The controller of your data is Newcycle AS (928976173, Maridalsveien 15E, 0178 Oslo). If you have any questions or concerns regarding our processing of personal data, please contact our data controller at the following email address: firstname.lastname@example.org.
Personal data is information that can identify an individual, either alone or in combination with other information. This can be a name, address, email address, IP address, telephone number or any other information that can be linked to a specific person.
Depending on how you use our services, we will collect different types of personal data about you. We are committed to ensuring that we do not collect more information than we need to provide the best possible service.
We may collect the following information:
We are allowed to process your personal data for the following reasons:
We use your data for the following purposes:
Once you have confirmed that you wish to retrieve purchases automatically, we start the process of collecting purchase data on your behalf. Your identity is verified either by using your phone number or by logging in via your member account with the retailer in question.
Purchase data is then retrieved from the relevant retailers. Once the purchase data is received, it is stored in your Newcycle user account and digital twins are created where possible.
From now on, Newcycle will be responsible for the collected data and will be the data controller. The retailer in question will remain the controller of the original data.
We take the security of your personal information seriously and have implemented appropriate technical and organisational measures to protect it from unauthorised access, alteration, or deletion.
We never share personal data with third parties unless it is necessary to perform a service you have ordered. We will never share more information than is deemed necessary to perform the service.
When you transfer a digital twin to another user, any proof of purchase will also be transferred. The proof of purchase may have been obtained automatically from a retailer or by taking a photo of the proof of purchase yourself. Any personal data on the proof of purchase, or in the photo itself, will be available to the new owner.
We do not sell your data and we do not make it available in any way to third parties that do not directly contribute to providing or improving the service to you, unless required by Norwegian law.
We may share your personal data with third parties who process the data on our behalf, such as IT service providers. To ensure the proper and secure processing of your personal data, we will enter into written agreements with such third parties, called a data processing agreement.
We would like to inform you that some of your personal data may be stored outside the EEA, specifically in the United States. This is only in cases where it is necessary to provide you with our services. However, we want to assure you that we only work with service providers that have approved data protection standards and comply with applicable data protection laws and regulations. In addition, we will only store your personal data in the United States if we have a signed data processing agreement that ensures that your personal data is processed in accordance with applicable data protection laws and regulations.
If you are inactive and do not use our service for a period of 5 years, all your data, including all receipts you have stored in Newcycle, will be deleted. We will notify you well before this happens so that you have the opportunity to recover your data.
In order to comply with the requirements of the Accounting or Bookkeeping Act, it may be necessary to store some of your personal data for longer. In such cases, we will store the necessary data for as long as required by law. This may include information about purchases, payments and invoices. We will restrict access to your personal data when it is no longer necessary to keep it for this purpose.
According to the Personal Data Processing Act (Personal Data Act) - Section 2 Information and access to personal data, you have the right to request information and access to the personal data we have stored about you. You also have the right to request that the data be corrected, deleted or supplemented. We will respond to your request as soon as possible and at the latest within 30 days of receiving it. If we are unable to comply with your request within this period, we will give you a reason for this and indicate when we expect to be able to respond to your request.
To correct, delete or supplement your data, you can contact our data controller at the following email address: email@example.com.
If you have any questions or concerns about our processing of personal data, please contact our data controller at the following email address: firstname.lastname@example.org.
If you feel that our processing of personal data is not in accordance with what we have described here or that we are otherwise in breach of data protection legislation, you can complain to the Data Protection Authority.
You can find information about your rights and how to contact the Danish Data Protection Agency on the Agency's website: www.datatilsynet.no.