Loopify Logo
  • Features
    • Email
    • Landing Pages
    • Pop-ups
    • Bulk SMS
    • Direct Mail: Letters & Postcards
    • Customer Journeys: Flows
    • Visual Reports
    • Templates
    • Retailers or Branches?
  • Pricing (current)
  • Partners
    • Referral Partner Program
    • Agency Partner Program
      • Account Setup Guide
  • Blog
  • More
    • Help Center
    • Developers
    • About Us
    • Contact Us
    • Legal Stuff
Log in Start for Free Features Pricing Partners Blog More

Back

 Email Landing Pages Pop-ups Bulk SMS Direct Mail: Letters & Postcards Customer Journeys: Flows Visual Reports Templates Retailers or Branches?

Back

 Partner Programs Referral Partner Program Agency Partner Program Account Setup Guide

Back

 Help Center Developers About Us Contact Us Legal Stuff
Log In Start for Free
Back to Legal Contact Data that Loopify Processes Legal Basis for Data Processing Access to Personal Data Storage of Personal Data Rights Cookies Complaints

Privacy Policy

Overview

  • Back to Legal
  • Contact
  • Data that Loopify Processes
  • Legal Basis for Data Processing
  • Access to Personal Data
  • Storage of Personal Data
  • Rights
  • Cookies
  • Complaints

Published May 20th, 2022

This Privacy Policy describes how Loopify AS will process and protect your personal data.

Please note that to the extent Loopify AS processes personal data for its customers as a data processor, such processing is governed by a separate data processing agreement.

1. Contact Details

Loopify AS (org. nr. 920 369 030) is the controller of the personal data under this Privacy Policy. If you have any questions or queries regarding the processing of your personal data, Loopify AS can be reached using the following contact details:

Address :

Madserud allé 34, 0274 Oslo, Norway

Email :

privacy@loopify.com

Website :

www.loopify.com

Loopify AS' current data protection officer is Gunnar Sande, who can be reached using the contact details above.

2. What Personal Data Does Loopify AS Process?

Data you may provide to Loopify AS as a customer and/or by your registration on the website, which may include:

  • Name

  • Email address

  • Mobile number

  • Address

  • The name of the organization, organization number, and other company details

  • Transaction information, e.g., card number, transaction amount, and transaction date

Data obtained when you visit or use Loopify AS' website, such as:

  • The browser types and versions used

  • The operating system used by the accessing system

  • The website from which an accessing system reaches Loopify AS' website (so-called referrers)

  • The sub-websites

  • The date and time of access to the Internet site

  • Internet protocol address (IP address)

  • Internet service provider of the accessing system

  • How often you use the website

  • Choices you make when using the website

  • Navigation and browsing history

Data processed in regards to inquiries of different kinds, either from you to Loopify AS or from Loopify AS to you.

Data obtained from your bank or financial institution, which are necessary for conducting payments.

Data obtained when you submit a job application to Loopify AS are a part of a hiring process or when you become an employee. This may, for example, include a job application, resume, diplomas, certificates, references from previous employers, etc.

Loopify AS does not process data regarding children under the age of 15. The company does not direct marketing inquiries to children under the age of 15.

