Privacy Policy

This privacy policy applies for processing of personal data when Lets.dev (“Lets.dev”, “we” or “us”), the company behind Lets.dev, Lets Kick AS, processes personal data in the capacity of data controller, for instance related to personal data about our private customers, visitors of our websites, and contact information of our business customers and suppliers.

Please note that this privacy policy does not apply to the cases where Lets.dev processes personal data in the capacity of data processor on behalf of our business customers when using the Lets.dev Services. For this processing of personal data, there will be a separate data processing agreement between Lets.dev and the relevant business customers in question.

Each individual private Lets.dev user is responsible for any personal data they choose to upload to Lets.dev. This responsibility includes ensuring the legality of uploading and processing such data within the services provided by Lets.dev.

Below you will find information about the personal data we collect, why we do this, and your rights in relation to the processing of your personal data.

1. WHO WE ARE

Lets.dev is a text-based nocode solution that lets users write workflows by writing specifications. It helps you automate boring stuff like sales, marketing and admin tasks by simply writing specifications.

The Lets.dev platform is offered both to our private individual customers and to our business customers. Lets.dev acts as the data controller for the processing of personal data described in this privacy policy.

Our contact information is:

If you have any questions about how we process your personal data, or if you wish to exercise your rights under the GDPR, please contact us at [email protected]. Detailed information on these rights can be found in Section 7 below.

2. WHO WE PROCESS PERSONAL DATA ABOUT

The privacy policy governs the processing of personal data for the following persons:

• Private individual customers
• Contact persons at our business customers
• Contact persons at our suppliers
• Visitors to our website https://lets.dev/

3. PURPOSE, CATEGORIES OF PERSONAL DATA, LEGAL BASIS, AND RETENTION PERIOD

All processing of personal data is carried out in accordance with the applicable data protection rules, including the General Data Protection Regulation (GDPR).

Below you will find an overview of the purposes for which Lets.dev processes personal data, what personal data is processed, the legal basis for the processing, and retention periods.

3.1 Processing of personal data relating to the Lets.dev User Account

In order to use the Lets.dev platform, you need to create and register a Lets.dev User Account on our website. The purpose of the Lets.dev User Account is to provide you with your personal access to the platform.

The personal data we process about you within the Lets.dev User Account includes:

• Your name, email address, and any additional information you have provided

For our private individual customers, the legal basis for the processing of personal data in connection with the Lets.dev User Account is GDPR Article 6 no. 1 (b), the processing is necessary for the performance of the service agreement entered into with you as a data subject (provide access to the platform).

For our business customers, the legal basis for the processing of personal data in connection with the Lets.dev User Account is GDPR Article 6 no. 1 (f), Lets.dev's legitimate interest in establishing and administering a user account for each user within the business customer, or a common enterprise-user, in order to provide the business customer with individual access to the platform.

The personal data collected in this context will be retained until the individual user deletes their Lets.dev User Account.

3.2 Entering into and administration of service agreements

Lets.dev processes personal data of contact persons at our business customers and our suppliers solely to the extent necessary to enter into and administer the agreement with the relevant customer or supplier. This processing of personal data is conducted based on Article 6 no. 1 (f) GDPR, which pertains to our legitimate interest to enter into and manage the relevant service agreement or supplier agreement with our business customers and suppliers. As such, the processing of your personal data as a contact person for a business customer or supplier is justified by our need to effectively establish and maintain the contractual relationship.

The personal data we receive in connection with this processing will be deleted upon the termination of the agreement with the specific business customer or supplier. However, certain information may be retained for a longer period if necessary, in the context of bookkeeping and accounting purposes or for Lets.dev to defend against potential legal claims. All personal data will be permanently deleted once the legal deadlines for filing complaints have expired.

3.3 Requests and inquiries

When you contact Lets.dev via the contact information form on our website, e-mail, or phone, with inquiries related to our services, platform, or otherwise, we process the personal data you provide, such as your name and contact information, along with any other personal data included in your request. The processing of this personal data is necessary to effectively respond to your inquiries and provide the information or support you are seeking.

The legal basis for this processing is established under GDPR Article 6 no. 1 (f), which is our legitimate interest in responding to your requests. We process your personal data solely to provide the necessary responses and assistance you require. Your personal data will be deleted or anonymized after your request has been fully responded to and the matter has been resolved.

3.4 Marketing activities / Newsletters

Lets.dev may carry out electronic marketing activities to users of the Lets.dev platform and subscribers of our newsletters.

