Privacy Policy

Klikk cares about keeping your personal data secure, and we are transparent about how we store and use your personal information.

Any information you give to us is given voluntarily, and we do not store or use your personal data in other ways than what’s required to deliver our service.

Klikk will process personal data by providing our services as described in our Terms of Service (the “Service”) and as necessary to our business. All processing of personal data is in accordance with the privacy regulation in force at any given time, including the Norwegian Personal Data Act and the General Data Protection Regulation (GDPR).

You will find at the description below on the purpose and background for our processing of personal data as part of the Service and in relation to our business, what data is processed, the purpose and the background for the processing and your rights with regard to the processing of your personal data.

If you have questions or want to know more about our processing of personal data, you can contact us – see contact information below.

Data controller and processor

Klikk is the data controller for personal data which is necessary for performing our business. When you use the Service, Klikk is a data processor, and the processing is governed by our Data Processing Agreement.

Contact information for Klikk is:

Klikk Int AS (klikk.com)
Vågsgata 41
4306 Sandnes
Norway
Contact email:support@klikk.com
Tel: +47 21624907
Business reg. no.: 922078734

Purpose and personal data processed

The processing of personal data is necessary to make the Service and its functionality available to you. We only process the necessary minimum of personal data necessary.

Our processing of personal data as a data controller is specified below. If not specifically mentioned otherwise (such as we are a data processor), we are the controller for the processing of personal data as described below.

For providing the Service as a data processor, we process the personal data you provide in the Service on your behalf. We have no control over the personal data you provide to the Service other than the data shall not infringe the Acceptable Use Policy. For the processing of personal data on your behalf as a processor, see our Data Processing Agreement.

Please find information below on how we process personal data.

Processing of personal data

Disclosure and transfer of personal data

Klikk does not transfer on your personal data to third parties.

Klikk uses data processors to collect, store or otherwise process personal data on our behalf. In such cases, we have entered into agreements to ensure information security in all stages of the processing.

All processing of personal data that Klikk carries out will take place within the EU / EEA area.

Security

We will take all necessary technical and organisational measures to secure your personal data. All processing and transmission are encrypted.

All our software suppliers are reputable suppliers that take the safekeeping of personal and non-personal data very seriously, just like we do. To protect your personal data, we protect our devices, avoid open networks, use safe storage solutions and follow good password practices. We also protect our facilities and personnel and keep our technology stack (website and plugins) up to date.

We also perform regular risk assessments where we review available technology, needs and regulations. This is in an effort to assure that we always take the necessary security steps, to avoid things like personal data getting into the wrong hands.

Alerting authorities

If there is a safety breach or deviation from our procedures which may cause a risk to the personal data, we will alert the supervisory authority for personal data as soon as possible and at the latest within 72 hours.

Alerting you

If there is a high risk for personal data due to a safety breach, we will alert you as soon as possible, where we explain:

What happened
Who you can contact about it
Possible consequences of the breach
Description of steps towards stopping the breach and limiting the consequences

We may not alert you if:

Steps for protection against the security breach are already taken, especially if the steps render the data illegible (encryption, etc.)
If steps making the threat non-likely are taken
If we would have a hard time reaching all touched by the breach. In those cases, we’d publish warnings, send emails, etc. hoping to reach all those affected by the breach.

Specific processing of personal data

Visiting our site for the first time (or on a device)

When you visit our site for the first time (or on a new device), we will request your consent on using cookies, depending on the cookies in use. Processing of any personal data with use of cookies, will be based on your consent (GDPR Article 6 (1) a). .

Signing up to our newsletter

When you sign up for the newsletter, we will collect and process your name and email-address based on your consent (GDPR Article 6 (1) a). You can unsubscribe at any time by clicking the unsubscribe link added to the bottom of any newsletter. We will process the personal data as long as you subscribe to the newsletter.