3. What Is the Legal Basis for the Processing of Your Personal Data?

Type of Processing Legal Basis
Establishing a customer relationship and maintenance of the customer relationship. Processing is necessary for the performance of a contract to which the data subject is party, cf. GDPR Art. 6 (1) (b).
Providing Loopify AS' services to its customers and delivering the content of the website correctly. Processing is necessary for the performance of a contract to which the data subject is party, cf. GDPR Art. (1) (b).
Conducting payments and sharing personal data with our payment service providers. Processing is necessary for the performance of a contract to which the data subject is a party, cf. GDPR Art. 1 (b).
Processing is further necessary for compliance with a legal obligation to which the controller is subject, cf. GDPR Art. (1) (c), cf. the Bookkeeping Act Section 13.
Targeted marketing on the website. You may, at any time, disable cookies in your browser. The legal basis is consent (cookie based), cf. GDPR Art. 6 (1) (a).
Using Facebook Custom Audience to deliver targeted marketing. You may, at any time, disable cookies in your browser and/or use Facebook's settings to opt out from such targeting marketing. More information about Facebook's data processing terms can be found here: https://www.facebook.com/legal/terms/dataprocessing/update. This processing is based on consent (cookie based), cf. GDPR Art. 6 (1) (a).
Sending marketing material by email, SMS, or otherwise from Loopify AS to you. This may, for example, include newsletters. Processing is necessary for the purposes of the legitimate interests pursued by Loopify AS, as long as Loopify AS already has an existing customer relationship, cf. GDPR Art. 6 (1) (f) and the Marketing Control Act Section 15 (3). Loopify AS can contact you in regards to similar products or services, as long as you have not opted-out from such queries.
In other situations, the legal basis is consent, cf. GDPR Art. 6 (1) (a) and the Marketing Control Act Section 15 (3).
Tracking user behavior, e.g., by using tracking pixels in regards to newsletters, which allows Loopify to see if and when an email was opened, and which links were used. This processing is based on consent, cf. GDPR Art. 6 (1) (a).
Development of the service, optimizing the content, and improvement of the user experience. Processing is necessary for the purposes of the legitimate interests pursued by Loopify AS, cf. GDPR Art. 6 (1) (f). Loopify AS has a legitimate interest in improving the services they offer.
Prepare anonymized/aggregated statistics on the user's finances, payment habits, consumption patterns, etc. Loopify AS cannot link the information to individual users when it is analyzed. Processing is necessary for the purposes of the legitimate interests pursued by Loopify AS, cf. GDPR Art. 6 (1) (f).
Loopify AS has a legitimate interest in improving its current services.
Correspondence with existing customers. If you have contacted Loopify AS with a query in relation to the contractual relationship, the legal basis is GDPR Art. 6 (1) (b) for Loopify AS' handling of the query.
If Loopify AS contacts you to provide customer service in general, the legal basis is that processing is necessary for the purposes of the legitimate interests pursued by Loopify AS, cf. GDPR Art. 6 (1) (f). Loopify AS has a legitimate interest in providing the best user experience possible and answering questions or queries which its customers might have.
Correspondence with potential new customers and others. If you have contacted Loopify AS with a query, the legal basis is GDPR Art. 6 (1) (a) for Loopify AS' handling of the query.
Loopify AS further has a legitimate interest in handling the query, cf. GDPR Art. 6 (1) (f). Loopify AS has a legitimate interest in attracting new customers and handling queries.
Handling job applications, conducting job interviews, and contacting references during the hiring process. Processing is necessary for the purposes of the legitimate interests pursued by Loopify AS, cf. GDPR Art. 6 (1) (f).

4. Who Has Access to Your Personal Data?

Your personal data will not be shared with third parties unless there is a legal basis for such sharing.

Loopify AS will share your personal data with the data processors which Loopify AS has entered into processing agreements with, namely the following data processors:

  • Mailgun Technologies, Inc.
    This data processor manages the delivery of emails.

  • Amazon Web Services
    Amazon Web Services (AWS) is used for secure cloud computing services and database storage.

  • MongoDB
    This data processor is used to store, retrieve, and support huge volumes of both data and traffic.

  • Sinch UK
    Sinch manages the sending of SMS and verification via text messages.

  • Google
    Google's services are used for web analytics, marketing, and advertising purposes.

  • Cloudflare, Inc
    Cloudflare is used to provides secure, fast, reliable network services.

  • Exavault
    This data processor is used for secure business file transfer via a cloud SFTP Service.

  • Facebook (in relation to Custom Audiences)
    Facebook Custom Audiences is used for ad targeting to find existing audiences among people who are on Facebook.

  • Sentry (Functional Software, Inc.)
    Sentry is used for error tracking and application monitoring.

The data is stored within the European Economic Area (“ EEA ”) but may also be transferred to and processed in a country outside of the EEA. For transfers outside the EEA, Loopify AS will use Standard Contractual Clauses as safeguards.

