Privacy policy

IXT privacy policy

IXT (referred to as "IXT", "we", or "us") is committed to ensuring that you are informed about how we collect, use and disclose personal data. In this privacy policy we will explain which personal data we collect and process, for which purposes we process your data and what your rights are. You can find more information about data protection on the Norwegian Data Protection Authority's website www.datatilsynet.no.

1. What is personal data?

Personal data is any information that can be directly or indirectly linked to a natural person, such as name, postal address, e-mail address, IP address and mobile number.

2. Who is responsible?

IXT AS (org.no 93329617) is the data controller for the processing of your personal data, for the purposes set out in this privacy policy. The contact information for IXT AS is:

Postal Address: Studievegen 2, 2815 Gjøvik

Email: support@ixt.no

As data controller, the processing must take place in accordance with applicable data protection legislation, including the EU General Data Protection Regulation ("GDPR") and the Norwegian Personal Data Act.

3. Who do we process personal data about?

This privacy policy applies to our processing of personal data about the following individuals:

Visitors to our websites and our social media channels
Representatives of our customers or suppliers
Other individuals with whom we have contact to provide information about services or assistance to use the service or correct errors
End users of our services or the customer's services where our services are an integral part
Job applicants

4. What personal data do we process?

The personal data that we collect and process can be divided into the following categories:

Customer representatives: name of contact person for corporate customers, email address and customer ID and other relevant information in relation to concluding or performing a contract.
Supplier representatives: name of contact person for supplier, email address, telephone, and other relevant information in relation to concluding or performing a contract.
Usage data: depending on the customer, this may include ID, IMEI or name, telephone numbers, vehicle registration number and usernames of end user (i.e. customer's customer).
Customer support: when customers or other individuals contact our customer service, we collect name, telephone, email, customer ID, details about the relevant service, the content of messages or other communications between you and IXT and additional information necessary to assist you.
Payment information: information about the payment method used to pay for our services or other information necessary in connection with invoicing and transaction history.
Website and social media: name, username and in some cases aggregated information and analytical data about your activity when you interact with our social media pages.
Sales and marketing: when customers engage with IXT through activities such as attending seminars, conferences, webinars, subscribing to our newsletters, participating in surveys, or any other interactions, we may collect personal information. This may include your name, home address, email address, phone number and similar information. Before collecting your information, we will provide you with detailed information about what data is being collected and the purposes for which it will be used. In order to send marketing material (newsletters) and business information we collect your name, email, phone number and job title.
Job application: when you apply for a job with us, we collect information about your application. This includes personal details provided in your application and CV, additional information you choose to share with us during the application process, names and contact details of the references you provide.
Fault rectification, detection, prevention of misuse and security: we process personal and traffic data to maintain robust security across all our services. We will also process personal data relating to fault rectification for the purpose of identifying and resolving issues to ensure the smooth operation of our service.

5. How do we collect your personal data?

We can collect your personal data in various ways:

Personal data that we receive directly from you when you order our service or communicate with us. This information is necessary for us to be able to deliver the service you have ordered or to follow up on your enquiries.
We receive personal data indirectly from you when you use our services and visit our websites. This information is important in order to provide the service and to be able to improve and further develop the services we offer you.
We receive data from our customers that they choose to input as a "tag" on their SIM card. This data can vary depending on what each customer decides to register. While IXT has the capability to access this information, we do not maintain a comprehensive overview of the specific data each customer inputs.

6. What is our legal basis for processing personal data?

According to the current data protection privacy legislation, we must have a legal basis for our processing of personal data. The basis for our processing of personal data is one or more of the following basis:

The processing is necessary for compliance with a legal obligation to which we are subject, including, for example, processing traffic data and location data pertaining to the use of the transmission service used for the IoT-service, storing information in accordance with invoicing and accounting (GDPR Article 6 (1) c).
The processing is necessary for the purposes of the legitimate interests pursued by IXT, except where our interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data (GDPR Article 6 (1) f). This legal basis is relevant when we provide our services and personal data pertaining to data subjects that are end users are collected on an occasional basis and processes when our customers are using our services to provide their services.
The processing is necessary for the fulfilment of a contract with the data subject (GDPR Article 6 (1) b).
You have given your explicit consent if you opt to receive newsletters or marketing material or other circumstances where we ask for your consent, (GDRP Article 6 (1) a and GDPR Article 9 (2) a).

You can read more about the purposes for which we process personal data and the legal basis that entitles us to process your data for the various purposes below.

7. For which purposes do we process your personal data?

IXT collect and use your personal data for different purposes depending on your relationship with us and how we get in touch with you.