Commenting on our blog

When you comment on our blog, your comment in addition to your name, links to your website and other information you provide is being processed. The personal data will be processed, and your comment will be displayed until you remove it. Personal data is processed under our legitimate interest to provide a blog with comments (GDPR Article 6 (1) f), as we consider it to be within our interest as a business to provide a blog, and we do not consider the processing of personal data in this matter to be in conflict with this interest.

Contacting us

We need to keep in touch and provide information and answer requests from our customers or other persons, and will process personal data on persons contacting us. Personal data in this context is processed under our legitimate interest to have contact with persons (GDPR Article 6 (1) f), as we consider it to be within our interest as a business to have such contact and reply to requests, and we do not consider the processing of personal data in this matter to be in conflict with this interest.

Signing up for a free trial or demo

When you sign up for a free trial, you have to provide us with an email, which may include personal data depending on the email address. We will send an email with your message to us, in addition to sending you a confirmation email so you can get started with your trial.

We will process the personal data, if any, in the email in order to provide you with the free trial/demo as agreed in accordance with GDPR Article 6 (1) b (processing is necessary for the performance of a contract). We will process the personal data as long as you use the free trial/demo, and if you do not create an account to use our Services, we will delete the personal data when the free trial/demo expires (undless you also subscribe to our newsletter.

Mautic does not automatically enroll you in our newsletter when you fill out a trial form. Mautic will however enroll you in an email drip sequence with helpful tips before and after you set up your account (so you can get the most out of your free trial).

When you sign up for a demo, Mautic will send an email letting us know you requested a demo, send an internal message to the person most suited for giving you a demo, in addition to sending you a confirmation email with helpful tips. Mautic does not automatically enroll you in our newsletter when you fill out a demo form.

Chatting with us

When you chat with us, you provide us with your name, email, and messages, and this data along with your IP address, page visits, location (city name) and chat history will be recorded and stored. In order to give you the best possible customer service, we do not delete these records before you ask us to, as these records help us help you in a better way. Personal data is processed under our legitimate interest to provide customer service (GDPR Article 6 (1) f), as we consider it to be within our interest to provide such service, and we do not consider the processing of personal data in this matter to be in conflict with this interest.

Creating an account

When you sign up for our Services by creating an account, you have to provide us with your email address and set a password (which should be unique and not used anywhere else). As your orders from My Klikk will be tied to your account, we store your account until you ask us to remove it or delete it yourself.

We will process the personal data, if any, in the email in order to provide you with the Services as agreed in accordance with GDPR Article 6 (1) b (processing is necessary for the performance of a contract). We will process the personal data as long as you use the account and will delete your personal data after you have terminated the use of the Service, deleted the account or data herein, see below, or the account has not been active for two years. You will be informed of the contact information you have provided prior to the deletion of the personal data.

Placing an order

When placing and order throughout your account with My Klikk, the following information is necessary to be provided by you:

First name
Last name
Company name
VAT number
Invoicing information
Country
Billing address
- Street address
- Postcode / Zip
- Town / City
Phone
Email address
Server information

We will process the personal data above in order to provide you with the Services you have ordered.

Once you’ve filled out that information, you can continue to fill out your payment info. Your credit card information is processed by our payment partner, for the time being, Payex, see the payment partner’s Terms of Service when providing your payment details.

Personal data processed with regard to fulfilling your order is processed under GDPR Article 6 (1) b (processing is necessary for the performance of a contract). The personal data will be processed and stored as long as you use the account, see above, and maximum for five years in order to fulfil our obligations under the law (such as accounting, tax etc. purposes) and will delete your personal data after you have terminated the use of the Service, deleted the account or the account has not been active for 24 months. You will be informed on the contact information you have provided prior to the deletion of the personal data.

We may also contact you to make requests on the Services and changes or additions to the Services. We will, in such case, contact you by using the contact information you have provided.

Your rights when we process personal data about you

Your rights below apply where Klikk is responsible for processing, see above about “Processing responsible. Data Processor”.