Loopify AS will share personal data with Stripe Payment Europe, the operating company of Stripe in Europe, in order to fulfill the agreement with you and enable the payment for our services. Stripe is an online payment service provider. Loopify will not store or collect your payment card details. That information is provided directly to Stripe, whose use of your personal information is governed by their Privacy Policy.

5. How Long Does Loopify Store Personal Data?

Loopify AS will store your personal data for as long as it is necessary in order to fulfill the relevant purpose. The relevant purpose varies between the different data and the legal basis for processing it.

Personal data, which is obtained based on your consent, will be erased if you withdraw your consent.

If you are an existing customer, your personal data will be stored for as long as the customer relationship remains. If a customer relationship is ended, the corresponding data will be erased unless there is a legal basis for further storage, e.g., consent. However, Loopify AS may store your personal data for a longer period (normally 3 years), should it be necessary to pursue or defend legal claims or comply with legal requirements.

Loopify AS will, in all cases, comply with the requirements of the Bookkeeping Act. This means that, e.g., payment-related data can be stored up until 5 years after the customer relationship ended.

General queries are stored for 1 year unless a query is relevant to pursue or defend legal claims.

Data processed with the purpose of sending marketing material by email, SMS, or otherwise from Loopify AS to you (e.g. newsletters) will be stored until you withdraw your consent, if the legal basis for the processing was consent. If the legal basis was a legitimate interest based on an existing customer relationship, the data will be stored for as long as the customer relationship remains.

When you submit a job application, we may retain it for a future open position, e.g., when you submit an open application.

If the job application was submitted in relation to a concrete job announcement for a concrete position, and no employment contract was concluded, the application documents will normally be erased 3 months after notification of the refusal. However, Loopify AS may store your personal data for a longer period (normally 3 years), should it be necessary to pursue or defend legal claims or comply with legal requirements.

If Loopify AS concludes an employment contract with a job applicant, the submitted data will be stored for as long as it is necessary to fulfill the relevant purpose of the processing. Some types of data will be retained for as long as the employment relation lasts, e.g., the employment agreement. Loopify AS will comply with the Bookkeeping Act's requirements of storage, according to which, e.g., payment/salary data must be stored a minimum of 5 years from the end of the accounting year, cf. the Bookkeeping Act Section 13.

6. What Rights Do You Have?

You have the right to request information about the personal data which Loopify AS holds about you at any time and demand data erased. You further have the right to request rectification of your personal data if the information is incorrect, and you have the right to demand incomplete personal data completed. Moreover, you have the right to object to the processing and demand portability.

Please contact Loopify AS by using the contact details in Clause 1 above, should you wish to access your rights.

Loopify AS will attend to your query as soon as possible and within 30 days at the latest.

If you withdraw your consent, that will not have any legal impact on any processing which took place prior to you withdrawing the consent.

If Loopify AS transfers your personal data in a country outside of the EEA, you may contact Loopify AS and receive information about where the data is available and the safeguards used.

7. Cookies

Loopify AS refers to its cookie policy regarding the use of cookies.

8. Complaints

Should you wish to submit any complaints in regards to Loopify AS' processing of personal data and compliance with GDPR, please contact the Data Protection Authority (Nw. Datatilsynet). You will find information on how to contact the Data Protection Authority on their website, www.datatilsynet.no.

View prior version of our Privacy

Privacy updated February 3rd, 2018
Privacy updated November 29th, 2018
Privacy updated February 2nd, 2021
Privacy updated September 28th, 2021
Loopify logo
Newsletter
Subscribe to our newsletter to receive tips, news, and inspiration in your inbox.
Features
  • Email
  • Landing Pages
  • Pop-ups
  • Bulk SMS
  • Direct Mail
  • Flows
  • Reports
  • Templates
  • Retailers & Branches
Info
  • Pricing
  • Partner Programs
  • Book a Free Demo
  • Contact Us
  • Status
  • Sitemap
Legal
  • Privacy Policy
  • Cookie Policy
  • Terms of Use
Newsletter
Subscribe to our newsletter to receive tips, news, and inspiration in your inbox.

Connect with Us