU regulation (regulations) for personal protection. Also called the privacy regulation.

Processing of personal data

All use of personal data, such as collection, registration, compilation, storage and disclosure, or a combination of such uses.

Data controller

The person who determines the purpose of the processing of personal data and which aids are to be used. This is usually a business.

Data processor

The person who processes personal data on behalf of the data controller. This is usually a business.

Data subject

The individual to whom the stored information can be linked.

Personal data

Data provided by the user to identify himself when purchasing services or other inquiries to a business.

Automatically collected data

Data that the user does not provide directly, but which is automatically collected through interaction with the businesses' online platform and technical systems.

Information cookies

A cookie is a small text file that is downloaded and stored on the computer/mobile phone when the user opens a website. The cookie is used, for example, to store login details, remember shopping baskets in the online store or register where the user moves around the website.

Tracking

Action where you can follow the electronic traces a user leaves behind.

IP address

Unique number that identifies a device in a network. IP address comes from English: Internet Protocol address.

Consent

A voluntary, specific, informed, unequivocal and active declaration from the data subject that he or she accepts the processing of information about himself.

Special categories

Also called sensitive personal data. This is information that requires extra protection, such as information about racial or ethnic origin, religion, health information, sexual orientation and more.

This privacy policy explains how we collect and use (process) personal data in our business.

DigiUp – Prosjektjegeren AS, by owner and managing director Line Rødli Kristiansen, is responsible for the processing.

N.B. It is not permitted to copy any text from this privacy policy, cf. copyright law.

Our contact information is:

Prosjektjegeren AS - DigiUp

Business address: Fyrstikkbakken 22, 0667 Oslo

Organization no.: 983 542 018

E-mail address: line@digiup.no

This privacy policy was last updated: August 7th 2024.

We take your privacy seriously and we have taken several measures to ensure that we provide you with clear information about how we process your data and what rights you have. If you feel that something is unclear or missing, please do not hesitate to contact us.

Contact us if you have questions about or want to exercise one of your rights. You are entitled to a response within 30 days at the latest.

✔ Access to and correction of your own information: You can request a copy of all information we process about you and ask us to correct information that is incorrect.

✔ Deletion or restriction: In some situations, you can ask us to delete and/or limit the processing of information about yourself, but we cannot delete data we are required to process.

✔ Object to processing: If we process information about you on the basis of legitimate interest, you have the right to object to it.

✔ Data portability: If we process information about you based on consent or a contract, you can ask us to transfer information about you to you or to another controller.

✔ You also have the right to withdraw your consent at any time.

✔ If you are not satisfied with the processing of your data, you can complain to the Norwegian Data Protection Authority, but we hope that you will tell us directly first so that we can try to resolve the matter for you in a good way.

We process personal data about:

✔ Customers

✔ Potential customers/leads

✔ Visitors to the website

✔ Students/members in digital courses and workshops

✔ Contact persons at suppliers and partners

It is voluntary to provide us with personal information, but to use our services we do require certain personal data from you.

We process personal data when you:
✔ Purchase our products or services
✔ Become a member, student, or participant and use our member portal
✔ Contact us via phone, SMS, our websites, e-mail, or social media
✔ Sign up for a newsletter or other email list
✔ Request a free template, guide, or other free content from us
✔ Register for our events (free or paid)
✔ Respond to a survey

There are two main categories of data we collect from you that may contain personal information.

Data you provide to identify yourself when you contact us, register for free services, or purchase services.

This includes:

• Identity data: name, username, title, and company name (if applicable)

• Contact data: e-mail address, phone number, and postal address

• Profile data: username and password, purchases or orders you have made, your interests, preferences, feedback, and survey responses

• Financial data: bank account or payment card details. We do not store this information directly. Payments are processed securely by our third-party providers Stripe and PayPal under their own privacy policies.

Data that you do not provide directly, but that is collected automatically when you interact with our platforms and systems.

This includes:

• Transaction data: automatic messages about payments, registrations, or inquiries, and other system logs

• Technical data: IP address, login data, browser type and version, time zone setting, and location

• Usage data: information about how you use our websites, products, and services

• Marketing and communication data: your preferences for receiving marketing from us and your communication settings

Our websites may use cookies, which can identify you if you are already registered in our system.

See our Cookie Statement below for more details.

Your personal information is stored in different systems depending on the type of processing involved. For security reasons, we do not list all these systems publicly—please contact us if you would like more information.

We use secure, GDPR-compliant business systems for websites, member portals, orders/purchases, communication, customer support, and surveys. All personal data is stored on secure servers within these systems.

For AI-related functionality, all processing takes place within the deal.ai platform, which operates under its own Privacy Policy and determines its own security and compliance measures. According to their policy, deal.ai implements measures to comply with applicable data protection laws, including the GDPR. You can review their Privacy Policy here.

