Tingkart AS (hereafter "Tingkart, "we” or "us”) is a Norwegian software company that offers a map-based Internet of Things platform.
Tingkart acts as a data processor for personal data that we process (which typically means to collect, store and use personal data) on our customers’ behalf. We have entered into specific software service agreements with separate data processing agreements with our customers, and which regulates our processing of personal data in accordance with the EU regulation 2016/679 ("GDPR") article 28. By utilising our platform, Tingkart’s customers may process personal data on behalf of third parties. Tingkart’s customers act as data controllers for such processing. If you have any questions regarding Tingkart’s customers´ processing of your personal data through their use of the Tingkart platform, please contact the relevant Tingkart customer directly.
When, why and what type of data do we collect?
In short, we typically collect and process your data when you use our websites and other digital services, when you sign up for our services, subscribe to our newsletter and when you fill out voluntary forms issued by us. Below we have listed all the specific ways we collect data from you and what categories of data we typically process, as well as the legal basis for such processing.
Please note that we only process your personal data to the extent that it is necessary for the performance of the below-mentioned purposes
Using our digital services
When you register for a user account, or when your employer or principal assigns a user account to you, for our Tingkart Platform, and you log in to this account, we process information such as your name and user-name, address, e-mail, phone number, profile image as well as other personal information you choose to provide us with or which you have provided to your employer or principal for this purpose.
We process this information to be able to provide the contractual service (GDPR art. 6.1 b).
We collect certain information from your computer or internet connection when you visit our website and use our digital services (see also section 2.1 above), such as your IP-address, date and time of your visit, duration of your visit, content of your request (such as the specific site/page you visit), the website you were referred from, which pages you visit on our website, your internet service provider, your browser type and version, as well as your operating system.
We collect this information to uphold our legitimate interest in being able to display our website to you (including for log-in identification purposes), as well as our legitimate interest in measuring and improving the performance of our digital channels, as well as the marketing of our products and services (GDPR art. 6.1 f).
You may from time to time contact us with questions or requests. When you do so, you may fill out forms with information about you or your company. Upon doing so, we collect the information provided through use of the form, such as: Name, e-mail, phone number, company information, your location, as well as other contact information that you enter into the form.
We collect this information to be able to carry out our contract with you (GDPR art. 6.1 b) or to uphold the legitimate interest we have in replying to your requests or questions (GDPR art. 6.1 f).
Newsletters and service updates
If you subscribe to our newsletter and information on our service updates, we collect your name and email address. If you are an existing customer or user, we may also send you such communication even though you do not expressly subscribe.
The basis for sending such emails to contact persons with our existing customers is to uphold our legitimate interest in following up our customers by providing relevant news and relevant information about our services (GDPR art. 6.1 f), see also the Norwegian Marketing Act art. 15(3)). If you are not an existing customer or user, the basis for sending such e-mail would be your express consent (GDPR art. 6.1 a).
Anyone receiving the information items above can easily opt out using the link included in our emails.
Visits to our social media pages
When you submit a support ticket to us, we will collect and process your name and contact details, as well as your description of the problem you are experiencing.
We collect and process this information to be able to provide you with a service according to contract (GDPR art. 6.1 b) and to uphold our legitimate interest in improving our service to you (GDPR art. 6.1 f).
When you register as a customer or user with us, you provide us with certain information that we collect and process in our customer relation management systems. This includes your name and contact information, company information, payment information, purchase history, your communications with us, as well as other information you provide us with in relation to your customer relationship with us.
We collect and process this information to be able to provide you with a contractual service (GDPR art. 6.1 b) and to uphold our legitimate interest in improving our relations to our customers and to be able to provide you with good customer care and service (GDPR art. 6.1 f). In some cases, we are also compelled to process your information for compliance with a legal obligation, such as compliance with the Norwegian Bookkeeping Act, or when required by law, court orders or legal processes (GDPR art. 6.1 c).
Do wd share your data with 3rd party organisations?
