News: SuperOffice integrates marketing automation to CRM. Read more

SuperOffice Privacy Statement

This Privacy Statement was published November 8th, 2018. You can see the previous versions here.

In SuperOffice we are committed to protect and respect your privacy in compliance with EU- General Data Protection Regulation (GDPR) 2016/679, dated April 27th 2016. This privacy statement explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure. This Privacy Statement applies to the use of our products and to our sales, marketing and customer contract fulfilment activities. It also applies to individuals seeking a job in SuperOffice.

Who are we?

SuperOffice AS develops and delivers the Customer Relationship Management (CRM) software that supports our customers marketing, sales and customer service processes. Our company’s headquarters is located in Oslo, Norway, and our subsidiary companies are based in Norway, Sweden, Denmark, Germany, the Netherlands, the United Kingdom, Switzerland, and Lithuania. The headquarters’ registered office address is Wergelandsveien 27, 0167 Oslo, Norway.

SuperOffice AS is the data controller and our Data Protection Officer can be contacted by email: privacy@superoffice.com.

When do we collect and process personal data about you?

  • When you are using our products, and you are providing personal data in the products.
  • When you interact with us in person, through correspondence, by phone, by social media, or through our websites. This also includes when you interact with us as a representative of a company, such as entering into a contract with us, contacting us for support or other issues. Note that we do not transfer personal data from the social media and process the personal data on any other way outside the social media platform.
  • When we collect personal information from other legitimate sources, such as third-party data aggregators, SuperOffice marketing partners, public sources or social networks. We only use this data if you have given your consent to them to share your personal data with others.
  • We may collect personal data if it is considered to be of legitimate interest, and if this interest is not overridden by your privacy interests. Before data is collected we make sure an assessment is made, ensuring that there is an established mutual interest between you and SuperOffice.

Why do we collect and use personal data?

We collect and use personal data mainly to perform direct sales, direct marketing and customer service. We also collect data about suppliers, partners and persons seeking a job or working in our company. 

We may use your information for the following purposes:

  • Send you marketing communications which you have requested. These may include information about our products and services, events, activities, and promotions of our associated partners’ products and services. This communication is subscription based and requires your consent.
  • Customers will by default receive SuperOffice subscriptions, but can choose to opt-out at any time.
  • Send you information about the products and services that you have purchased from us.
  • Perform direct sales activities in cases where legitimate and mutual interest is established.
  • Provide you content and venue details on a webinar or event you signed up for.
  • Reply to a ‘Contact me’ or other web forms you have completed on one of our SuperOffice websites (e.g. to download a whitepaper).
  • Follow up on incoming requests (customer support, emails, chats, or phone calls).
  • Provide you with access and services related to a Free Trial of SuperOffice CRM.
  • Provide access to our Customer Support portal or the SuperOffice Community website.
  • Perform contractual obligations such as order confirmation, license details, invoice, reminders, and similar. The contract may be with SuperOffice directly or with a SuperOffice partner. If the contract is entered into with SuperOffice, the contract may be entered into digitally for more efficient contract and customer handling, including to meet with legal requirements.
  • Notify you about any disruptions to our services (system messages).
  • Contact you to conduct surveys about your opinion on our products and services.
  • Recruitment and processing job applications.

Our legal basis for collecting personal data


Collecting personal data based on consents

The collection of personal data based on consent from the data subject will be done by using “Consent Forms” that will store documentation related to the consent given by the individual. Individual consents will always be stored and documented in our systems. We may send digital marketing to persons which have consented, such as marketing per email. 

Collecting personal data based on contracts

We use personal information for fulfilling our obligations related to contracts and agreements with customers, partners and suppliers.

Collecting personal data based on legitimate interest

We may use personal data if it is considered to be of legitimate interest, and if the privacy interests of the data subjects do not override this interest. Normally, to establish the legal basis for data collection, an assessment has been made during which a mutual interest between SuperOffice and the individual person has been identified. This legal basis is primarily related to our sales and marketing purposes, and we may send information on products and services to our customers based on legitimate interest. We will always inform individuals about their privacy rights and the purpose for collecting personal data.

