We're hiring!

Privacy Policy and Cookies

Version 2.1, 16 May 2018

This Privacy Policy describes how Servebolt collects and uses personal information.

The CEO of Servebolt is responsible for processing of the company’s use of personal information. A specific notice is made if the daily responsibilities are delegated in the organisation. Delegation applies to the tasks, not the responsibility.

This Privacy Policy contains the information you are entitled to when we collect information on our websites (Norwegian “personopplysningsloven § 19”) and general information about how we treat personal information (Norwegian (personopplysningsloven § 19).

Servebolt is committed to privacy and secure treatment of personal information and continuously implements best practices to deal with and secure personal information. As part of this Servebolt uses strong encryption when transferring information and does a half-yearly internal review of the companies use of personal information.

Treatment of personal information on our websites

Our web sites include:

Servebolt’s CEO has the daily responsibility for treatment and use of personal information on Servebolt websites and admin.servebolt.com.

It is voluntary for the visitors of our websites to submit personal information in relation to our services. Examples of situations where personal information can be submitted: news letters, create accounts, contact forms, chat or other forms. The basis of treatment of data is acceptance from the individual, unless something else is specified.

Information that is collected during delivery of hosting service is stored on our own servers and infrastructure. Only Servebolt has access to the collected information.

Disclosure of Personal Information

Servebolt does not disclose or share your personal information with other parties than described in this policy document, unless we are required to do so by law or as a result of legal orders.

Purpose of processing

The purpose of processing personal information is to provide the services that the individual requests, and to provide and develop a steadily improved user experience.

Legal basis for processing of personal information

Our legal basis for collection and processing of personal information described in this document, depends on the specific personal information in question, and the context they are collected in.

We will normally only collect personal information (1) where we need the personal information to get in touch with you; (2) where processing is within our legitimate intests, and does not conflict your personal rights; or (3) where you have given us permission to use them. We have legitimate interests in operations and delivery of our services, and to communicate with you in order to continue to deliver the service to you. For example, when we respond to service requests, improve our platform, market or to investigate anomalies in operations or to prevent illegal activites.

Under given conditions we may have a legal obligation to collect personal information about you, or may require your personal information to protect your interest, or the interest of other individuals.

If we ask you for personal information to conform to a legal order, or to make a contract with you, we will explicitly make it clear for you when it happens and inform you whether the use of your personal information is required, or not (in addition to giving information about consequences of non-disclosure of information).

What personal information is processed?

The personal information collected and that we process is the information you choose to submit when you subscribe to newsletters, submit forms or contact us on chat. This includes information about your name, e-mail address, phone number, company name, and other information that you may submit in the forms or through our service points.

In addition Servebolt uses Cookies that collects information like for example your IP address through your browser. See the section about Cookies for more specific information, and how to limit our use of Cookies.

Encryption

All Servebolt websites use strong encryption techniques (SSL). Our CDN (Content Delivery Network) provider decrypts and re-encrypts all information on their CDN nodes. We have a separate DPA (Data Processing Addendum) between Servebolt AS and Cloudflare Inc that controls what information Cloudflare has access to and how it is processed.

Copyright and content

The content on our websites are copy righted for Servebolt AS and connected companies, or the company’s licencee.

“Do not track” settings

We respect “Do not track”-settings from web browsers on our web sites.

Access, correction and deletion of personal data

To get access, correction or deletion of personal data you must send an inquiry to [email protected] To secure your privacy and security, we will do the necessary confirmations to verify your identity before giving access to, correcting or deleting data we may have stored about you.

Use of Cookies

Cookies are small text files that are stored on your computer (in your browser) when you load a web page.

Storage of information and processing of this information is not allowed unless you have been informed and accepted such use. You will get notifications and will be required to accept what data that will be stored or processed, the purpose of this and who will be processing the data (Norwegian ekomloven § 2-7b).

The following cookies are in use on our websites

The Content Management System Drupal is used for customers’ control panel on admin.servebolt.com and sets cookies when signing in (session cookie) and to adapt the user interface.

has_js
Expires: When you close the browser
Type: CMS
Sett by: Drupal
Purpose: The cookie is set to identify whether your browser allows javascript to run and if your browser supports Javascript.

