Privacy Policy

This privacy policy outlines the nature, scope, and purpose of processing personal data (hereinafter referred to as "data") within our services, associated websites, features, content, and external online presences, such as our social media profiles (collectively referred to as "online services"). With regard to the terminology used, such as "processing" or "controller," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Responsible Controller

Pivot AS
Stardalen 730
6843 Skei i Jølster
Norway

Managing Director: Thomas Heggelund

Contact:
Web: tingkart.com
Email: info@tingkart.com

Data Protection Officer (DPO):
Thomas Heggelund

Types of Data Processed:

• Inventory data (e.g., personal master data, names, addresses).
• Contact data (e.g., email, telephone numbers).
• Content data (e.g., text input, photographs, videos).
• Usage data (e.g., visited websites, interest in content, access times).
• Meta/communication data (e.g., device information, IP addresses).

Categories of Data Subjects

Visitors and users of the online services (hereinafter referred to as "users").

Purpose of Processing

• Provision of the online services, their functions, and content.
• Responding to contact inquiries and communication with users.
• Security measures.
• Reach measurement/marketing.

Applicable Legal Framework

The legal basis for our data processing activities is provided by the General Data Protection Regulation (GDPR), particularly when the processing activities involve users from the European Union (EU) and the European Economic Area (EEA).

Security Measures

We adopt state-of-the-art technical and organizational measures to ensure data security, particularly to protect personal data from risks during data transfers and from third-party access. These measures include the use of encrypted communication channels, secured data storage, access control systems, and regular security assessments.

Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory, or contractual obligations. Specific retention periods depend on the nature of the data and the purpose of processing, after which the data is securely deleted or anonymized.

Cooperation with Processors and Third Parties

In the course of our processing, we may disclose data to other persons and companies (processors, third parties), transmit it to them, or otherwise grant them access to the data. This will only be done based on legal permission, user consent, a legal obligation, or our legitimate interests. Detailed information about our processors and the guarantees in place for data protection can be obtained upon request.

Transfers to Third Countries

If we process data in a third country or use services of third-party companies situated in third countries, this will only occur to fulfill our (pre-)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only under the special conditions of Art. 44 et seq. GDPR.

Rights of Data Subjects

You have the right to request access to, rectification or erasure of your personal data, or restriction of processing. You also have the right to object to processing and the right to data portability. If you wish to exercise any of these rights, please contact us at tingkart.com.

Right of Withdrawal and Objection

You have the right to withdraw any consent you have given us at any time. You may object to the future processing of your data in accordance with legal provisions at any time. The objection may, in particular, be made against processing for direct marketing purposes.

Cookies and the Right to Object to Direct Marketing

We use temporary and permanent cookies to enhance user experience and efficiency of our services. Users can manage and delete cookies through their browser settings. Opting out of cookies used for online marketing can be done via [US opt-out link] or [EU opt-out link].

Use of Third-Party Services

Our online services include features and content from third-party providers, such as payment processing services from Stripe, AI services from OpenAI, and cloud services from Azure. We have carefully selected these third parties and have agreements in place to ensure data protection and security. For more information on the privacy practices of these third parties, please refer to their respective privacy policies.

Changes to the Privacy Policy

We reserve the right to update this privacy policy to reflect changes in our practices or legal requirements. We will notify users of significant changes through our online services.

External Payment Service Providers

We use external payment service providers, such as Stripe, to process payments. The processing of data by these providers is based on our legitimate interests in offering efficient and secure payment options and is governed by their privacy policies.

Cloud Services

We utilize cloud services from Azure for data storage and processing, based on our legitimate interests in efficient and secure data management. Data processing agreements are in place to ensure compliance with GDPR and protect user data.

For further information or inquiries regarding our privacy practices, please contact us at tingkart.com>.