Privacy Policy

Effective Date: 14th of January 2024

This Privacy Policy describes our privacy practices as to Personal Information that we collect through centoba.com, centoba.no, centoba.cloud and (“Websites”) its sub-websites and/or associated domains, products, services, events, and experiences that refer to this Privacy Policy (altogether, the “Services”).

This Privacy Policy applies when we act as the data controller of the Personal Information of persons who use the Services (“you” or “your”) – in other words, where we determine the purposes and means of the processing of that Personal Information.

This Privacy Policy does not apply to the “content” collected and processed in the Services by our customers and users. This Privacy Policy also does not apply to any products, services, websites, or content that are offered by third parties.

Personal Information We Collect

Personal Information means any information relating to an identified or identifiable natural person. We collect your Personal Information in the course of providing the Services to you. Depending on your use of Services, you might supply us with such information as:

• Your name, email address, phone number, date of birth, and other optional information (“Account Information”)
• Information about your location, information about your organization and your contacts, such as colleagues or people within your organization
• Usernames, aliases, roles, and other authentication and security credential information
• Content of feedback, testimonials, inquiries, support tickets, and any phone conversations, chat sessions and emails with or to us
• Your image (still, video, and in some cases 3D), voice, and other identifiers that are personal to you when you attend our events or use certain Services
• Information regarding identity, including government-issued identification information
• Corporate and/or financial information, VAT numbers and other tax identifiers

Collection of Information

We collect any information you provide to us in relation to the Services.

You provide information to us when you:

• Search for, subscribe to, or purchase Services
• Create or administer your Account
• Configure your settings for, provide data access permissions for, or otherwise interact with the Services
• Register for or attend any of our events, meetings or get together
• Purchase or use content, products, or services from third-party providers through the Services (or other similar venues operated or provided by us)
• Offer your content, products, or services on or through Services
• Communicate with us by phone, email, or otherwise
• Complete a questionnaire, a support ticket, or other information request forms
• Post on our websites or participate in community features, and employ notification services

We automatically collect certain types of information when you interact with the Services.

We collect information automatically when you:

• Visit, interact with, or use the Services (including when you use your computer or other device to interact with Services)
• Download content from us, open emails or click on links in emails from us
• Interact or communicate with us (such as when you attend our events or when you request customer support)

Examples of the information we automatically collect include:

• Network and connection information, such as the Internet protocol (IP) address used to connect your computer or other device to the Internet and information about your Internet service provider
• Computer and device information, such as device, application, or browser type and version, browser plug-in type and version, operating system, or time zone setting
• The location of your device or computer
• Authentication and security credential information
• Content interaction information, such as content downloads, streams, and playback details, including duration and number of simultaneous streams and downloads
• Services metrics, such as offering usage, occurrences of technical errors, diagnostic reports, your settings preferences, backup information, API calls, and other logs
• The full Uniform Resource Locators (URL) clickstream to, through, and from our Websites (including date and time) and Services, content you viewed or searched for, page response times, download errors, and page interaction information (such as scrolling, clicks, and mouse-overs)
• Email addresses and phone numbers used to contact us, identifiers and information contained in cookies

We might collect information about you from other sources, including service providers, partners, and publicly available sources.

Examples of information we receive from other sources include:

• Marketing, sales generation, and recruitment information, including your name, email address, physical address, phone number, and other similar contact information
• Subscription, purchase, support, or other information about your interactions with products and services offered by us, our affiliates (such as our training courses)
• Search results and links, including paid listings, and credit history information from credit bureaus

Use of Personal Information

Provide the Services: We use your Personal Information to provide and deliver the Services and process transactions related to the Services, including Account creation, registrations, subscriptions, purchases, and payments. The legal bases for this processing are contractual necessity and legitimate interest.

Measure, Support and Improve the Services: We use your Personal Information to measure use of, analyze performance of, fix errors in, provide support for, improve, and develop the Services. The legal bases for this processing are contractual necessity and legitimate interest.

Recommendations and Personalization: We use your Personal Information to recommend the Services that might be of interest to you, identify your preferences, and personalize your experience with the Services. The legal basis for this processing is consent and legitimate interest.

Communicate With You: We use your Personal Information to communicate with you in relation to the Services via different channels (e.g., by phone, email, chat) and to respond to your requests. The legal bases for this processing are consent and legitimate interest.

Marketing: We use your Personal Information to market and promote the Services. The legal bases for this processing are consent and legitimate interest (where we do not need your consent).

Fraud and Abuse Prevention: We use your Personal Information to prevent and detect fraud and abuse in order to protect our security, of our customers, and or others. We may also use scoring methods to assess and manage credit risks. The legal basis for this processing is legitimate interest (detection and prevention of fraud).

Comply with Legal Obligations: In certain cases, we have a legal obligation to collect, use, or retain your Personal Information. For example, we collect bank account information for identity verification.

