Privacy Policy

Appfarm AS ("Appfarm," "we," "us," or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy describes how we collect and use your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
‍
This Privacy Policy applies to the processing of personal data collected through our website, platform, and other related services.

We act as both a data controller and a data processor. When you use the Appfarm Create tool and platform, we process personal data on behalf of our customers as a data processor. We do not control the data entered by your end-users; we only process it per your instructions. This is regulated through our Data Processor Agreement, which we sign with all our customers. We are, however, the data controller when processing personal data directly for purposes such as customer support, marketing, or account management.

We collect and process various types of personal data in our role as a data controller, including when you register for a user account for Appfarm Create (and associated products and services), visit our websites, use our services such as our community and support platforms, sign up for newsletters, request access to our trust center, undertake our exams, or contact us in other ways. The data we collect may include:

• Contact Information: Name, email address, phone number, and other contact details.
• Account Information: Username, password, and other credentials used to access our services.
• Usage Data: Information about how you use our website, platform, and services, including IP address, browser type, operating system, and browsing behavior.
  Customer Data: Information that our customers and their users put into our platform and services when using the applications for their intended purposes.
• Communication Data: Information you provide when you communicate with us, such as through email, chat, phone, or community posts.
• Marketing Data: Information related to marketing preferences and interactions.
• Recruitment Data: Information related to job applications.
• Other personal information you have chosen to provide us or your employer or principal for registration.

We process your personal data for the following purposes:

• Providing and maintaining our services: To deliver the services you request, administer your account, and provide customer support. (Legal basis: Contractual necessity)
• Improving our services: To analyze how our services are used, identify areas for improvement, and develop new features. (Legal basis: Legitimate interests)
• Communicating with you: To respond to your inquiries, provide updates about our services, and send you important notices. (Legal basis: Contractual necessity, Legitimate interests)
• Marketing and promotion: To send you promotional materials and other marketing communications, where you have consented to receive such communications. (Legal basis: Consent)
• Recruitment: To evaluate job applications and contact candidates. (Legal basis: Legitimate interests, Consent)
• Legal compliance: To comply with applicable laws and regulations, including GDPR. (Legal basis: Legal obligation)

In addition to the data mentioned, we may also collect personal data that customers and their users input into software solutions developed using Appfarm services. Depending on the type and characteristics of the software solutions developed by our customers, this data may include proprietary data types used for their own purposes or offered to others. This customer data is protected by strong encryption and governed by our strict policies and agreements. As your data processor, we then process this data solely on the customer's direction and only for purposes essential to delivering and maintaining our services.

We use the following third-party service providers, who may also process your personal data:

‍

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) that may not have data protection laws that provide the same level of protection as the GDPR. We ensure that such transfers comply with GDPR requirements, such as by entering into Standard Contractual Clauses with the recipients or relying on other appropriate safeguards.
‍
A list of our service providers as a Data Processor can be found at our Data Processor page.

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the duration of our business relationship and as required by applicable laws and regulations.

You have the following rights regarding your personal data:

• Right to access: You have the right to request access to the personal data we hold about you.
• Right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
• Right to erasure: You have the right to request that we delete your personal data under certain circumstances.
• Right to restriction of processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.
• Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
• Right to object: You have the right to object to the processing of your personal data under certain circumstances, including for direct marketing purposes.
• Right to withdraw consent: If we process your personal data based on your consent, you have the right to withdraw your consent at any time.

To exercise your rights, please contact our Privacy Coordinator at privacy@appfarm.io. We will respond to your request within the time limits specified by the GDPR.

We have implemented appropriate technical and organizational measures to protect your data against unauthorized access, use, or disclosure. These measures include encryption, access control, and security policies.

You can find more information about our security measures at Appfarm at our trust center and on our security and compliance page.

We use cookies and similar technologies to improve your experience on our websites and services. Cookies are used for essential purposes such as website functionality and user authentication, while others, like analytics or marketing cookies, require your consent. You can manage or withdraw your consent at any time via the cookie preference center available in the footer of every page.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, by other means.

If you have any concerns about our processing of your personal data, you have the right to lodge a complaint with the relevant data protection authority.