Privacy Policy and Cookies

Version 2.4, 1 August 2021

Changes since version 2.2:
– Removed Rocket.chat
– Added Slack

Version 2.3, 19 May 2021

Changes since version 2.2:
– Removed Tapfiliate and Crisp
– Removed help.servebolt.com

Version 2.2, 28 March 2019

Changes since version 2.1:
– updated cookie section according to the new servebolt.com website
– updated help.servebolt.com to service.servebolt.com
– added uptime.servebolt.com
– replaced Crisp chat widget cookie with Intercom

This Privacy Policy describes how Servebolt collects and uses personal information.

The CEO of Servebolt is responsible for processing the company’s use of personal information. A specific notice is made if the daily responsibilities are delegated in the organization. Delegation applies to the tasks, not the responsibility.

This Privacy Policy contains the information you are entitled to when we collect information on our websites (Norwegian “personopplysningsloven § 19”) and general information about how we treat personal information (Norwegian (personopplysningsloven § 19).

Servebolt is committed to privacy and secure treatment of personal information and continuously implements best practices to deal with and secure personal information. As part of this, Servebolt uses strong encryption when transferring information and does a half-yearly internal review of the company’s use of personal information.

Our websites include:

Servebolt’s CEO has the daily responsibility for the treatment and use of personal information on Servebolt’s websites and admin.servebolt.com.

It is voluntary for the visitors of our websites to submit personal information in relation to our services. Examples of situations where personal information can be submitted: newsletters, creating accounts, contact forms, chat, or other forms. The basis of the treatment of data is acceptance from the individual unless something else is specified.

Information that is collected during the delivery of the hosting service is stored on our own servers and infrastructure. Only Servebolt has access to the collected information.

Disclosure of Personal Information

Servebolt does not disclose or share your personal information with other parties than described in this policy document unless we are required to do so by law or as a result of legal orders.

Purpose of Processing

The purpose of processing personal information is to provide the services that the individual requests and to provide and develop a steadily improved user experience.

Legal Basis for Processing of Personal Information

Our legal basis for the collection and processing of personal information described in this document depends on the specific personal information in question and the context they are collected in.

We will normally only collect personal information (1) where we need the personal information to get in touch with you; (2) where processing is within our legitimate interests and does not conflict with your personal rights; or (3) where you have given us permission to use them. We have legitimate interests in the operations and delivery of our services and to communicate with you in order to continue to deliver the service to you. For example, when we respond to service requests, improve our platform, market, investigate anomalies in operations, or prevent illegal activities.

Under given conditions, we may have a legal obligation to collect personal information about you or may require your personal information to protect your interest or the interest of other individuals.

If we ask you for personal information to conform to a legal order or to make a contract with you, we will explicitly make it clear to you when it happens and inform you whether the use of your personal information is required or not (in addition to giving information about consequences of non-disclosure of information).

What Personal Information is Processed?

The personal information collected and that we process is the information you choose to submit when you subscribe to newsletters, submit forms or contact us on chat. This includes information about your name, e-mail address, phone number, company name, and other information that you may submit in the forms or through our service points.

In addition, Servebolt uses Cookies that collect information like, for example, your IP address through your browser. See the section about Cookies for more specific information and how to limit our use of Cookies.

Encryption

All Servebolt websites use strong encryption techniques (SSL). Our CDN (Content Delivery Network) provider decrypts and re-encrypts all information on their CDN nodes. We have a separate DPA (Data Processing Addendum) between Servebolt AS and Cloudflare Inc that controls what information Cloudflare has access to and how it is processed.

Copyright and Content

The content on our websites is copyrighted for Servebolt AS and connected companies or the company’s license.

“Do not track” Settings

We respect “Do not track”-settings from web browsers on our websites.

Access, Correction, and Deletion of Personal Data

To get access, correction, or deletion of personal data, you must send an inquiry to [email protected]. To secure your privacy and security, we will do the necessary confirmations to verify your identity before giving access to, correcting, or deleting data we may have stored about you.

Use of Cookies

Cookies are small text files that are stored on your computer (in your browser) when you load a web page.

Storage of information and processing of this information is not allowed unless you have been informed and accepted such use. You will get notifications and will be required to accept what data that will be stored or processed, the purpose of this, and who will be processing the data (Norwegian ekomloven § 2-7b).