According to Article 6 No. 1 of the General Data Protection Regulation (GDPR), we process personal data on the basis of:

a.     Your consent

b.    An agreement we have with a third party

c.     A legal obligation we have

f.     A legitimate interest we believe we have

As a general rule, personal data must not be processed and stored for longer than is necessary to fulfil the purpose of the processing.

We retain data for as long as we are required to do so by applicable legal obligations, for example related to accounting, tax or employment legislation, and/or other relevant rules and regulations. You can contact us at any time if you want us to stop processing or delete your personal data, but please note that we cannot delete personal data we are legally obliged to process.

As a general rule, your personal data is stored as long as you are registered for our services or are a customer with us, and for up to 3 years after the services and the customer relationship have ended. Personal information relating to invoices and payments is kept for at least 5 years, as required by Norwegian accounting legislation.

Here we describe in detail when and how we process your personal data, for what purposes, on which legal basis, and for how long.

We process personal data when:

You use our websites

When you use our websites, we process personal data in line with our "cookie" statement. Our websites use cookies, which can be used to identify individuals if you are already registered on our platform.

See our Cookie statement below.

The purpose is to manage our website, promote the company, and respond to inquiries from visitors. The legal basis for cookies, which store or process information that falls under § 2-7b of the Electronic Communications Act, is consent through a preset in your browser, in line with Nkom's recommendations as described here (November 2020).

When you visit our website, you must approve the use of cookies.

You communicate with us

When you contact us via the website (contact form, help desk, chat, or similar), by e-mail, via telephone (call, text message), or social media, we process personal data. Depending on where and how you send us a message, this may be your name, contact information, IP address, and other information you choose to send to us. We use an LMS (Leads Management System), which is also a customer support system, to process personal data about potential and existing customers. The purpose is to be able to respond to inquiries from you, for contact and purchase history, and to have documentation in case we receive claims, complaints, or legal claims. The legal basis is f) legitimate interests. We review, archive, and delete inquiries as necessary, but no less often than every three years. Accounting material is kept for up to five years, according to the rules in the Bookkeeping Act.

You buy our products or services, or become a member of our member portal

When you buy products and services from us, we process personal data such as name, contact information, order and payment information, delivery address, and purchase history. If you have purchased a service where all or part of it is delivered digitally, e.g., in the member portal or video conferences, we process more personal data. In video conferences, either one-to-one between us and you, or one-to-many between us and a group of people, we also process personal data such as name, profile picture, video (picture and sound), messages, and other activity you undertake, times of participation, and IP address. Depending on the type of service, the content from video meetings with several participants can also be shared in the member portal, e.g., where the service is structured as a group program. The content is not shared with third parties. The platform we use has integrated analysis and cannot be deactivated. If you do not want your information to be processed in this way, you should not purchase a service that contains such digital arrangements. The purpose is to be able to deliver products and services to you after ordering/purchase, to have a history of sold products and services, and otherwise to manage and follow up the customer relationship with you. The legal basis is b) agreement and c) legal obligation according to, e.g., the Bookkeeping and Tax Act. Accounting material is kept for up to five years, according to the rules in the Bookkeeping Act. Personal information is stored for up to 3 years after the customer relationship ends. Any recordings from group conversations are kept for as long as the product/service is offered and then deleted within three years at the latest.

Marketing in existing customer relationships

When you become a customer or use free services, we process personal data as mentioned above. If you have an existing customer relationship with us, we will be able to send you marketing by email and SMS, in line with § 15 of the Marketing Act. Without a customer relationship, we can send emails and SMS with consent. The purpose is to be able to provide good customer service. The legal basis is f), where the legitimate interests are to be able to offer you relevant products and services. The legal basis can also be a), where you have given us your consent. You can unsubscribe from email and SMS marketing at any time. Information on how to unsubscribe is stated in all e-mails and SMSs we send that are linked to marketing. The information is stored as long as the customer relationship exists, until you unsubscribe or until you object to the processing, if necessary.

You sign up for the newsletter

We send out newsletters by e-mail with relevant knowledge, tips, and advice, as well as discounts, offers, free templates, checklists, and similar. The newsletters occasionally contain information about our products and services. When you subscribe to the newsletter, we process personal data such as name, contact information, and IP address. The purpose is to be able to share knowledge, inform about relevant news and offers, as well as to provide good customer service to potential and existing customers. The legal basis is a) consent. Subscribing to the newsletters is voluntary, and you can withdraw your consent (unsubscribe) at any time by clicking on "Unsubscribe" at the bottom of one of the emails. The personal data for the list(s) you unsubscribed from will be deleted immediately. If you still have a customer relationship or other active registrations, these will still be stored. The supplier we use to send out newsletters has integrated analysis that shows that subscribers open and possibly click on links in the newsletters. This functionality is integrated into the system and cannot be disabled. If you do not want your data to be analysed in this way, you should not become a subscriber. We use the data to analyze the results of the newsletters and to tailor the content to our subscribers. The legal basis is f), where the legitimate interest is to continuously improve our products and services.

