The information we collect and the process is as follows:
Tjommi also needs access to the following functions on your device, and will ask you for permission when these are needed:
If you log in to Tjommi with your Google / Outlook profile, you give Tjommi access to the following data that you have already shared with Google / Outlook:
The personal information described above, apart from receipts and transactions, is collected when you register or update your user in Tjommi. If you sign in with Google / Outlook, information is obtained from the Google / Outlook user you sign up with. The receipts can also be collected when you enter them in Tjommi. Transactions are updated when you transfer an amount through Tjommi.
Card information is used exclusively for payments by our payment provider, Stripe.
Personal information is collected and processed by us solely to provide the service.
Personnel as described above can be used when we contact companies on your behalf. If you give Tjommi access to e-mail, this can be used to discover receipts. Receipts are processed to find information about offers, and transactions are processed for payment of Remuneration when you approve that we contact a company on your behalf, as well as when a company we contact pays you back the Difference.
We may have to process some or all of the personal data where the law or authorities pursuant to the law require that this be disclosed or processed in another way.
Personal data shall not be processed for any purpose other than those mentioned above.
According to Norwegian/Danish privacy legislation and the Privacy Regulation (GDPR), all processing and use of personal data requires a special basis. GDPR has been enforced as Norwegian law through section 1 of the Personal Data Act.
When we process data necessary to provide you with the Service, the basis for processing is to deliver on our obligation to you as described in GDPR Article 6b.
Other processing of personal data may take place when:
In order to provide you with a secure service, we use the following third-party services for the following purposes:
Companies will have access to your personal data when we contact them on your behalf. We will not contact third parties on your behalf without your confirmation. We will only contact companies that are subject to GDPR or Norwegian/Danish privacy legislation.
According to GDPR, which is considered Norwegian/Danish law, you have at all times to:
To ensure that your personal information does not go astray, we may need to ask you for information to verify your identity.
Should we discover that data security has failed, you will be notified shortly if we suspect that you are affected.
We are happy to answer questions and will ensure that your personal information is processed as described. If you nevertheless do not feel that we have complied with our legal obligations to you as a user of Tjommi, you have in all cases the right to lodge a complaint with the Norwegian/Danish Data Protection Authority.
All personal data processing directly connected to Tjommi takes place within the EU / EEA. This means that providers of cloud and storage services are also subject to the GDPR.
The Stripe platform, which is based in the USA, is used for payment. This means that payment information can be processed here when you pay through Tjommi. Through the Privacy Shield agreement, collaboration agreements and other privacy measures, your privacy is nevertheless safeguarded in a reassuring way. The same applies to the sharing of personal data with Google's services when you select it and when we store your user data through Amazon AWS.The same applies to the sharing of personal data with Google's services when you select it and when we store your user data through Amazon AWS.
Personal data is deleted when the purpose of the processing has been completed. All personal information associated with your user account will be deleted within 30 days after you close your account with us.
We have taken technical measures to ensure that personal information is stored securely. Photos and the like are secured in Amazon S3, and access to them is timed to minimize the risk of them going astray.
Our services are not designed for use by people under the age of 16, nor should they have access. Should we discover that we have information belonging to someone under this age, it will be deleted.
We reserve the right to make changes to the privacy statement. If we make major changes to the privacy statement, we will inform you of this and, if necessary, ask you to accept the updated terms.