Privacy policy
Privacy policy
This privacy policy explains how Bikeloop collects, uses, and protects your personal data in accordance with the Personal Data Act and GDPR.
Data Controller
Bikeloop AS, represented by the Managing Director, is responsible for the processing of personal data. The policy contains information you are entitled to regarding how we collect information from our website (Personal Data Act § 19) and general information on how we process personal data (Personal Data Act § 18, 1st paragraph).
Any questions about privacy can be directed to us via gdpr@bikeloop.no.
Which personal data we collect
We collect various types of personal data, including:
Contact information: Name, email address, and phone number provided through web forms or other communication.
Usage data: Anonymized data such as IP address, visit duration, and interactions, collected via Google Analytics.
Marketing data: Information collected via tools like Pipedrive and Leadfeeder to analyze and tailor marketing.
Cookies: See separate section on cookies
Service data: When using our app for secure bicycle parking, we collect names, mobile numbers, and payment information necessary to deliver the service. We also store parking history and transaction data to provide user support.
Purpose and legal basis for processing
Bikeloop collects personal data for the following purposes:
Communication: To respond to inquiries received via web forms or other channels. Legal basis: Consent or legitimate interest.
Statistics and analysis: To improve the website's functionality and user experience through anonymized data. Legal basis: Consent.
Marketing: For following up existing and potential customers via tools like Pipedrive and Leadfeeder. Legal basis: Consent or contract.
Service delivery: To provide secure bicycle parking as a service, including processing payments, storing parking history, and delivering user support. Legal basis: Contract.
How we store and secure data
We take data security seriously and store personal data only as long as necessary to fulfill the purposes. The measures we have implemented include:
Encryption of data during transmission and storage.
Secure access management that restricts who has access to the information.
Use of reliable data processors, including Wix, Google, and Pipedrive.
All data for the Bikeloop service is stored in Azure on servers in Norway.
All communication between users, the app, and the service is encrypted.
Service-based data is retained as long as the user has an active service. By using "delete account" under my user in the app, the data is anonymized immediately. All data is also anonymized in backup systems within 30 days after deletion.
Payment data is handled in accordance with accounting law requirements and stored for 5 years. Payment information is stored in payment partners' systems (Stripe or Vipps) and processed only for payment purposes.
Data processors and third-party providers
We use third-party providers to deliver our services in a secure and efficient manner. This includes:
Framer: Used for website hosting. Framer: Privacy statement
Google: Provides analytics tools. Google Privacy Policy
Pipedrive: Manages customer data. Pipedrive Privacy Policy
Stripe: Handles payments. Stripe Privacy Policy
Vipps: Handles payments. Vipps Privacy Policy
Data processed outside the EU/EEA is secured with standard contractual clauses (SCC).
Cookies
Bikeloop uses cookies on its website to:
Collect anonymized statistics about website usage to improve the user experience.
Deliver personalized content and marketing.
Consent for the use of cookies is obtained via a pop-up on the website where the user must actively click "OK" to accept. You can withdraw consent for cookies via your browser settings.
Your rights
As a user of Bikeloop, you have rights that ensure your control over how your personal data is processed. This includes the right to access, correct, and delete the data we have stored about you. Below is an overview of your rights:
Access: Request information about which data we have stored about you.
Correction: Request that incorrect information be corrected.
Deletion: Request deletion of data that is no longer necessary for the purpose for which it was collected.
Restriction: Request restricted processing of your information.
Data portability: Request to receive data you have provided to us in a digital format that can be used by other systems.
Complaint to the Data Protection Authority: If you believe that our processing of your personal data is in violation of the law, you can contact the Data Protection Authority via their complaint form or by phone at +47 22 39 69 00.
Retention periods for different types of data are:
Contact details and service data: As long as the user has an active account.
Payment data: 5 years in accordance with accounting legislation.
To exercise your rights, please contact us at hello@bikeloop.no or personvern@bikeloop.no.
Consent management
Website: The user accepts cookies by clicking "OK" in the consent banner at the bottom of the page.
App: The user must accept the specific user terms in the app to activate the service.
Newsletter: The user must give specific consent to receive newsletters and can withdraw this at any time.
Consent can be withdrawn by contacting us by email or through settings in the app or on the website.
Internal control and procedures
Bikeloop has implemented procedures to ensure that the processing of personal data is done in accordance with applicable regulations:
Regular reviews of privacy practices.
Training of staff on GDPR and data security.
Internal control to monitor the processing and storage of personal data.
Ensuring that all agreements with third-party vendors are up to date and in compliance with GDPR.
Annual audits of our privacy practices, documented as part of our internal control.
Deletion of user account and personal data
Payment information, such as card numbers, is stored with Stripe to enable payment processing. Phone numbers are stored with Auth0 to handle login and authentication.
Users can request to delete their account directly in the Bikeloop app at any time by going to Settings → My user → Delete account. This option is easily accessible in the app. Additionally, there is an external solution to request account deletion via our website.
When a user requests deletion of their account, the account is permanently deleted, and all associated personal data is removed from our systems. This includes data stored with third-party services like Stripe and Auth0, as far as possible.
The only exception is data related to historical parking sessions which we are required to retain for accounting and legal requirements. This data is anonymized in the deletion process by linking it to a newly created, anonymous user account that does not contain any personally identifiable information.
We clearly inform about our data retention practices and any exceptions in our privacy policy.
If you do not have the Bikeloop app installed but still wish to delete your account, you may contact us at the email address below, and we will assist you with the deletion process.
Contact information
For questions about how we handle your personal data, or to exercise your rights, please contact us through the following channels:
Email: gdpr@bikeloop.no
Mailing address: Bikeloop AS, Lysaker Torg 2, 1366 Oslo
This privacy policy explains how Bikeloop collects, uses, and protects your personal data in accordance with the Personal Data Act and GDPR.