With Your Consent: We may also ask for your consent to use your Personal Information for a specific purpose that we communicate to you. When you consent to our processing your Personal Information for a specified purpose, you may withdraw your consent at any time, and we will stop any further processing of your data for that purpose.

We Never Sell: We never sell your Personal Information. We never share your Personal Information with third-parties for their marketing purposes, unless you consent thereto. The list of third parties to whom we may disclose to and/or share your Personal Information with is available on request.

Please note that without certain Personal Information, we may not be able to provide some or all of the Services or even to guarantee the full functionalities of the Services.

Marketing Campaigns and Opting Out

We only send mail, messages and other communications relating to marketing where we are authorized to do so by law. In most cases, we rely on your consent to do so (especially where We use electronic communications). If, at any time, you no longer wish to receive direct marketing communications from us, you can exercise this right by clicking the “unsubscribe” or “opt out” link in the marketing emails we send you, or contacting us, or updating your preferences on your Account and/or in our Services.

In the case of direct marketing sent by electronic communications (where we are legally authorized to do so), you will be given an easy way of opting out (or unsubscribing) from any such communications.

Even if you withdraw any consent you may have given us or if you object to receiving such direct marketing material from us (in those cases where we do not need your consent), we may still need to send you administration and transactional communications from which you cannot opt out.

Sharing of Personal Information

Affiliates: We share Personal Information as described this Privacy Policy and with our affiliates that we control that are either subject to this Privacy Policy or follow practices at least as protective as those described in this Privacy Policy.

Third Party Service Providers: We employ other companies and individuals to perform functions on our behalf. Examples include delivering hardware, sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing and sales assistance (including advertising and event management), conducting customer relationship management, and providing training. These third-party service providers have access to Personal Information needed to perform their functions, but may not use it for other purposes. Further, they must process that information in accordance with this Privacy Policy and as permitted by applicable data protection law.

Business Transfers: As we continue to develop our business, we might sell or buy businesses or services. In such transactions, Personal Information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Policy (unless, of course, the individual consents otherwise). Also, in the unlikely event that we or substantially all of our assets are acquired, your information will of course be one of the transferred assets.

For Protection: We release Account Information and other Personal Information when we believe release is appropriate to comply with the law, enforce or apply our terms and other agreements, or protect the rights, property, or security of us, our customers, or others. This includes exchanging information with other companies and organizations for fraud prevention and detection and credit risk reduction.

With Your Consent: Other than as set out above, you will receive notice when Personal Information about you might be shared with third parties, and you will have an opportunity to choose not to share the information.

Storing Personal Information

Centoba is located in Norway, and our affiliated companies are located throughout the world. Depending on the scope of your interactions with the Services, your Personal Information may be stored in or accessed from multiple countries.

Payment Information

We use Stripe, PayPal, Klarna and Vipps to process your payment. These are trusted and well-established payment processors which all have their own Privacy Policy and Terms of Service. Any information you share with these payment processors will be governed by their policies.

We do not store any specific payment information, such as signatures, credit card details or similar that you may provide to any of these payment processors while completing a purchase (we only know if the payment have been completed or not).

As a result, we cannot store, process or transmit information as cardholder data either physically or virtually.

Security Measures

Security is our highest priority. We design our systems with your security and privacy in mind. We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of Personal Information.

We restrict access to personal data collected about you to our employees, contractors, and certain third-party service providers as discussed above. Our security procedures mean that we may request proof of identity before we disclose Personal Information to you.

We maintain reasonable administrative, technical, and organizational safeguards designed to protect against loss, misuse, or unauthorized access, disclosure, alteration, or destruction of the personal data that we collect from you. We protect the security of your information during transmission to or from our Services by using encryption protocols and software. 

Please note, however, that no website or storage mechanism, including the Services, can guarantee 100% security.

Retention of Personal Information

We keep your Personal Information to enable your continued use of the Services, for as long as it is required in order to fulfill the relevant purposes described in this Privacy Policy, as may be required by law (including for tax and accounting purposes), or as otherwise communicated to you. How long we retain specific Personal Information varies depending on the purpose for its use, and we will delete your Personal Information in accordance with applicable law.

When you cancel your Account, end our partnership or us working together, we take reasonable steps to delete your personal data within a reasonable period of time. Sometimes, we may retain your information for a period of time after account cancellation to allow you to efficiently reinstate your Account, if you so choose.

We also may retain certain personal data after you cancel your account to the extent necessary to comply with our legal and regulatory obligations, for the purpose of fraud monitoring, detection and prevention, and for our tax, accounting, and financial reporting obligations.

Cookie Policy

To enable our systems to recognize your browser or device and to provide, market, and improve the Services, we and approved third parties use cookies and other identifiers. For more information about cookies and how we use them, please read our Cookie Policy.