What type of personal data is collected?

We collect name, phone number, title and email address, in addition to your company’s name and contact information. If you are a representative for your company, we process your personal contact information with regard to the company. When entering into a contract with us, the signature may be made electronically comprising the processing of your personal data. We may also collect feedback, comments and questions received from you in service-related communication and activities, such as meetings, phone calls, documents, and emails. From our websites we may collect IP-address and actions taken on the site.

If you upload photos or videos, add posts or comments, etc. on our Community website, the information can be read by anyone with access to the Community site and used for purposes over which SuperOffice or you have no control. Therefore, SuperOffice is not responsible for any information you submit to the Community website.

If you apply for a job at SuperOffice, we collect the data you provide during the application process.

SuperOffice does not collect or process any special categories of personal data, such as public unique identifiers or sensitive personal data.

How long do we keep your personal data?

We store personal data for as long as we find it necessary to fulfill the purpose for which the personal data was collected, while also considering our need to answer your queries or resolve possible problems, to comply with legal requirements under applicable laws, to attend to any legal claims/complaints, and for safeguarding purposes.

This means that we may retain your personal data for a reasonable period of time after your last interaction with us. When the personal data that we have collected is no longer required, we will delete it in a secure manner. We may process data for statistical purposes, but in such cases, data will be anonymized.

Your rights to your personal data

You have the following rights with respect to your personal data:

  • The right to request a copy of your personal data that SuperOffice holds about you.
  • The right to request that SuperOffice corrects your personal data if inaccurate or out of date.
    • If you are a customer or partner and you have registered a profile on our Community website, you may update your user profile by logging into Community and selecting  “Edit Profile”.
    • If you are a customer and using SuperOffice CRM Online, you may update your user profile in SuperOffice by logging into SuperOffice and choose the option “Show my contact info” to edit your details.
  • The right to request that your personal data is deleted when it is no longer necessary for SuperOffice to retain such data.
  • The right to withdraw any consent to personal data processing at any time. For example, your consent to receive e-marketing communications:
    • If you want to withdraw your consent to e-marketing, please make use of the link to manage your subscriptions included in our communication. Please note that you may still receive system messages and administrative communications from SuperOffice, such as order confirmations, system messages and notifications about your account activities. 
  • The right to request that SuperOffice provides you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
  • The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
  • The right to object to the processing of personal data, in case data processing has been based on legitimate interest and/or direct marketing.

Any query about your Privacy Rights should be sent to privacy@superoffice.com

The use of cookies

We use cookies to collect information as you navigate the company’s websites. Website Navigational Information includes standard information from your web browser, such as browser type and browser language; your Internet Protocol (“IP”) address; and the actions you take on the company’s websites, such as the web pages viewed and the links clicked.

This information is used to make websites work more efficiently, as well as to provide business and marketing information to the owners of the site, and to gather such personal data as browser type and operating system, referring page, path through site, domain of ISP, etc. for the purposes of understanding how visitors use a website. Cookies and similar technologies help us tailor our website to your personal needs, as well as to detect and prevent security threats and abuse. If used alone, cookies do not personally identify you.

If you want to withdraw your acceptance of cookies on our websites, you can go to your web browser and deactivate it.  

Tracking: To offer a better customer experience to the people visiting our website, SuperOffice uses a number of marketing tools. They allow us to analyze aggregated data, such as visitors’ scrolling patterns or clicks, in order to determine which pages result in the best actions. However, SuperOffice does not use your personally identifiable information by employing any of these marketing tools. We use Google Analytics as the third-party service provider: Privacy Policy.

Remarketing: SuperOffice uses remarketing tracking cookies and conversion pixels from Google, LinkedIn and Facebook, in order to present you with special offers for our products or services over the Google Content Network and via social networks. This may result in you seeing an ad for one of our products or services after you have visited our website. Moreover, SuperOffice also creates custom audiences based on emails of subscribers and customers, in order to present special offers for our products and services via social media and the Google Content Network. However, SuperOffice does not use your personally identifiable information by employing any of the remarketing services, other than to present you special offers from us. When using remarketing, some personal data to identify the user, such as name, email and/or phone number, may be transferred to the provider of the advertising or a social media network (such as Facebook). SuperOffice uses retargeting to both exclude individual persons from retargeting (such as existing users of SuperOffice) and to include individual persons (such as potential new users of SuperOffice).

