Skip to main content

Privacy policy

Jump to section

Effective Date: 11/10/2024

In this privacy policy we, Energi.ai AS (org. no. 927 611 074), describe our processing of your personal data. We are responsible for the use of your personal data as described in this privacy policy. That is, we act as the data controller. When we process your personal data on behalf of our customers to provide products and services to them, we act as a data processor. This privacy policy does not cover activities where we act as a processor.

If you have any questions regarding this privacy policy, you may contact us using:

dpo@energi.ai

1. How we use personal data

As explained above, we generally act as a data processor when we provide services to our customers. However, we also use the datasets from our services for our own purposes, namely, to improve and develop our technology. It is not our goal to collect personal data about you for these purposes. But some personal data will inevitably be part of the datasets we use for the improvement and development.The data subjects concerned will be persons mentioned in the documentation our customers provide to us. This will typically be contact persons, employees, and other representatives of our customers or of their customers. The categories of personal data typically include name, contact information, company affiliation and financial information mentioned in the documents, such as payments between companies where the data subject is one of the contact persons.Our legal basis for this use of the personal data is our legitimate interests in improving and developing our technology. We have assessed that the detriment to the data subjects is minimal due to the limited amount and sensitivity of the personal data we use, and that our legitimate interests outweigh these detriments.

When you contact us for customer service or other purposes, we process personal data to respond to your request. Typically, this involves data about the individual contacting us, such as contact persons, employees, and other representatives of our customers. The personal data will generally include name and contact information in addition to the correspondence about the request.Our legal basis for this use of the personal data is our legitimate interests in providing customer service and responding to other requests. We have assessed that the detriment to the data subjects is minimal due to the limited amount and sensitivity of the personal data we use, and that our legitimate interests outweigh these detriments.

You may subscribe to our newsletter via our website. To provide you with the newsletter, we process information about your email address and your interaction with the content in the newsletter. Our legal basis for using your personal data for this purpose is your consent.

2. Cookies

We use cookies on our website, see the table below. For cookies that are necessary for the functionality of the website, we rely on legitimate interests. For other cookies, you may choose whether to accept them or not.

NamePurposeOptional (Y/N)Storage periodRecipientconnect.sidauthenticationN24 hoursfirst party

3. Sharing of data

We share personal data with our trusted service providers based on the contract with us and our instructions to them regarding processing of personal data. Our third-party providers, their function and the processing locations are:

  • Google Inc. Third-party cloud hosting and backup solutions. Processing location: UK
  • Aiven Oy. Third-party cloud hosting and backup solutions. Processing location: UK
  • Zendesk, Inc. Provides services in relation to the processing of customer support data. Processing location: EEA
  • Stripe, Inc. Provides services in relation to the processing of payment data. Processing location: EEA
  • Visitor Analytics GmbH. Provides website analytics. Processing location: EEA

4. Data storage and security

We store personal data for as long as necessary to fulfill the purposes described above. We delete personal data when there is no longer a need to retain the data for the purposes they were collected for.We handle your personal data in a secure way and have established procedures and measures to promote information security. The security measures are of both technical, contractual, and organizational nature. We conduct regular assessments of the security in central systems that are used for the handling of personal data. We have also entered into agreements with our subcontractors that require them to ensure appropriate information security regarding the services they provide to us. We limit the access to personal data to personnel who have a need for access to carry out their tasks.

Data Retention periods:Customer account information: Retained for 5 years after account closureTransaction recrds: Retained for 5 years after account closureCustomer support communication: Retained for 2 year after account closure

5. Your rights

You can have rights in personal data concerning you. If you have any questions or wish to exercise your rights, we encourage you to contact us by using our contact information set out at the beginning of this privacy policy.Your rights depend on the circumstances and applicable law. Some rights that may be relevant for you are:

  • Right to access: You have a right to access personal data concerning you that we process.
  • Right to request rectification or deletion: You can request rectification of incorrect or outdated personal data about you. You can also request that we delete personal data about you.
  • Right to request restriction of processing: You can request that we limit the processing of personal data about you.
  • Right to object: You can object to the processing of personal data concerning you for direct marketing purposes. Depending on the circumstances, you may also have a right to object to processing for other purposes.
  • Right to data portability: In certain circumstances, you can have your personal data transmitted from us to another controller.
  • Right to withdraw consent: If you have consented to us processing your personal data, you may withdraw this consent at any time. Withdrawing your consent will not affect the lawfulness of processing based on your consent prior to the withdrawal.
  • Right to lodge a complaint with a supervisory authority: If you disagree with the way we process personal data about you, you can lodge a complaint with the relevant supervisory authority (in Norway: Datatilsynet). We hope that you choose to contact us first.