Welcome to the Papirfly
Papirfly is a trading style of Papirfly AS, Papirfly is also a trading style of Papirfly Ltd, Papirfly ApS, Papirfly AB, Papirfly GmbH and Papirfly Inc, all wholly owned subsidiaries of Papirfly AS. Our registered company number is 979489137, and our registered address is Papirfly AS, Universitetsgata 2, 0164 Oslo, Norway (“Papirfly”). This policy is issued on behalf of the group of Papirfly companies. We will let you know which entity will be the Controller for your data when you purchase a product or service with us.
Whenever you visit a Papirfly website or interact electronically or physically with Papirfly, it is possible that we may receive or collect personal information about you.
This website is not intended for children and we do not knowingly collect data relating to children
Who and what this policy applies
We understand that data security and privacy online is more important today than ever before. Throughout this policy, we will explain the measures that we’ve put in place to ensure the security of any data that we receive or handle as a result of you using our websites including www.papirfly.com, www.papirfly.no, www.papirfly.co.uk, www.papirfly.dk, www.papirflyemployerbrand.com and www.papirflypsmarketing.com, collectively referred to as (“our Website”) or our services (“Services”).
From time to time this policy may be updated as necessary. If we make any changes, we will publicly publish any updates to our Website. Any changes that we make in the future will be effective immediately as of the date listed at the bottom of this page.
Although we’ve tried our best to make this policy as clear as possible, we understand that you may still have questions or need to clarify things with us.
Acceptance of Terms
Using our Website or making use of our Services in any way is taken as an acknowledgement that you fully accept all of the policies set out on this page. If you’re in any doubt, please get in touch with us.
Visiting our Website or making use of our Services in any way is taken as an acknowledgement that you fully accept all of the policies set out on this page and that you agree to us collecting, storing, transferring and using your data as set out throughout this policy.
What information we collect and how we use it
We may collect or request various types of Personal Information for standard business use such as support and marketing purposes. We may also collect non-Personal Information such as which browser you are using for example.
While you access our Website and Services, we may either ask you to submit information to us or we may collect information about you.
If, at any time, an individual provides Personal Information or other information about someone other than himself or herself, the individual warrants that they have that person’s consent to provide such information for the purpose specified.
Any data that we collect is used to improve the Services that we offer – helping us to contact you, personalise your experience, and make improvements to our products.
When you navigate our Website, navigational information will be collected. This navigational information includes standard information from your web browser, such as browser type and browser language, your IP address, and also the actions you take on the Papirfly websites such as page views and links clicked. The navigational information is collected using Google Analytics and cookies.
When expressing an interest in obtaining additional information about our services and products, the website may prompt you to provide your personal contact information through a web form. Such information will normally include name, company name, address, phone number, and email address.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
We will need your personal data to conduct business with you, without this we cannot deliver our Papirfly services.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Use of information collected
We do not collect any Personal Information when you visit our site as a visitor, unless you choose to identify yourself when we rely on your consent as the legal basis for processing your details. Your Personal Information will only be used in conjunction with your usage of the system.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you of your company. The type of information required to be processed on a contractual basis includes contact details and company financial information for invoicing etc.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation. The type of information will depend on the regulation e.g. any personal information contained within a contract will be retained for up to six years in the UK, and personal information will also be kept to a minimum and only retained for as long as necessary according to GDPR laws.
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message when you have consented for us to do this. You have the right to withdraw consent to marketing at any time by contacting us
Google Analytics is used to track and log navigational information on our Website. The data gathered is used to improve the content and the structure of our Website.
Cookies are used to make interactions with our Website as smooth as possible. When you visit our Website, the Papirfly server sends a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognise your web browser. Unless you choose to identify yourself to Papirfly by filling out a web form, your personal contact details remain anonymous.
Papirfly will only use personal contact data to perform services requested. For example, if you fill out a “Contact Me” web form, Papirfly will use the information provided to contact you via email or text message about your interest in our products, and will rely on the consent you have given by completing the web form as the legal basis for processing your details.
