At Fygi AS ("Fygi", "we" or "us") we care about your privacy. Therefore, we always have your privacy and our responsibility in mind when we collect and process personal information. The privacy statement describes what personal information is processed in Fygi, how we collect and use your personal information when you download our app and use our services. The declaration also describes the rights you have as registered with us and how you exercise these.

The person responsible for processing in the organization is the general manager if tasks have not been delegated. Inquiries for access, correction or deletion of personal information can be made to terje.hallan@fygi.no.

When you download and use our application
When you download the Fygi app from the Apple Store or Google Play, Fygi does not store any of your personal data. We create your profile in our system with an anonymous user ID, so that none of your personal information is stored before you use the solution.

Our solutions have different uses and for some of the services we need personal information for the solution to work as it should.

The purpose of processing your personal data
Fygi processes your personal data in accordance with the Personal Data Act, the Accounting Act, the Money Laundering Act and other relevant regulations.

The purpose of our processing of personal data by your use of Fygi is first and foremost to ensure that the solution works properly.

In Fygi, personal data is also processed for the following purposes:

Customer follow-up and marketing

Further development and improvement of the service

Fygi will also process personal data to the extent required by law or gives access to it or when you have consented to such processing.

Permissions in Fygi
When you choose to use certain functions in Fygi, we will ask for different permissions to your mobile phone for these functions to work.

These features and permissions are:

Location - so you can find places of use near where you are. We ask for your consent to access site services when searching for user sites. We do not store information about your location. You can turn off access to location services for Fygi in your phone's settings, but be aware that the feature for finding user locations near where you are will then not work.

Camera - so you can take scanned items during your shopping trips. We never store your photos.

Background update - implemented when you receive push notifications from Fygi.

Mobile data - so you can use Fygi when you are not connected to a wireless network.

Alerts - so that Fygi has the ability to send messages to your mobile phone. You choose whether you want to give us access to sending notifications to you and can turn the function on and off in the app at any time.

Phone status and ID - so that mobile identifier can be stored (Android only).

Change / delete content in SD card (Android) - for you to be able to upload a profile picture.

What information do we store
Fygi stores information that you provide yourself, or that is generated when you use the service. Fygi stores the following data and processes personal data for the following purposes and based on the following legal bases:

In order for you to have access to your electronic purchase receipts, we will store these under "My Fygi". Some users can choose to use the solution without having used the app, but rather use the phone's browser, and then we need your e-mail address to send this to you.

In order for you to get your membership benefits when you shop, we must verify that you are actually a member of the store's customer club or benefits program. To do this, we need your phone number.

For security purposes, we record which mobile device you are using and the device's operating system. In addition, we register your mobile identifier that is formed when you create a Fygi profile in order to identify your mobile phone as a security measure (not stored on your mobile phone).

In order to have history, traceability and the possibility of invoicing related to transactions to the user site, we store information about which user sites / physical stores you have logged in to.

Collection of personal information from public registers
Fygi does not need to retrieve data from public registers.

Disclosure of personal information
In order for you to retain your membership benefits and customer clubs and loyalty programs, we need to communicate your phone number to the supplier of the customer club. Beyond this, information that can be linked to you as a person will not be disclosed to others unless it is authorized by law or that you have specifically consented to it.

In our work to further develop and improve our solutions, we will occasionally collaborate with others. This may require us to provide information about you. This will always be done without the partner knowing your identity, and we will ensure that the information is not used by the partner beyond the cooperation with us.

Use of data processors
There are several subcontractors who process personal data on our behalf (data processors). The transfer of personal data to such data processors takes place in accordance with data processor agreements which ensure that the processing is carried out in accordance with the regulations, including preventing the data processor from using the information for other purposes. Transfer of personal data to Fygi's data processors is not considered disclosure.

In some cases, Fygi transfers personal data to organizations in countries outside the EEA area, for example to IT service providers or other data processors. Such transfers can only be made if the data controller or data processor has provided the necessary guarantees and provided that individuals are guaranteed enforceable and effective rights.

A valid basis is thus required for such a transfer in accordance with the GDPR, and some of the following conditions must be met:

The European Commission has decided that there is an adequate level of protection in the country in question.

Other appropriate security measures have been taken, and / or a data processor has provided the necessary guarantees that personal data will be processed securely, for example through the use of standard contracts (EU standard clauses) approved by the European Commission, or the data processor has valid binding group rules (BCR).

These are exceptions in special cases, for example to fulfill an agreement with you or cases where you give your consent to the specific transfer.

Customer follow-up and marketing
Fygi will inform you about its own products and services within the category self-service solutions. We will also provide you with information about other products beyond the category of self-service solutions using electronic marketing, if you agree to this. This means that we can send you useful information and offers about products and services by means of electronic communication in the Fygi app or to your specified e-mail address. Consent under this provision includes electronic marketing of all types of products and services, and not just products you have previously consented to. You can withdraw your consent at any time by contacting us.

Your rights
You have the right to demand access, correction of incorrect personal data or deletion of personal data we process about you. You also have the right to demand limitation of the processing and may, under certain conditions, protest against further processing of personal data or demand that your personal data be transferred to yourself or another data controller (data portability).

You can withdraw your consent at any time. A withdrawal of consent does not affect the legality of a treatment that was based on consent before the consent was withdrawn.

If you wish to exercise your rights, you can fill out our contact form at https://fygi.io/contact/. We respond to your inquiry as soon as possible, and no later than within 30 days.

Storage time
Personal data will not be stored longer than is necessary to fulfill the purpose of the processing. After this, the information will be deleted or anonymised, unless the information is or can be stored beyond this as a result of law.

Personal data that we process on the basis of your consent will be deleted if you withdraw the consent, unless there is another legal basis for further processing.

Securing personal information
Personal information that Fygi collects, is stored and processed in a safe and secure manner. We have established and documented routines and measures to ensure the integrity, availability and confidentiality of the information in accordance with Article 32 of the GDPR.

Complaints
If you believe that our processing of personal data is in violation of privacy laws, you can contact us at https://fygi.io/contact/ or complain to your national Data Protection Agency.

You can find contact information for your Data Protection Authority at:

Norway: www.datatilsynet.no

Sweden: https://www.imy.se/

Germany: https://www.bfdi.bund.de

Changes
We may change this Privacy Policy to comply with legal requirements, as well as our own practices for the collection and processing of personal information. In the event of major changes, you will have to re-accept the terms.