Privacy Policy
Last updated: 2025-12-15
1. Data controller
Circumflex AS (org. no. 928 728 684) is the data controller for personal data processed in the Circumflex service.
2. Roles
For customer data, Circumflex AS acts as a data processor on behalf of the customer (tenant). This is regulated in our Data Processing Agreement (DPA).
3. Data processed
- Name and email address
- User roles and access data
- Logs and audit data
- Data entered by users in Circumflex
4. Storage and processing
All data is stored in Norway. Logs are retained for up to one year. Emails are sent via Google (Gmail).
5. Cookies
Circumflex uses only essential cookies required for authentication, security, and operation of the service.
We do not use cookies for marketing, tracking, or analytics purposes. These cookies cannot be disabled without affecting functionality.
6. Rights
Users may access, correct, delete, and export their own personal data.
7. Contact
Questions may be sent to privacy@circumflex.no.
See also: Data Processing Agreement (DPA)