SSESSxxxxxxxxxxxxxxxxxxxxxxx
Expires: When you close the browser
Type: CMS
Set by: Drupal
Purpose: The cookie is a session cookie and is set upon login to the customer area on admin.servebolt.com. It is not possible to sign in to the services without this cookie.

wordpress_logged_in
Expires: When you close the browser
Type: CMS
Set by: WordPress
Purpose: The cookie is set to uniquely identify you when signing in.

wordpress_sec
Expires: When you close the browser
Type: CMS
Settes av: WordPress
Formål:The cookie is set to uniquely identify you when signed in.

wordpress_test_cookie
Expires: When you close the browser
Type: CMS
Set by: WordPress
Purpose: The cookie is set on the login-page of WordPress to check if it will be possible to set the session cookies required to log in (wordpress_sec og wordpress_logged_in).

wp-settings-XXXXXX
Expires: 1 year
Type: CMS
Set by: WordPress
Purpose: Used to identify you as user and store settings when you are logged in to our WordPress websites.

pll_language
Expires: 1 year
Type: CMS
Set by: WordPress plugin Polylang
Purpose: The cookie is set to store information about what language that should be used for the user interface when logged in.

wpcmt-star-XXXXX
Expires: 1 year
Type: Third party
Sett by: WP Comment plugin
Purpose: The cookie contains information when you have used the star function in the comment fields of articles.

crisp-clientSESSIONID
Expires: 6 months
Type: Third Party
Set by: Crisp Chat
Purpose: The cookie stores session information for Crisp Chat and is used to uniquely identify the visitor in relation to the chat service on the websites.

tap_vid
Expires: Never
Type: Third Party
Set by: Tapfiliate (b.frstre.com, beacon.tapfiliate.com)
Purpose: The cookie contains a unique ID that makes it possible to trace the source of a sale on the websites. The cookie is set when a visitor comes from affiliated pages or social channels. The information is used when users subscribe to plans on Servebolt.

_GPSLSC
Expires: Never or when it is unset
Type: Performance
Set by: Mod_PageSpeed
Purpose: This cookie stores data locally to know what elements exist in the local cache. This prevents double loading of elements on a web page and improves the overall performance.
More information: https://www.modpagespeed.com/doc/filter-local-storage-cache

__cfduid
Expires: 1 year
Type: Third Party
Set by: Cloudflare
Purpose: ‘__cfduid’ is set by Cloudflare to identify secure web traffic, independent of IP address. It does not correspond to any user ID in the web application, and does not store any personal identifyable information.
More information: https://support.cloudflare.com/hc/en-us/articles/200170156-What-does-the-CloudFlare-cfduid-cookie-do-

_ga
Expires: 2 years
Type: Third Party
Set by: Google Analytics
Purpose: ‘_ga’ contains a unique ID that is set by Google Analytics to uniquely identify website visitors, independent of User IDs or personal information in the websites visited.

_gid
Expires: 24 hours
Type: Third Party
Set by: Google Analytics
Purpose: ‘_ga’ contains a unique ID that is set by Google Analytics to uniquely identify website visitors, independent of User IDs or personal information in the websites visited.

Servebolt’s Systems for Data Processing

Although not required by law Servebolt seeks to be transparent about the services used to store and process personal information. Servebolt may be using the following systems to store and process data:

WordPress
Many of Servebolt’s public websites are based on WordPress. Forms used on these websites often ask for personal information like name, e-mail, company information and phone numbers and record what IP they were submitted from. All forms in use on Servebolt websites store information in WordPress or other Servebolt hosted infrastructure. Servebolt deletes content regularly when the purpose for collecting the information is fulfilled or expired.

Drupal
Servebolt uses Drupal on the customer area on admin.servebolt.com. To make an account, information about Name, E-mail and Phone Number is collected. When subscribing to services, additional information about company, address and e-mails are collected for billing purposes or contact of service and technical nature.

Logging of information in Servebolt’s systems
All IP addresses are being logged when visiting websites hosted by Servebolt (including our own). Our operations, service and support staff have access to logs for one week. After that, logs remain in our backup systems for 6 months, where operations staff has access. These logs, including the visitor IPs are essential information to prevent attacks and provide a secure service on our, and our customers web pages.

