On this page you’ll find information about how Ditio processes personal data about customers, users and visitors to our websites, services and applications.

The Personal Data Act regulates how personal data is processed. The purpose of the Act is to ensure the protection of users' basic rights, in particular the right to protection of personal data. Ditio processes all personal data in accordance with the law and with our internal privacy guidelines. In this privacy policy, we describe how privacy is safeguarded on websites, services and applications where reference is made to this privacy policy.

Ditio provides services to customers and their users, provides information via our website and accepts inquiries on our support line. In order to provide access to these services, we process personal data such as name, telephone number, e-mail address and user behaviour.

In cases where our applications are used in a work context, we also process work-related information such as geolocation and building card ID. When using Ditio Transport, we process information that includes the vehicle’s geolocation.

Ditio Core collects location data to enable just-in-time reminders when you arrive at or leave your workplace, even when the app is closed or not in use. You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. However, if you choose to opt out, you may not be able to use the just-in-time reminders.

In most cases, the information is collected from the customer, and where the customer is responsible for processing. Where the customer uses our services and their users register personal data in the system, the customer is the data controller (the person who determines the purpose of the processing) and Ditio is the data processor (the person who processes information on behalf of the data controller). In this context, the customer is responsible for inquiries concerning the user’s privacy.

The relationship between Ditio and the customer is regulated in a separate data processing agreement which ensures that both parties comply with principles for the processing of personal data, in accordance with Article 5 of the Personal Data Act.

Ditio's purpose for processing is to improve and develop the technical service. The basis for processing is therefore to safeguard Ditio's legitimate interests, as mentioned in the Personal Data Act article 6 no. 1 letter f). The processing is also necessary to fulfill conditions in the agreement with Ditio's customers, including support relating to implementation, quality and operational stability for the customer and users.

Ditio can make important or material changes to the privacy policy. The latest version will be available on this page.

How long the personal data is stored depends on the purpose for which it was collected. Personal data is stored for as long as it is necessary to fulfil the purpose of the processing, as long as it is necessary to fulfil legal obligations, or as long as it is necessary to enforce or defend legal claims. In the assessment of storage time, we emphasise the scope, purpose, sensitivity and degree of risk of the information.

As a user of our services, you have the right to demand access to the personal data we process about you. You have the right to demand correction of personal data if the data is out of date or incorrect. You also have other rights such as demanding that the information be deleted, the right to object to the processing or to demand a limitation of the processing.

In cases where Ditio is a data processor, requests concerning your rights must be directed to the data controller. In such cases, we assist the data controller upon request from the data controller. You have the right to complain to a supervisory authority. In Norway, this is the Norwegian Data Protection Authority. Contact information and tutors can be found at datatilsynet.no .

We use cookies to customise our website and related services, and to ensure that various services on our website work. Cookies compile anonymous aggregated statistics so that we can improve and further develop the information offered on our websites. Anonymous information cannot be traced back to the individual user. The fact that the statistics are aggregated means that all data is combined into a group and is not processed individually. The statistics say something about how many people visit the site, how long the visit lasts and which browsers are used. We use Google Analytics in this context. Information from this tool is not disclosed by Ditio to other players.

Ditio does not transfer personal data to third countries, unless the transfer satisfies requirements in the Personal Data Act that apply to contracts on standard privacy provisions adopted by the European Commission. Such a contract regulates the transfer and obligates all parties to process the information in accordance with the requirements described in the Personal Data Act.