Your Rights

Subject to applicable laws, the following are your rights pertaining to your Personal Information:

Right to Information: You have the right to be informed whether we collect and process your Personal Information.

Right to Access: You have the right to request copies of your Personal Information that we collect and process. You have the right to know the purposes, categories of personal data, recipients, retention period, and your rights, with regard to the collection and processing of your Personal Information.

Right to Rectify: You have the right to request that inaccurate Personal Information that we hold about you be corrected, or completed if it is incomplete – except when restricted for important objectives of public interest or protection of the right of freedom of expression and information.

Right to Deletion: You have the right to request deletion of your Personal Information where it is no longer necessary for the purposes or to comply with a legal obligation, and to withdraw your consent where there is no lawful basis for processing.

Right to Data Portability: You have the right to obtain your Personal Information in a format that makes it easier to reuse it in another context, and to transmit this data to another data controller. This right only applies where processing of the Personal Information that you supplied by the data subject is carried out by automated means, and where you have either consented to processing, or where processing is conducted on the basis of a contract between you and the data controller. This right does not affect the rights and freedoms of others.

Right to Object: You have the right to object to the processing of your Personal Information where there are no overriding legitimate grounds for the processing, where it is processed for direct marketing purposes, where it is unlawfully processed, where it is processed for research purposes. You have the right to object to certain types of processing of your Personal Information where this processing is carried out in the public interest, under official authority, or in the legitimate interests of others.

Right to Restrict: You have the right to request us to restrict the processing of your Personal Information where you have contested the accuracy of your data, where the processing is unlawful, or where you require data for the purpose of a legal claim. Where processing of your Personal Data is restricted, it can be stored by us, but most other processing actions, such as deletion, will require your permission.

If you want to exercise any of your rights, please contact us. Additionally, you may have the right to appeal the denial of any of these rights by submitting a form that will be provided to you if we deny a data request. We will not discriminate against any consumer for exercising their rights.

Third Party Services

The Services may embed content provided by others or include links to other websites and applications. These companies may collect information about you when you interact with their content or services.

Please be aware that we do not control and are not responsible for their information collection, use, and disclosure practices. Please review and understand their privacy practices and policies, if any, before providing any personal data to them or using any of their services. We are not responsible for the content or information of these third-party sites, any products or services that may be offered through them, or any other use of the sites.

Minor’s Personal Information

We do not collect Personal Information of children or minors. If we learn that we have collected any Personal Information from such, we will take reasonable steps to delete the information. Parents or guardians who believe that their minor has submitted Personal Information to us and would like to have it deleted should contact us immediately.

Additional Terms for EU Citizens

Data Transfer: In some rare cases, it may be necessary for us to transfer your Personal Information to countries outside the European Union (EU)/European Economic Area (EEA) or any other non-EEA country not considered by the European Commission to offer an adequate level of protection. In such cases, apart from all appropriate safeguards that we implement, in any case, to protect your Personal Information, we have put in place additional adequate measures.

Data Deletion: If you decide to terminate your agreement and close your Account, we will retain your content for a period of up to 90 days after Account closure to retrieve your billing documents and to contact customer support. During this period, you may also decide to reopen your Account. At the end of this period, we will delete any content remaining in your Account.

Data Retention: After Account closure, we may need to keep certain information for an additional period of time for legal and legitimate business purposes. For example, we may retain Personal Information such as your contact information (e.g., name, email address, physical address) and any invoices that we have sent to you (e.g., record of purchases, applicable discounts, and tax information) for tax and accounting purposes. If applicable, we may also retain records of communications with you, as well as relevant logs (e.g., a log of your account closure) for dispute resolution purposes. We further may keep records for preventing fraud and ensuring security, for example in case of misuse of our services or violation of our terms.

Inquiries and Complaints

If you interact with the Services on behalf of or through your organization, then your Personal Information may also be subject to your organization’s privacy practices, and you should direct privacy inquiries to your organization.

If you have any privacy complaints, please contact us. We try to reply to all legitimate requests within 6 weeks from receiving them. In some particular cases (for example, if the matter is particularly complex or if you send us multiple requests), it may take us longer than that. In such cases, we will notify you accordingly and keep you updated.

If you are not satisfied with the outcome of a complaint, or if you are concerned about a potential violation, you also have the option to report the issue or make a complaint to the data protection authority in your jurisdiction.

Changes or Revisions

Our Services change constantly, and so our Privacy Policy may also change. We reserve the right, at our complete discretion, to change, modify, add and/or remove portions of this Privacy Policy at any time.

You should check our Websites frequently to see recent changes. Unless stated otherwise, our current Privacy Policy applies to all Personal Information we have about you and your Account.

We stand behind the promises we make, however, and will never materially change our policies and practices to make them less protective of Personal Information collected in the past without informing affected customers and giving them a choice.