Policy active as of 29. march 2016.
Protecting your privacy is a core part of the Apps mission. You trust us to take care of your data, and we strive to be worthy of that trust.
We pledge to:
By using Sonya, you agree to allow us to collect and process information as described below.
Apps is the data processor for your data, including any personal data you provide. In case your employer has ordered the Sonya services for you as an end-user (“business end-user”), your employer is the data controller. If you have any questions or complaints, you will need to contact your employer.
The purpose of processing your personal data is to digitalize different tasks in your workday. What that means in terms of what data we collect and process, how and where we process it, and for how long, is described below.
It is important that you read this, as you by taking Sonya into use, gives us (and your employer, in case you are a business end-user) your consent to process your personal data.
The legal basis for the processing of personal data is your consent and data protection law. In case you are a business end-user, part of the processing is required in order to fulfil the agreement we have with your employer (the data controller).
Your personal data is processed in accordance with the Norwegian implementation of the European Union (EU) Directive on the Processing of Personal Data from 1995 (DIRECTIVE 95/46/EC). This give you strong rights as a data subject. Hereunder you have the right to:
Norwegian law applies.
Any surrender of data is voluntary, but some basic information is needed to enable Sonya to operate.
The Sonya apps collect:
The Sonya website (sonya.com) uses Google Analytics for statistical data analysis. We may also use other third-party analytics and marketing services. The Sonya website employs cookies for this purpose.
The information we collect is used to provide, develop and improve services from Apps, including information necessary to improve our service and safety features. We or our partners may use your contact details to send you information, or to ask you to participate in surveys about your Sonya use.
We may also use this information in an aggregated, non-identified form for research purposes and to help us make decisions on the direction of sales, marketing, product development and business activities.
We may use service providers to perform some of these functions. Those service providers are restricted from sharing your information for any other purpose.
We use industry-standard methods to keep this information safe and secure while it is transmitted over your network connection and through the Internet to our servers. Depending on your location and type of data, Apps may process your personal information on servers that are not in your home country.
All information and all files uploaded to Sonya are encrypted upon uploading to our cloud-based service, currently operated by Amazon Web Services (AWS). Your bank account number is also encrypted before it is saved in our database.
The personal data we collect from you is transferred to our European data processing centre. Currently this data centre is operated by AWS, which is the world largest data centre operator for cloud services. AWS is world renowned for its industry leading security and performance. Read more at aws.amazon.com.
The AWS data centres we use are placed within the European Union (EU) and/or European Economic Area (EEA). Audio and video data is never transferred out of the EU or EEA. In order to provide you with the best possible service, selected and limited parts of the Sonya services, such as SMS verification, may be performed by suppliers located outside the EU or EEA. If so, the data export will take place in accordance to EU requirements, such as in accordance with the EU Model Contract (Commission Decision 2010/593 or similar).
Apps does not share personal information for any commercial or marketing purpose unrelated to the delivery of Apps products and services without asking you first.
The following are the limited situations where we may share personal information:
Apps generally stores your personal information on Apps’ servers for as long as you or your employer remain an Apps customer. To the extent there are legal requirements for duration of storage, such as for accounting purposes, we may store data for up to 10 years