Below you can read more about what personal data we process, what we use it for (the purpose) and why we are authorized to do so (the basis for processing).

We use the following personal data for the following purposes:

Purpose	Processing activity	Categories of personal data	Lawful basis for processing
Deliver our services to our customers	We process personal data to provide and deliver our services, e.g. when establishing an order.	Customer name and other personal details (date of birth, email address, telephone, customer ID etc. Name of contact persons for corporate customer Content of messages or other communication in relation to the conclusion of a contract.	Article 6(1)(b) – necessary for the performance of a contract with our customers.
Supplier information	We process personal information in relation to work for our suppliers.	Name of contact person for supplier Email address Other contract information	Article 6(1)(b) – necessary for the performance of a contract.
Functionality of IXT's service for end users	We may receive personal information about end users of our services from our customers. This data can vary depending on what each customer decides to register.	Telephone Vehicle registration number Other information about the end user that the customer decides to register.	Article 6(1)(f) – legitimate interests, such as performance of a contract with our customers.
Customer support	If you provide us with feedback or contact us for support, we collect your name and email address, as well as any other content you send to us, in order to respond to you.	Customer ID Name Email Telephone Support tickets Other information necessary to deliver customer support Content of messages or other communication	Article 6(1)(f) – legitimate interests, such as performance of a contract with our customers.
Payment information	We will process data in relation to sales, invoicing, shipment of services or warranty.	Order information Contact details Shipment and invoice address Invoice history. Payment information Payment status (whether or not the payment was successful or not) Delivery information and if applicable return or exchange information.	Article 6(1)(b) – necessary for the performance of a contract.
Website and social media	We will process your personal information when you use our website and social media by logging customer behavior patterns.	Name Username Aggregated information and analytical data about your activity on our social media pages	Article 6(1)(f) – legitimate interests in improving and further develop the service we offer you.
Fault rectification, detection, prevention of misuse and security	We will be able to process personal and traffic data to ensure good security in all our services. We will also be able to process personal data to detect or prevent various types of misuse of the electronic communication service or use in violation with IXT's policies or applicable law.	Authentication logs Access attempts, Timestamps, User ID IP addresses Browser and device details Session data Contact data Role based data Operational data Financial data	Article 6(1)(c) – necessary for compliance with a legal obligation, such as detect and prevent cyberattacks. Article 6(1)(f) – Our legitimate interest in maintaining information security.
Sales and marketing	We use both personal data for marketing purposes in accordance with applicable law. These activities include product marketing, target group creations, customized marketing and sending out newsletters and other information that you have requested.	Contact details Name Email Log data User equipment	Article (6) (a) of the GDPR or Section 15 (1) of the Marketing Control Act.
Job advertisement and recruitment	We use personal data to assess candidates who apply for positions with us, either unsolicited or through an advertisement.	Personal details provided in your application and CV Additional information you choose to share with us during the application process Names and contact details of the references you provide	Article 6(1)(f) of the GDPR and Article 9(2)(a) of the GDPR if there are special categories of data being processed.
Compliance with various legal requirements.	We process personal data to fulfill legal requirements, for example in connection with accounting and to provide information to the competent authority when this is required of us in accordance with applicable legislation.	All categories of personal data that are strictly necessary to fulfil our obligations.	Article 6(1)(c) – necessary for compliance with a legal obligation.

8. How do we keep your personal data safe and secure?

We have established routines and measures to ensure that unauthorized persons do not gain access to your personal information and that all processing of the information otherwise takes place in line with current legislation.

The measures include, among other things, regular risk assessments, technical systems and physical procedures to safeguard information security and routines to verify access and correction requests. Additionally, we will require that our service providers use appropriate measures to protect the confidentiality and security of your data.

9. Who do we disclose personal data to?

Subcontractors: We will share personal data with our subcontractors that we use in our business or that we use to deliver the service to users or other related services will have access to personal data to the extent necessary for the delivery. This may be e.g. networks, cloud storage services we use to deliver our services, user content hosting services, data warehousing services, security monitoring services, access control, logging, analytics, customer service, email communication, content services, web analytics services, social media platforms, payment and transaction providers, etc.) Our subcontractors process your personal data on our behalf (as data processor) and in line with our instructions. We enter into data processing agreements with our data processors that regulate how the data processor can process the information they are given access to and their obligations in this regard, including for what purposes the personal data can be used.

Public authorities: We may also share personal data with public authorities a) where there is a legal obligation to disclose or b) if we do so to pursue a legal claim for breach of our terms of use or other legal obligations c) if we suspect fraud or other illegal activity, d) to protect the safety of our services, employees, users or the public or f) where there is another legal right of disclosure.