The following cookies are in use on our websites

The Content Management System Drupal is used for customers’ control panel on admin.servebolt.com and sets cookies when signing in (session cookie) and adapts the user interface.

has_js
Expires: When you close the browser
Type: CMS
Sett by: Drupal
Purpose: The cookie is set to identify whether your browser allows javascript to run and if your browser supports Javascript.

SSESSxxxxxxxxxxxxxxxxxxxxxxx
Expires: When you close the browser
Type: CMS
Set by: Drupal
Purpose: The cookie is a session cookie and is set upon login to the customer area on admin.servebolt.com. It is not possible to sign in to the services without this cookie.

_pk_ses.<appID>.<domainHash>

Module: Analytics
Expires after: 30 minutes (can be changed)
Extends: Automatically
Type: First-party cookie

About: Shows an active session of the visitor. If the cookie isn’t present, the session finished over 30 minutes ago, and it was counted in a pk_id cookie.

gdprcookienotice
Expires: One month
Type: CMS
Set by: WordPress
Purpose: The cookie is a cookie that remembers your settings for your GDPR cookie choices. If you do not accept our other cookies, this cookie prevents other cookies from being set.

wordpress_logged_in
Expires: When you close the browser
Type: CMS
Set by: WordPress
Purpose: The cookie is set to uniquely identify you when signing in.

wordpress_sec
Expires: When you close the browser
Type: CMS
Set by: WordPress
Purpose: The cookie is set to uniquely identify you when signed in.

wordpress_test_cookie
Expires: When you close the browser
Type: CMS
Set by: WordPress
Purpose: The cookie is set on the login-page of WordPress to check if it will be possible to set the session cookies required to log in (wordpress_sec og wordpress_logged_in).

wp-settings-XXXXXX
Expires: 1 year
Type: CMS
Set by: WordPress
Purpose: Used to identify you as user and store settings when you are logged in to our WordPress websites.

pll_language
Expires: 1 year
Type: CMS
Set by: WordPress plugin Polylang
Purpose: The cookie is set to store information about what language that should be used for the user interface when logged in.

wpcmt-star-XXXXX
Expires: 1 year
Type: Third party
Sett by: WP Comment plugin
Purpose: The cookie contains information when you have used the star function in the comment fields of articles.

intercom-id-SESSIONID
Expires: 9 months
Type: Third Party
Set by: Intercom Chat Widget
Purpose: The cookie stores session information for Intercom Chat and is used to uniquely identify the visitor in relation to the chat service on the websites.

_GPSLSC
Expires: Never or when it is unset
Type: Performance
Set by: Mod_PageSpeed
Purpose: This cookie stores data locally to know what elements exist in the local cache. This prevents the double loading of elements on a web page and improves the overall performance.
More information: https://www.modpagespeed.com/doc/filter-local-storage-cache

__cfduid
Expires: 1 year
Type: Third Party
Set by: Cloudflare
Purpose: ‘__cfduid’ is set by Cloudflare to identify secure web traffic independent of IP address. It does not correspond to any user ID in the web application and does not store any personal identifiable information.
More information: https://support.cloudflare.com/hc/en-us/articles/200170156-What-does-the-CloudFlare-cfduid-cookie-do-

_ga
Expires: 2 years
Type: Third Party
Set by: Google Analytics
Purpose: ‘_ga’ contains a unique ID that is set by Google Analytics to uniquely identify website visitors, independent of User IDs or personal information in the websites visited.

_gid
Expires: 24 hours
Type: Third Party
Set by: Google Analytics
Purpose: ‘_ga’ contains a unique ID that is set by Google Analytics to uniquely identify website visitors, independent of User IDs or personal information in the websites visited.

Servebolt’s Systems for Data Processing

Although not required by law, Servebolt seeks to be transparent about the services used to store and process personal information. Servebolt may be using the following systems to store and process data:

WordPress
Many of Servebolt’s public websites are based on WordPress. Forms used on these websites often ask for personal information like name, e-mail, company information, and phone numbers and record what IP they were submitted from. All forms used on Servebolt websites store information in WordPress or other Servebolt-hosted infrastructure. Servebolt deletes content regularly when the purpose for collecting the information is fulfilled or expired.