We will not share your personal data with others unless you either give us your consent to do so (GDRP art. 6.1 a), or if we have another legal basis to share your data, e.g. if it is necessary to provide you with a contractual service (GDPR art. 6.1 b), if we are required by law, court orders or legal processes to disclose your personal data (GDPR art. 6.1 c), or it can be justified on the basis of our legitimate interest in doing so (GDPR art. 6.1 f).
When we use third party subcontractors or service providers in order to provide our services, we will take appropriate legal precautions and corresponding technical and organisational measures in order to ensure that your personal data are protected in accordance with applicable data protection law. Our service providers may be based in locations all over the world. This means that your personal data may be transferred outside the EU/EEA. If that is the case, we will implement appropriate security measures to protect your data such as agreements with EU standard contractual clauses.
The list of the third party providers we are currently using is available here: https://www.tingkart.com/subprocessors
How do we secure your data
Both our data processors and we have implemented appropriate technical and organizational measures to ensure a sufficient level of security when processing your personal data and to prevent loss or unlawful processing. Such measures are, for example, internal routines, data processing agreements and IT-security procedures to verify access rights. We will also carry out data protection impact assessments when it is likely that processing of your data may result in a high risk with respect to your rights and freedoms in relation to your personal data.
- Social media marketing (such as targeted Facebook advertising) rely on the placement of cookies to work;
- Content Management Systems, such as WordPress, use a selection of cookies to manage user logins, blog commenting and more.
For these purposes, we use both necessary cookies and functional cookies. We also use Google Analytics for statistical purposes. These statistics use information about your visit and usage patterns on our website (such as how often you visit our website as well as what specific pages you visit, the length of your visit, your geographical location when visiting us and more). Google Analytics collects the IP-address you use on the date you visited our website and anonymize your data before sharing it with us. Google Analytics does not collect not your name or other personal data. We do not combine information collected by Google Analytics and other personally identifiable information.
We use necessary, functional and analytical cookies (via Google Analytics) on our website and digital services. Some of those cookies are persistent, which means that they will be stored on your electronic device when you leave our website for a restricted period of time. For session cookies, those are deleted as soon as you leave our website.
You may opt out of collection and analysis of data collected through Google Analytics by downloading Google Analytics’ opt-out browser add-on here: https://tools.google.com/dlpage/gaoptout
If you have a Google Account, you may alter your personal advertisement settings here: https://myaccount.google.com/?pli=1 You may find more information on Google’s advertisement services here: https://safety.google/privacy/ads-and-data/ You can also configure your browser settings for other types of cookies, for instance by refusing to accept cookies.
What are your rights?
You have several rights under the applicable data protection regulations. We have provided a list of the rights you can exercise in your relationship with us as a data controller below. If you wish to exercise your rights, please contact us and we will respond to your inquiry as soon as possible, but no later than a month after the receipt of your enquiry.
Access: You have a general right of access to the personal data we have registered about you. Rectification and erasure: You have a general right to request that we should rectify any incorrect personal data about you and erase personal data about you. Please note that personal data that is essential to the customer relationship with us cannot be deleted, unless you also explicitly request termination of the customer relationship with us. Restriction: You have a general right to ask us to stop ("freeze”) the processing of your personal data, e.g. where you are of the opinion that we process personal data about you illegally and you do not wish us to erase these data pursuant to our routines for such erasure until the matter has been clarified. Data portability: You have a general right to request transfer of your personal data in a common, machine-readable format. Objection: You have a general right to object to our processing of personal data about you if this is justified by special circumstances on your part. Right to appeal: If you do not agree with the way in which we process your personal data, you may submit an appeal to the Norwegian Data Protection Authority (Datatilsynet). We ask that you contact us beforehand, so that we may clarify any misunderstandings.
How long do we store your data?
Do we udpate this policy
How can you get a hold of us?
Please contact us if you have any questions or comments or if you wish to exercise your rights. Our contact details are:
Tingkart AS Stardalen 730, 6843 Skei i Jølster, Norway