Successors in title: If we transfer our rights or obligations to a third party in connection with a business transfer, reorganization, restructuring, bankruptcy or other similar event ("Business Transfer"), your personal data will be transferred to the business that is our legal successor and group companies. Your personal data may also be made available as part of preparations for a Business Transfer or a sale of the shares in the company, e.g. a review of the company's liabilities (due diligence).

10. Do we transfer personal data to other countries?

We do not transfer your personal data to countries and/or organizations outside the EU/EEA area that do not offer adequate protection (so-called third countries). If it becomes relevant to do so, IXT will ensure legal basis for transfer and that processing takes place in line with the requirements set out in GDPR chapter V, including, for example, by us entering into an agreement with the recipient of the data based on the EU's standard contractual clauses.

11. How long do we store personal data?

IXT store your personal data for as long as necessary for the fulfilment of the above-mentioned purposes for the processing of the data. However, this does not apply if storage is required by law for a longer period than the purpose dictates.

The retention period will vary based on our needs and depends on the following relevant considerations:

the purpose of the processing and sensitivity of the data
the amount, characteristics and sensitivity of the data
potential damage as a result of unauthorized use or sharing of data
requirements that follow from law, even if it involves a longer period than the purpose indicates.

This means, for example, that personal data we process on the basis of your consent is deleted when the consent is withdrawn. If the basis for processing is our legitimate interest, the data will be deleted when such legitimate interest no longer exists. Information stored in accordance with statutory obligations is deleted when the obligation ceases.

We strive to ensure that the personal data we have stored about you is correct and up-to-date. If you discover that the information we have stored about you is incorrect, we encourage you to contact us. This also applies if you want the stored data to be deleted.

12. What are your rights?

The privacy legislation gives you a number of rights, including the right to access, rectify and erase the personal data we have stored about you.

Regarding the right to erasure, there is an exception for information which is necessary in order to be able to deliver a service that you would like to use, or it is required by law to store the information for a specific period.

You also have the right to data portability. This means that, among other things, you have the opportunity to extract your personal data in a machine-readable format.

Furthermore, you have the right to object to the processing of personal data and the right to object to personal profiling and automated decisions. This means that you can demand that your personal data is not analyzed to reveal your behavior, preferences, abilities or needs. However, this does not apply if the processing is necessary to fulfill an agreement you have entered into with us or if you have previously expressly consented to the processing.

You also have the right to receive a copy of the personal data we have registered about you, as long as an obligation of confidentiality does not prevent this. In order to ensure that personal data is handed over to the right person, we may require that access requests are submitted in written form and that identity is verified.

If you believe IXT does not comply with this privacy policy or the applicable legislation, you can send us a complaint. You can also complain to the Norwegian Data Protection Authority ("Datatilsynet").

You can read more about your rights on the Norwegian Data Protection Authority's website: www.datatilsynet.no.

13. How do we use cookies?

We use cookies and similar technologies to provide you with a better experience on our website. A cookie is a small text file that is stored on your device when you visit our website. Cookies help us remember your preferences, understand how you use our website, and improve our services.

Because we respect your right to privacy, you can choose disable some types of cookies. Click on the different category headings to find out more and change your default settings. Disabling some types of cookies may negatively impact your experience on the website and limit the services we are able to provide.

Depending your default settings and your choices, the following information will be collected:

Necessary

These cookies are necessary for the website to function and cannot be switched off in our systems. They enable basic features like page navigation, secure login, and access to protected areas of the website. The website cannot function properly without these cookies.

Analytics

We use analytics cookies to understand how visitors interact with our website. These cookies help us gather information about the number of visitors, which pages are most popular, and how people navigate through our site. All information collected is anonymous and aggregated. This data helps us improve our website's performance and your experience. You can choose to disable these cookies, but this will limit our ability to understand how we can improve our site.

Functionality

Functionality cookies allow our website to remember choices you've made in the past, like your preferred language, username or region. These cookies enhance your experience by personalizing the site and remembering your preferences. Disabling these cookies may make certain features unavailable.

Advertisement

Advertising cookies are used to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and help measure the effectiveness of advertising campaigns. These cookies remember that you have visited our website and this information may be shared with other organizations, such as advertisers. You can choose whether to allow these cookies.

14. How do we notify you if changes are made to this privacy policy?

Our services are in continuous development. We may therefore need to update our privacy policy. If the privacy policy is subject to updating, the updated privacy policy will be made available on our website www.ixt.no/legal.

15. How to get in touch with us

If you have questions regarding how we process your personal data or wish to exercise your rights, you can contact us at support@ixt.no.