Right of access, correction, and deletion

You have the right to have access to, correction or deletion of your personal data. If you have registered an account, most of the data you have provided will be manageable in the account, if the data has not been deleted, see above.

In order to exercise your rights, you must contact us using the contact information included above in this policy. We will respond to your inquiry to us as soon as possible and within 30 days. If it takes more than 30 days, you will be notified.

As a registered user, you can also require that incorrect data is corrected or to delete personal data. You can also correct or delete your data through your account if you are a registered user. If there is personal data not accessible throughout your account, please contact us and we will assist you on access, correction or deletion of your data. You find our contact information above. We will as far as possibly accommodate a request to delete personal data, as long as we do not need the data.

Please note that if there is data that is necessary for us to provide the Services or due to our business, the data might not be deleted. Such cases will be where you place an order, where we are obligated under law to store a record of your orders for five years due to accounting, tax etc.

If necessary, we will ask you to confirm your identity or provide additional information before we allow you to exercise your rights. We are required to ensure that we only give access to your personal data to you – and not someone who pretends to be you.

Right to protest on the processing

You also have the right to have the processing restricted in certain cases, such as if:

You dispute the accuracy of the personal data, for a period that enables Klikk to check the accuracy of the personal data.
The processing is not lawful, and you oppose the deletion of the personal data and instead request that the use of the personal data be restricted.
Klikk no longer needs the personal data for the purpose of the processing, but you need them to determine, assert or defend legal claims.
You have objected to processing under GDPR Article 21 (1) pending the verification of whether Klikk’s legitimate interests take precedence over your privacy.

The right to data portability

For information that you have provided to Klikk and which is necessary to implement an agreement with Klikk, and which is processed automatically (i.e. not manually by Klikk), you can request that the personal data about you be disclosed or transferred to another supplier in a structured, commonly used and machine-readable format (data portability).

Automated decisions, including profiling

No automated decisions will be made, as mentioned in GDPR Article 22 (1) and (4) based on your personal data.

The right to complain to a supervisory authority

Klikk uses the Norwegian supervisory authority (Datatilsynet) as the leading supervisory authority for cross-border processing pursuant to GDPR Article 56.

If you believe that our processing of personal data is not in accordance with what we have described here or that we in other ways violate the privacy legislation, then you set forth a complaint to the Datatilsynet.

You will find information on your rights and how to contact the website: www.datatilsynet.no.

Changes to this policy

Should there be a change in our processing of personal data or changes in the regulations on the processing of personal data, change in the information provided here may be required. If we have your contact information, we will notify you of the changes. Otherwise, updated information will always be available in the app or on our website.

Cookie Name	Agent	Purpose	Length
zenMode	Matomo Analytics	Check if user has Zen Mode enabled	Session
MATOMO_SESSID	Matomo Analytics	Prevent CSRF security issues	Session
_pk_testcookie	Matomo Analytics	Check if the visitor has cookies enabled	Session
_pk_cvar	Matomo Analytics	Short lived cookie used to temporary store data for the visit.	30 min
_pk_ref	Matomo Analytics	To store referrer-id for analytical purposes.	6 months
_pk_id	Matomo Analytics	Used to store details about the user such as the unique visitor ID.	13 months
_pk_ses	Matomo Analytics	Short lived cookie used to temporary store data for the visit.	30 min
mtm_consent	Matomo Analytics	Enable Matomo Analytics Consent	Session

Cookie Name	Agent	Purpose	Length
mtc_sid	Mautic	Mautic Session ID	Session
mtc_id	Mautic	Mautic User ID	Session
Used to identify visitors across visits and devices.	Mautic	Used to identify visitors across visits and devices.	1 year
mautic_session_id	Mautic	Tracking Lead interaction	30 min