Change of purpose
Our data is only obtained for specified and lawful purposes; and processed fairly. We won’t do anything with your data without your consent.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please get in touch.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Your Personal Information may be transferred to help us improve the services that we offer, but only with trusted third parties that we have data processing agreements with.
Our Website and Services may make use of services provided to us by third parties. Because of this, some of your information may be shared with these third parties in order for Papirfly’s Services to operate as they should.
As such, the information which you share with us may also be covered by the Privacy Policies of multiple different service providers (listed below), not just this policy so you should also consult their Privacy Policies. You must accept the policies of any third party that we supply your data to, as well as ours, to make use of our Website or Services.
Third Party Processors
Our carefully selected partners and service providers may process personal information about you on our behalf as described below:
Operating System Service Providers
The following sub-processors are used for normal operation of our services:
- Lan-x AS, ASP operator, Norway
- Amazon Web Services EMEA SARL, (“AWS Europe”)
The Processing will take place, and the Personal Data will be stored, in the following location (country/state):
- Lan-x: Sandnes, Norway
- Amazon Web Services: Stockholm, Sweden (AWS Europe).
Digital Marketing Service Providers
We periodically appoint digital marketing agents to conduct marketing activity on our behalf, such activity may result in the compliant processing of personal information. Our appointed data processors include:
Their Data Protection Officer can be contacted by email at firstname.lastname@example.org or by mail to HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141 USA, Attn: Privacy.
Their Data Protection Officer can be contacted via email at email@example.com or by mail to Planhat AB, c/o PE Accounting, BOX 90255, 12024, Stockholm, Sweden.
Their Data Protection Officer can be contacted by email at firstname.lastname@example.org or by mail to Salesloft Inc. 1180 West Peachtree Street NW, Suite 600, Atlanta, GA 30309.
Their Data Protection Officer can be contacted by email at email@example.com or by mail Prighter Schellinggasse 3/10, Vienna 1010, Austria.
Their Data Protection Officer can be contacted by email at firstname.lastname@example.org or by mail at John McGill C7OO IDG Direct, Millennium House, Great Strand Street, Dublin 1, Ireland.
Vidyard (Buildscale Inc)
Their Data Protection Officer can be contacted by email at email@example.com or by mail to Buildscale Inc, 1 Qeen St. N, Unit #301, Kitchener, ON, Canada, N2h 2G7.
To ensure the security of your Personal Information, Papirfly has data processing agreements in place with the third parties that we work with. This means that we only provide your data to those who ensure high level of security and that your data will be used, transferred and stored in accordance with applicable data protection laws, including (without limitation) the Data Protection Act 2018 and the General Data Protection Regulation (EU) 2016/679 as it forms part of the law of England and Wales by virtue of section 3 of the European Union (Withdrawal) Act 2018
Although we strive to ensure that third parties provide the same protections and controls as Papirfly does, we cannot control or assume any responsibility for the practices of any third party service provider.
Links to third party websites
We are careful to select only reputable and trustworthy websites as reference or partners. But, even so, a link to a third party website does not constitute an endorsement of that website, its owner or its content.
Information and access to personal data
You have the right to object to how we process your Personal Information. You also have the right to access, correct, sometimes delete and restrict Personal Information we use.
An individual has the right to request from us the Personal Information that we have about them, and we have an obligation to provide them with such information within 28 days of receiving their written request.
If an individual cannot update his or her own information, we will correct any errors in the Personal Information we hold about an individual within 7 days of receiving written notice from them about those errors
It is an individual’s responsibility to provide us with accurate and truthful Personal Information. We cannot be liable for any information that is provided to us that is incorrect.
If the subject access request is manifestly unfounded or excessive, for example because of its repetitive nature, we may charge an individual a reasonable fee for our costs incurred in meeting any of their requests to disclose the Personal Information we hold about them.