Drupal
Servebolt uses Drupal on the customer area on admin.servebolt.com. To make an account, information about Name, E-mail, and Phone Number is collected. When subscribing to services, additional information about the company, address, and e-mails are collected for billing purposes or contact of service and technical nature.

Logging of information in Servebolt’s systems
All IP addresses are being logged when visiting websites hosted by Servebolt (including our own). Our operations, service, and support staff have access to logs for one week. After that, logs remain in our backup systems for 6 months, to which operations staff has access. These logs, including the visitor IPs, are essential information to prevent attacks and provide a secure service on our and our customers’ web pages.

G Suite
We use G-Suite(Gmail, Calendar, Documents, Sheets, Hangouts) for communication, storage of documents, files, and agreements. This includes contracts and agreements, offers, work documents, e-mail, name, phone, and other contact information.
Servebolt has a separate DPA with Google Inc, USA

Cloudflare
Servebolt uses Cloudflare’s CDN for its own websites. Cloudflare is a proxy-based CDN that decrypts and re-encrypts information. Cloudflare is also used for security and to block unwanted access to our services.
Servebolt has a separate DPA with Cloudflare Inc, USA

Hubspot
Servebolt uses Hubspot for CRM, sales, and marketing information. Information about names, e-mail addresses, company relations, contracts, and timing of events is stored in this system.
Servebolt has a separate DPA with Hubspot Inc, USA

Google Ads
Servebolt uses Google Ads for search engine marketing. To target and prepare our marketing through Google Ads, the following information about user actions is sent to Google Ads

  • Started registration on https://admin.servebolt.com
  • Completed registration on https://admin.servebolt.com
  • Upgraded to paid plans on https://admin.servebolt.com

Google Analytics
Servebolt uses Google Analytics for web statistics from our public websites. Google Analytics collects information about visitors and aggregates user statistics on our web pages, using javascript. Google Analytics is configured not to collect personal information, hereunder running with anonymized IP addresses.
Servebolt has a separate DPA with Google Analytics.

Slack
Servebolt uses Slack for internal communication. Slack is an instant messaging program that stores logs of all information that is exchanged. This may include personal information, is searchable, and is available for Servebolt employees.
The service is encrypted and self-hosted by Servebolt.

Jira
Servebolt uses Atlassian Jira for project and task management. The service stores the information that is contributed and may contain personal information in connection with reported errors and user stories.
The service is encrypted and self-hosted by Servebolt.

Tripletex
Servebolt uses Tripletex.no for accounting, hour registration, and payroll. The system stores personal information about the employees and customer and company information that are used for billing and reporting.
Servebolt has a separate DPA with Visma/Tripletex AS, Norge

Stripe
Servebolt uses Stripe for payments. Stripe stores personal information like name, email, phone number, and company information, along with credit card details and other payment details.
Servebolt has a separate DPA with Stripe Inc, USA

Lastpass
Servebolt uses LastPass for storage of usernames and passwords for external services. Lastpass makes it possible to securely store user names and ensure long and unique passwords, and makes it possible to share logins across the organisation securely.
Servebolt haa a separate DPA with Lastpass / LogMeIn Inc.

Pandadoc
Servebolt uses Pandadoc.com for contracts and agreements. Pandadoc stores personal information, company information, and contract information.
Servebolt has a separate DPA with Pandadoc

WPESignature
Servebolt uses WPESignature for contracts and agreements on sign.servebolt.com. WPESignature stores personal information like names, signatures, e-mail addresses, phone numbers, company information and address information and contract details.
The service is encrypted and self-hosted by Servebolt.

Rights

Everyone who requests it has the right to basic information about the processing of personal information in Servebolt according to Norwegian personopplysningslovens § 18, 1. section. Servebolt has provided this information in this policy and will use this document as a basis for any requests. Those who register on any of Servebolt’s services and submit personal information have the right to know what we store and process. The individual also has the right to request that incorrect or missing information will be updated or deleted. Any such requests will be answered free of charge within 30 business days.

Contact Information

[email protected]
Phone +47 488 433 00
Mailing address: Postboks 2 Råel, 3113 Tønsberg, Norway