We use the following third-party service providers for remarketing (see more below under “Use of sub-contractors”):

Facebook: Opt-out of Facebook remarketing here 
Google: Opt-out of Google remarketing here
LinkedIn: Opt-out of LinkedIn remarketing here

In some instances we anonymize data between SuperOffice and the aforementioned services with hashing to safeguard your security.

You can find more information on how to administer cookies in your browser here: http://www.aboutcookies.org.uk/managing-cookies  

Do we share your data with anyone?

We do not share, sell, rent, or trade your information with any third parties without your consent, except from what is described below:

Third-party Service Providers working on our behalf:

We may pass your information on to our distributors, agents, sub-contractors and other associated organizations with the purpose of them providing services to you on our behalf. 

Third-party Product Providers we work in association with:

We work closely with various third-party product providers to bring you a range of products and services designed to meet your extended needs related to CRM (e.g. apps available in our App Store). When you enquire about or purchase one or more of these products, the relevant third-party product provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. In some cases, our third-party product providers will be acting as data processors of your information and, therefore, we advise you to read their Privacy Policy and sign a Data Processing Agreement. These third-party product providers will share your information with us, which we will use in accordance with this Privacy Statement.

If required by law:

We will disclose your personal information if required by law or if we, as a company, reasonably believe that disclosure is necessary to protect our company’s rights and/or to comply with a judicial proceeding, court order or legal process. However, we will do what we can to ensure that your privacy rights continue to be protected.

Use of sub-contractors (processors and sub-processors)

We may use sub-contractors to process personal data on our behalf, we are responsible for making sure they commit themselves to adhere to this Privacy Policy and applicable data protection legislation by signing a Data Processing Agreement.

If the sub-contractor processes Personal Data outside the EU/EEA area, such processing must be in accordance with the EU Privacy Shield Framework, EU Standard Contractual Clauses for transfer to third countries, or another specifically stated lawful basis for the transfer of personal data to a third country.

If a new sub-contractor is signed or a change of sub-contractor is performed related to our CRM Online service, the customers will be notified in line with our Terms of Service. A directory of approved sub-processors is part of our Data Processing Agreement available in the Trust Center.

Facebook: Opt-out of Facebook remarketing here 
Google: Opt-out of Google remarketing here
LinkedIn: Opt-out of LinkedIn remarketing here

In some instances we anonymize data between SuperOffice and the aforementioned services with hashing to safeguard your security.

You can find more information on how to administer cookies in your browser here: http://www.aboutcookies.org.uk/managing-cookies  

Changes to this Privacy Statement

SuperOffice reserves the right to amend this Privacy Statement at any time. The applicable version will always be found on our websites. We encourage you to check this Privacy Statement occasionally to ensure that you are happy with any changes. 

If we make changes that significantly alter our privacy practices, we will notify you by email or post a notice on our websites prior to the change taking effect.

Your right to complain with a supervisory authority

If you are unhappy with the way in which your personal data has been processed, you may, in the first instance, contact privacy@superoffice.com

If you remain dissatisfied, then you have the right to apply directly to your national supervisory authority for a decision. The supervisory authorities can be contacted at: 

  • Sweden:
    Datainspektionen 
    www.datainspektionen.se
  • Denmark:

    Datatilsynet
    www.datatilsynet.dk 

  • Germany:
    Each individual German state has a Data Protection Authority which is responsible for the enforcement of data protection laws and competent in respect of data controllers established in the relevant state
  • Netherlands:
    Autoriteit Persoonsgegevens  
    autoriteitpersoonsgegevens.nl
  • United Kingdom:
    Information Commissioner’s Office (ICO)
    ico.org.uk
  • Switzerland:
    Federal Data Protection and Information Commissioner (FDPIC)

    www.edoeb.admin.ch

  • Lithuania:
    Valstybinė duomenų apsaugos inspekcija in Lithuanian 
    ada.lt