If you need further details about if and how we process your personal data or if you would like to review what Personal Information we are storing on you, please contact our Data Protection Officer, get in touch.
Rectification and erasure of personal data
Your Personal Information rights. You can unsubscribe from any of our marketing activity by using the built-in unsubscribe links or getting in touch with us directly.
Every customer has rights which govern how their Personal Information is used. We aim to ensure that every customer finds it as easy as possible to exercise these rights, with total control over what information we hold and how we use it.
Your rights include:
- The ability to review any Personal Information that you have supplied to us
- Requesting that we do not use your Personal Information to contact you
- Correcting any errors in our information or making changes to the data that we hold about you
- Requesting that your Personal Information be removed from our mailing list or opting-out of being contacted by us
- Requesting that we delete your Personal Information from our records
All requests related to rectification or erasure of your personal data stored by us may be directed to our Data Protection Officer, please get in touch.
Once we’ve received notice from you, we will delete or amend your Personal Information and notify you once complete.
You can’t unsubscribe from certain emails that update you about legal information such as updates to our terms.
Sometimes we need your consent to use your Personal Information, for example for marketing. We won’t always need consent to use Personal Information, for example if we need to meet regulatory requirements or to perform a contract with you. From time to time, we may also send you important notices, such as changes to our terms, conditions and policies.
Your personal data might be transferred outside of Europe to be processed, but we keep it protected.
Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA, for example Google analytics.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Standard contractual clauses for international transfers.
Please get in touch if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We care about your data privacy and have taken all the necessary steps to ensure that your data is safe. We’ve taken all reasonable measures to guard against data theft, loss, or other breach.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How long we will keep your personal data for.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see get in touch section for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Information of minors
Our Website and Services are unavailable to children.
Our Website and Services are not intended for, or targeted towards, children under 18 years old (“Minors”) and you are therefore prohibited from using this website if you are a minor.
We do not knowingly collect information from or about Minors. If you think we have done so, either from you or someone else, please get in touch.
We don’t sell Personal Information
We will never sell your data to a third party.
Quite simply, Papirfly will never sell your Personal Information to a third party.
Information may be transferred to help us improve the services that we offer (see “Service Providers” above), but we will never sell your information.
Get in touch – Our contact Information
You can get in touch with us directly if you have any concerns over the Personal Information we hold.
For further details about our Privacy Statement, please contact our Data Protection Officer at:
+47 930 44 444
Alternatively write to us at:
Papirfly AS, Universitetsgata 2, 0164 Oslo, Norway
Org nr: 979489137
Papirfly AB, Torsgatan 26, 113 21 Stockholm
Papirfly Danmark ApS, Frederiksgade 34, 3., 8000 Aarhus C
Papirfly GmbH, Bahnhofsplatz 12, 76137 Karlsruhe
Papirfly Ltd, Techspace, 25 Luke Street, London EC2A 4DS
Papirfly Inc, 1 High St Ct, Morristown, NJ 07960
These are the data protection authorities you can complain to if needed.
We seek to resolve directly all complaints about how we handle your personal information, but you also have the right to lodge a complaint with the appropriate data protection authority listed below:
For complaints relating to papirfly.com, papirfly.co.uk, papirflyemployerbrand.com, papirflypsmarketing.com
Information Commissioner’s Office
Telephone: 0303 123 1113 (local rate) or 01625 545 745
For complaints relating to papirfly.no
P.O. Box 8177 Dep.
Telephone: +47 22 39 69 00
For complaints relating to papirfly.dk
Borgergade 28, 5.
1300 København K
Telephone: +45 33 19 32 00
Table of contents:
- Our websites
- Acceptance of terms
- What information we collect and how we use it
- If you fail to provide personal data
- Use of information collected
- Change of purpose
- Service providers
- Links to third party websites
- Information and access to personal data
- Rectification and erasure of personal data
- Contacting individuals
- International transfers
- Data security
- Data retention
- Information of minors
- We don’t sell personal information
- Get in touch – Our contact information