Data Controller
Bikeloop AS, represented by the Managing Director, is responsible for the processing of personal data. The policy contains information you are entitled to regarding how we collect information from our website (Personal Data Act § 19) and general information on how we process personal data (Personal Data Act § 18, 1st paragraph).
Any questions about privacy can be directed to us via gdpr@bikeloop.no.
Which personal data we collect
We collect various types of personal data, including:
Contact information: Name, email address, and phone number provided through web forms or other communication.
Usage data: Anonymized data such as IP address, visit duration, and interactions, collected via Google Analytics.
Marketing data: Information collected via tools like Pipedrive and Leadfeeder to analyze and tailor marketing.
Cookies: See separate section on cookies
Service data: When using our app for secure bicycle parking, we collect names, mobile numbers, and payment information necessary to deliver the service. We also store parking history and transaction data to provide user support.
Purpose and legal basis for processing
Bikeloop collects personal data for the following purposes:
Communication: To respond to inquiries received via web forms or other channels. Legal basis: Consent or legitimate interest.
Statistics and analysis: To improve the website's functionality and user experience through anonymized data. Legal basis: Consent.
Marketing: For following up existing and potential customers via tools like Pipedrive and Leadfeeder. Legal basis: Consent or contract.
Service delivery: To provide secure bicycle parking as a service, including processing payments, storing parking history, and delivering user support. Legal basis: Contract.
How we store and secure data
We take data security seriously and store personal data only as long as necessary to fulfill the purposes. The measures we have implemented include:
Encryption of data during transmission and storage.
Secure access management that restricts who has access to the information.
Use of reliable data processors, including Wix, Google, and Pipedrive.
All data for the Bikeloop service is stored in Azure on servers in Norway.
All communication between users, the app, and the service is encrypted.
Service-based data is retained as long as the user has an active service. By using "delete account" under my user in the app, the data is anonymized immediately. All data is also anonymized in backup systems within 30 days after deletion.
Payment data is handled in accordance with accounting law requirements and stored for 5 years. Payment information is stored in payment partners' systems (Stripe or Vipps) and processed only for payment purposes.
Data processors and third-party providers
We use third-party providers to deliver our services in a secure and efficient manner. This includes:
Framer: Used for website hosting. Framer: Privacy statement
Google: Provides analytics tools. Google Privacy Policy
Pipedrive: Manages customer data. Pipedrive Privacy Policy
Stripe: Handles payments. Stripe Privacy Policy
Vipps: Handles payments. Vipps Privacy Policy
Data processed outside the EU/EEA is secured with standard contractual clauses (SCC).
Cookies
Bikeloop uses cookies on its website to:
Collect anonymized statistics about website usage to improve the user experience.
Deliver personalized content and marketing.
Consent for the use of cookies is obtained via a pop-up on the website where the user must actively click "OK" to accept. You can withdraw consent for cookies via your browser settings.
Your rights
As a user of Bikeloop, you have rights that ensure your control over how your personal data is processed. This includes the right to access, correct, and delete the data we have stored about you. Below is an overview of your rights:
Access: Request information about which data we have stored about you.
Correction: Request that incorrect information be corrected.
Deletion: Request deletion of data that is no longer necessary for the purpose for which it was collected.
Restriction: Request restricted processing of your information.
Data portability: Request to receive data you have provided to us in a digital format that can be used by other systems.
Complaint to the Data Protection Authority: If you believe that our processing of your personal data is in violation of the law, you can contact the Data Protection Authority via their complaint form or by phone at +47 22 39 69 00.
Retention periods for different types of data are:
Contact details and service data: As long as the user has an active account.
Payment data: 5 years in accordance with accounting legislation.
To exercise your rights, please contact us at hello@bikeloop.no or personvern@bikeloop.no.
Consent management
Website: The user accepts cookies by clicking "OK" in the consent banner at the bottom of the page.
App: The user must accept the specific user terms in the app to activate the service.
Newsletter: The user must give specific consent to receive newsletters and can withdraw this at any time.
Consent can be withdrawn by contacting us by email or through settings in the app or on the website.
Internal control and procedures
Bikeloop has implemented procedures to ensure that the processing of personal data is done in accordance with applicable regulations:
Regular reviews of privacy practices.
Training of staff on GDPR and data security.
Internal control to monitor the processing and storage of personal data.
Ensuring that all agreements with third-party vendors are up to date and in compliance with GDPR.
Annual audits of our privacy practices, documented as part of our internal control.
Deletion of user account and personal data
Payment information, such as card numbers, is stored with Stripe to enable payment processing. Phone numbers are stored with Auth0 to handle login and authentication.
Users can request to delete their account directly in the Bikeloop app at any time by going to Settings → My user → Delete account. This option is easily accessible in the app. Additionally, there is an external solution to request account deletion via our website.
When a user requests deletion of their account, the account is permanently deleted, and all associated personal data is removed from our systems. This includes data stored with third-party services like Stripe and Auth0, as far as possible.
The only exception is data related to historical parking sessions which we are required to retain for accounting and legal requirements. This data is anonymized in the deletion process by linking it to a newly created, anonymous user account that does not contain any personally identifiable information.
We clearly inform about our data retention practices and any exceptions in our privacy policy.
If you do not have the Bikeloop app installed but still wish to delete your account, you may contact us at the email address below, and we will assist you with the deletion process.
Contact information
For questions about how we handle your personal data, or to exercise your rights, please contact us through the following channels:
Email: gdpr@bikeloop.no
Mailing address: Bikeloop AS, Lysaker Torg 2, 1366 Oslo