Privacy Policy
Last updated: 23 April 2025
This privacy policy describes how, why and on what basis Sloyd AS, organization number 927 129 043 (“Sloyd” or “we”) processes your personal data when you use our website and services (the “Services”). In addition, the privacy policy describes what rights you have under the EU's General Data Protection Regulation 2016/679 (GDPR) and the Norwegian data protection legislation (together the “Data Protection Legislation”).
Sloyd is the data controller for the processing of personal data described in this privacy policy. This means Sloyd is responsible for complying with and safeguarding your rights under the Data Protection Legislation. Our contact information can be found in section 10.
From time to time, we may revise this privacy policy. When the privacy policy is changed, an updated version will be published on the Services. If we make material changes, we will provide prior notice by email or a webapp pop-up.
1. What is personal data?
Personal data is any information or assessment that can be linked to one physical person or a smaller group of people (“data subjects”). Examples include name, social security number, address, phone number, and email address. Personal data can also include special categories (formerly called “sensitive”) such as health condition, religious belief, ethnic origin, or information about a person's sexual orientation.
By “processing personal data”, we mean the collection, storage, compilation, deletion, and any other use of personal data.
2. Personal data we process
2.1 The services
When you create a user on the Services, we may collect and process the following personal data about you:
- Contact information, such as name, username, and email address.
- If you sign in with your Google account, preferences connected to your Google account, such as language preference.
2.2 Business customers, investors and suppliers
If you are our contact person, or another employee we have direct contact with at one of our business customers, investors, suppliers or other partners, we may process personal data such as:
- Contact information, such as name, phone number, and email address.
- Professional information, such as job title, employer and other information about you and your employment that you have given to us in connection with our cooperation.
2.3 Visits to our Services
When you visit the Services, we may collect information about how you use our service. Some of this information is collected via cookies and similar technologies. We use cookies for making the Services work properly, more secure, and to analyse what works and where improvements are needed. If you give your consent, we may also pass on information to third parties we cooperate with for marketing purposes.
2.3.1 Cookies
For our website to function properly we use cookies. We obtain your valid consent for the use and storage of non-essential cookies through a cookie banner shown on your first visit. Your choice is stored in a first-party cookie (sloyd-consent) on your device for one year, after which the banner will appear again. You can withdraw your consent at any time by clearing your browser cookies for this site.
The following data is recorded when you respond to the banner:
- Your consent status or the withdrawal of consent
- Your anonymised IP address
- Information about your browser and device
- The date and time you visited our website
- The webpage URL where you saved or updated your consent preferences
- The approximate location of the user that saved their consent preference
- A universally unique identifier (UUID) of the website visitor
2.4 Email marketing and invitations to events
If you receive newsletters, marketing emails, or invitations to our seminars or other events, we may process contact information (name, email, phone) and professional information (job title, employer).
2.5 Job applicants and recruitment
In connection with recruitment, we process the personal data you provide in the recruitment process, including your name, contact information, education and work experience, current job title, and references.
3. Who do we process personal data about?
- Users and customers.
- Contact persons at (potential) business customers.
- Contact persons at (potential) suppliers and partners.
- Contact persons at (potential) investors.
- People subscribed to our newsletter or participating in our events.
- People applying for a job, or otherwise relevant for employment with us.
4. What is the purpose of processing personal data?
We process the personal data specified in section 2.3 to give you access to our services. We process the data specified in sections 2.1, 2.2 and 2.3 to establish and manage our customer or supplier relationship, for billing, and to deliver our services. Payment documentation is also processed for internal reporting and to comply with our accounting obligations.
We process the data in sections 2.3 and 2.4 to market and customize our products, services, and events. We process the data in section 2.5 to consider you as a potential employee.
5. What is our legal basis for processing personal data?
For private customers, we process your contact information based on contract. For contact persons at business customers, suppliers, or partners, we process your information based on Sloyd's legitimate interests in establishing and administering the relationship.
Personal data included in purchase or accounting documentation is processed based on our obligations under accounting legislation. Marketing-related processing is based either on legitimate interests (for existing customers) or on your consent. You may withdraw consent at any time.
6. How long do we keep your personal data
We delete or anonymize personal data when it is no longer necessary for the purpose it was collected for. Data related to a user profile is processed as long as we have an active contractual relationship; after the relationship ends, the information is generally deleted. Data needed to fulfil legal obligations (e.g. accounting) is deleted when the obligation ceases.
7. Who do we share your personal data with
We use various service providers (data processors) for IT services and other administrative services. We have data processing agreements with these providers that require them to ensure personal data is stored securely and not used for purposes other than those we designate.
With your consent, we may disclose certain personal data to third parties to market our services on other platforms. We may also disclose personal data to comply with applicable law or to pursue our own legal claims. If transfers go outside the EU/EEA without an adequacy decision, Sloyd uses EU standard contractual clauses.
8. What are your rights?
- Right to access the personal data we process about you.
- Right to request correction of inaccurate data.
- Right to request erasure of your personal data from our systems.
- Right to request restriction of processing.
- Right to object to processing based on legitimate interests.
- Right to object to direct marketing.
- Right to data portability.
Exceptions and further conditions apply. To exercise your rights, contact us via the information in section 10. We may need to verify your identity.
9. Right to lodge a complaint
You can find the contact information for supervisory authorities in EU/EEA countries on the website of the European Data Protection Board. You can lodge a complaint to a supervisory authority in the EU/EEA country where you live or work, or where the alleged infringement has taken place.
10. Contact information
If you have questions or want more information about our processing of personal data, contact us at privacy@sloyd.ai.