Cookie Name	Agent	Purpose	Length
bcookie	LinkedIn	Browser-ID cookie that uniquely identifies devices that access LinkedIn to detect abuse on the platform.	2 years
bscookie	LinkedIn	Used to save the state of 2FA for a logged in user	1 year
UserMatchHistory	LinkedIn	Synchronizing LinkedIn ad IDs	6 months
lidc	LinkedIn	To optimize data center selection	1 day

Cookie Name	Agent	Purpose	Length
_fbp	Facebook	To store and track visitors across websites for remarketing purposes.	3 months
c_user	Facebook	Cookie related to Facebook Pixel functionality	3 months
datr	Facebook	To analyse and prevent suspicious activity.	2 years
fr	Facebook	To improve relevance of ads.	3 months
presence	Facebook	Cookie related to Facebook Pixel functionality.	Session
sb	Facebook	Cookie related to Facebook Pixel functionality.	2 years
wd	Facebook	Cookie related to Facebook Pixel functionality.	1 week
xs	Facebook	Cookie related to Facebook Pixel functionality.	3 months

Cookie Name	Agent	Purpose	Length
CONSENT	Google	Store visitors preferences and personalization of ads.	Persistent
NID	Google	Store visitor preferences and personalization of ads on Google. Based on search and interaction.	6 months
OTZ	Google	Link website visiitors to other devices, previously logged in with Google. Tailored advertisment based on device.	1 month
SIDCC	Google	For security and fraud prevention purposes.	3 months
ANID	Google	List ads on Google Sites based of search.	Persistent
SAPISID	Google	Collection of visitor information for videos hosted by YouTube.	Persistent
SSID	Google	Collection of visitor information for videos hosted by YouTube with Google Maps.	Persistent
HSID	Google	For security and fraud prevention purposes.	2 years
APISID	Google	Personalization of ads based on recent searches and interactions.	2 years
SID	Google	For security and fraud prevention purposes.	2 years
__Secure-3PAPISID	Google	Collect information to build a profile based on interest. Show relevant ads through retargeting.	2 years
__Secure-3PSID	Google	Collect information to build a profile based on interest. Show relevant ads through retargeting.	2 years
__Secure-APISID	Google	Collect information to build a profile based on interest. Show relevant ads through retargeting.	8 months
__Secure-HSID	Google	To secure signed and encrypted data digitally signed with unique Google ID. Store most recent login, identify visitors, prevent fraudulent use. Provide targeting to display relevant and personalized ads.	8 months
__Secure-SSID	Google	Store information about how the user uses the website. Ads that might have been seen by the user before entering the site. Customize ads on Google domains.	8 months
1P_JAR	Google	Store recent searches, previous interactions, customization of ads.	1 week
SEARCH_SAMESITE	Google	Prevent risk of CSRF.	5 months
IDE	Google / DoubleClick	Report user interaction after clicking ads, measure efficiency, target ads.	1 year
RUL	Google / DoubleClick	Determine if website advertisment has been displayed properly.	1 year
DSID	Google	Used to identify a signed-in user on non-Google sites and to remember whether the user has agreed to ad personalization.	2 weeks
DV	Google	Used to save user preferences, preferred language, number of search results, check SafeSearch settings.	7 minutes

Privacy Policy

Data controller and processor

Purpose and personal data processed

Processing of personal data

Disclosure and transfer of personal data

Security

Alerting authorities

Alerting you

Specific processing of personal data

Visiting our site for the first time (or on a device)

Signing up to our newsletter

Commenting on our blog

Contacting us

Signing up for a free trial or demo

Chatting with us

Creating an account

Placing an order

Your rights when we process personal data about you

Right of access, correction, and deletion

Right to protest on the processing

The right to data portability

Automated decisions, including profiling

The right to complain to a supervisory authority

Changes to this policy

We care about your privacy

Cookie preferences

Functional

FreshChat

Statistical

Matomo Analytics

Marketing

Mautic

LinkedIn

Facebook

Google Ads Remarketing