G Suite
We use G-Suite(Gmail, Calendar, Documents, Sheets, Hangouts) for communication, storage of documents, files, agreements. This includes contracts and agreements, offers, work documents, e-mail, name, phone and other contact information.
Servebolt has a separate DPA with Google Inc, USA

Cloudflare
Servebolt uses Cloudflare’s CDN for their own web sites. Cloudflare is a proxy based CDN that decrypts and re-encrypts information. Cloudflare is also used for security and to block unwanted access to our services.
Servebolt has a separate DPA with Cloudflare Inc, USA

Hubspot
Servebolt uses Hubspot for CRM, sales and marketing information. Information about name, e-mail addresses, company relations, contracts, and timing of events is stored in this system.
Servebolt has a separate DPA with Hubspot Inc, USA

Tapfiliate
Tapfiliate is an affiliate marketing platform. Tapfiliate sets cookies to trace the origin of sales. It stores e-mail addresses, names and company information about those who sign up on servebolt.tapfiliate.com.
Servebolt has a separate DPA with Tapfiliate B.V., Netherlands

Crisp
Servebolt uses Crisp Chat to communicate with our website visitors and customers through our web pages. Crisp Chat sets cookies, and stores information about Name, E-mail, Phone number (if supplied), last visited pages in addition to guessing location information and social information.
Servebolt has a separate DPA with Crisp SARL, France.

Google AdWords
Servebolt uses Google AdWords for search engine marketing. To target and prepare our marketing through Google Adwords, the following information about user actions is sent to Google Adwords:

  • Started registration on https://admin.servebolt.com
  • Completed registration on https://admin.servebolt.com
  • Upgraded to payed plans on https://admin.servebolt.com

Google Analytics
Servebolt uses Google Analytics for web statistics from our public websites. Google Analytics collects information about visitors and aggregates user statistics on our web pages, using javascript. Google Analytics is configured to not collect personal information, hereunder running with anonymised IP addresses.
Servebolt has a separate DPA with Google Analytics.

Rocket.chat
Servebolt uses Rocket.chat for internal communication. Rocket.chat is a chat system that stores logs of all information that is exchanged. This may include personal information, is searchable and available for Servebolt employees.
The service is encrypted and self-hosted by Servebolt.

Jira
Servebolt uses Atlassian Jira for project and task management. The service stores the information that is contributed and may contain personal information in connection with reported errors and user stories.
The service is encrypted and self-hosted by Servebolt.

Tripletex
Servebolt uses Tripletex.no for accounting, hour registration and payroll. The system stores personal information about the employees, and customer and company information that are used for billing and reporting.
Servebolt has a separate DPA with Visma/Tripletex AS, Norge

Stripe
Servebolt uses Stripe for payments. Stripe stores personal information like name, email phone number and company information along with credit card details and other payment details.
Servebolt has a separate DPA with Stripe Inc, USA

Lastpass
Servebolt uses LastPass for storage of usernames and passwords for external services. Lastpass makes it possible to securely store user names and ensure long and unique passwords, and makes it possible to share logins across the organisation securely.
Servebolt haa a separate DPA with Lastpass / LogMeIn Inc.

Pandadoc
Servebolt uses Pandadoc.com for contracts and agreements. Pandadoc stores personal information, company information and contract information.
Servebolt has a separate DPA with Pandadoc

WPESignature
Servebolt uses WPESignature for contracts and agreements on sign.servebolt.com. WPESignature stores personal information like names, signatures, e-mail addresses, phone numbers, company information and address information and contract details.
The service is encrypted and self-hosted by Servebolt.

Rights

Everyone who requests it has the right to basic information about processing of personal information in servebolt according to Norwegian personopplysningslovens § 18, 1. section. Servebolt has provided this information in this policy, and will use this document as basis for any requests. Those who register on any of Servebolt’s services and submit personal information have the right to know what we store and process. The individual also has the right to request that incorrect or missing information will be updated or deleted. Any such requests will be answered free of charge within 30 business days.

Contact information

[email protected]
Phone +47 488 433 00
Mailing address: Postboks 2 Råel, 3113 Tønsberg, Norway