You sign up for an event or request access to content

When you participate in free events or request access to free content from us, we process personal data such as name and contact information. For payment arrangements, we also collect order and payment information. The purpose is to be able to offer relevant courses, lectures, and workshops or to fulfil an agreement on an ordered event. The legal basis is a) consent or b) agreement, and c) legal obligation according to, e.g., the Bookkeeping and Tax Act. We may also use your personal information to send you a request for evaluation of the event you attended or the content you received, and possibly offer other similar events or content. The legal basis is f), where the legitimate interest is to continuously improve our products and services and offer you good customer follow-up. The information is kept until you request that it be deleted or at the latest up to three years after the event, or, by agreement, up to five years according to the rules in the Bookkeeping Act.

You fill out a survey

We always inform about the purpose of the surveys we carry out, and whether they are anonymous or not. We do not share the information with others or use it for purposes other than what we have stated. In the case of anonymous surveys, we do not collect personal data. The legal basis for surveys that are not anonymous is a) consent. The information is kept until you request that it be deleted or at the latest up to three years after you answered the survey, or the customer relationship ends.

You are a supplier or collaborate with us

When you enter into an agreement with us, either as a supplier, partner, or data processor, we process personal data such as name, contact information, and correspondence. The purpose is to be able to enter into an agreement with you, and the legal basis is b) agreement. The information is kept for up to five years according to the rules in the Bookkeeping Act. We process personal data related to general correspondence and communication as described above.

You use our AI tools
When you use SoloGenius AI tools, the prompts and content you enter are processed by our AI provider, deal.ai, acting as our data processor. Please note that, as with any AI service, you should not submit special category data (such as health information, political opinions, religious beliefs, or financial account details) through our tools. The purpose is to provide you with the requested AI functionality. The legal basis is b) agreement or a) consent, depending on how you use the tools. Data is retained within deal.ai’s systems as described in their Privacy Policy, which you can review here.

In order to run our business efficiently and securely, we use third-party suppliers with whom your personal data is shared.

These are:

✔ Data processors: providers of various services who process your personal data on our behalf. *

✔ Professional advisers from industries such as lawyers, finance, accounting, auditing and insurance.

✔ User support for IT and administration systems.

✔ Public authorities we are obliged to report to.  

We require that everyone we share your personal data with secures your data in accordance with good information security and in accordance with the requirements of the Personal Data Protection Regulation.

We use data processors for:

✔ Email, calendar and digital meetings

✔ Bookkeeping, accounting and invoicing.

✔ Cloud storage. ✔ The websites and member portal.

✔ Online payments and receipts for purchases.

✔ Newsletter.

✔ Project management tools

✔ Meeting booking.

✔ Video meetings/conferences.

✔ Surveys.

Data Retention & Processing for SoloGenius AI
All SoloGenius AI functionality is powered by deal.ai, which acts as our data processor. When you use SoloGenius AI, your inputs (such as prompts, text, images, or audio), the generated outputs, and related technical metadata (e.g., timestamps, feature used, approximate location/country) are collected and processed directly by deal.ai to deliver the requested results.

Important: Please do not submit sensitive personal data—such as health information, political opinions, religious beliefs, financial account details, or other confidential information—through our forms or AI tools.

Your data may be processed outside the European Economic Area (EEA). deal.ai applies appropriate safeguards for these transfers, such as the EU Standard Contractual Clauses, in line with GDPR requirements.

SoloGenius AI does not store any of your AI inputs or outputs on our systems. deal.ai determines how long AI-related data is retained and when it is deleted or anonymized. Please refer to deal.ai’s privacy policy for details on their processing practices.

We do, however, retain your purchase and billing data in accordance with Norwegian law, which requires financial records to be kept for at least five (5) years.

We take information security seriously and always do our utmost to safeguard your personal information. This includes using SSL on our website, strong passwords, access controls, and regular backups to secure data and prevent unauthorized access, alteration, deletion, or other interference with stored data, including your personal data.

We only use reputable providers for IT and administrative services, such as web hosting, website and PC security, antivirus software, email services, and backups. Others are granted access to, and/or allowed to process, your personal data only in accordance with our instructions and only when strictly necessary (e.g., for IT support).

Note: It is not permitted to copy any text from this privacy policy, in accordance with copyright law.