In order to carry out such marketing activities, we process the following personal data:

• Name
• Email address

The legal basis for the processing is your consent, cf. GDPR Article 6 no. 1 (a). If relevant, marketing material may also be distributed on the basis of GDPR Article 6 no. 1 (f) and the existing relationship with you as a customer.

You have the right to withdraw your consent for marketing activities at any time, either by contacting us directly or by utilizing the unsubscribe option provided in the emails you receive from us. Upon withdrawal of your consent, your personal data will be deleted unless it is required for other purposes, such as maintaining your Lets.dev User Account.

3.5 Use of Cookies

Lets.dev utilizes cookies to ensure the proper functioning of our website's various services. Cookies are small text files stored on your device's browser when you visit our site. Some cookies, known as “necessary cookies,” are essential for the operation of our website. These cookies enable fundamental functionalities such as accessing your secure areas.

Where these necessary cookies involve the collection or storage of personal data—such as your IP address, operating system details, browser ID, and your interactions with our site—we process this information based on our legitimate interest in maintaining our website's functionality and security, as stipulated under Article 6 no. 1 (f) of the GDPR.

In addition to necessary cookies, Lets.dev may utilize cookies for other purposes, such as for statistical analysis/measurement, marketing, and integration of social media. The legal basis for the processing using such cookies is your separate consent that you have given through the cookie banner on our websites, pursuant to Article 6. no. 1 (a) of the GDPR.

You can always delete cookies by going into your browser settings and deleting content. If you need any assistance in this regard, you are welcome to contact us.

4. RECIPIENTS OF YOUR PERSONAL DATA

In some circumstances, Lets.dev may disclose personal data to others to the extent necessary for the administration of our operations and to carry out our business activities.

Lets.dev may, among other things, share your personal data with our supplier of IT systems and technical assistance. These parties process personal data about our customers and suppliers by virtue of their role as data processors, and their processing is subject to a data processing agreement. The suppliers are required to act according to documented instructions from Lets.dev and may not use personal data for their own purposes.

In addition, we may in some cases disclose your personal data to other companies who will themselves be responsible for how they process your personal data. For example, we may disclose your personal data to partners who handle payment services and public authorities if this is required by law or by a legally enforceable judgment or order.

If Lets.dev sells or buys any business or assets, Lets.dev may transfer your personal data to a prospective seller or buyer of such business or assets.

If Lets.dev or a significant part of Lets.dev's assets are sold to another company, the personal data of our customers and prospective students may also be shared in connection with the sale.

We always implement appropriate technical and organizational security measures in accordance with applicable data protection legislation to ensure that your personal data is handled in a secure manner when transferring or sharing personal data with a third party.

5. TRANSFERS OF YOUR DATA TO COUNTRIES OUTSIDE THE EU/EEA

Generally, we process your personal data within the EU/EEA. If the personal data is processed outside the EU/EEA, there is either an adequacy decision from the European Commission in place, which ensures that the third country in question guarantees an adequate level of protection, or we ensure that appropriate safeguards are in place to ensure that your rights under the GDPR are safeguarded. Examples of such appropriate safeguards are that the data transfer is subject to the European Commission's Standard Contractual Clauses (SCC's) or that the relevant third party follows approved standards of conduct.

If you would like more information about the security measures we have implemented, please contact us using the contact details set out at the beginning of this privacy policy.

6. SECURITY OF THE PROCESSING

All our processing of personal data is secured by necessary technical and organizational measures.

We handle personal data so that it is accurate, accessible and processed in accordance with the degree of sensitivity of the data. We also use a range of security technologies and information security procedures to protect personal data from unauthorized access, use or disclosure.

We have entered into data processing agreements with all our suppliers that process personal data.

We restrict access to personal data strictly to the staff or third parties who have a necessary need to process the data on our behalf. These parties are subject to a duty of confidentiality.

7. YOUR RIGHTS WHEN WE PROCESS PERSONAL DATA ABOUT YOU

Below is an overview of your rights under the GDPR:

Right to information and access:

We strive to be open and transparent about how we process your personal data. If you wish to know more about how we process your personal data or wish to receive the personal data we process about you, you can request access to the information we have stored about you. If we receive an access request, we may ask you to provide more information about who you are to ensure that we provide the data to the right person.

The right to rectification:

If you become aware that we hold outdated or inaccurate information about you, you can ask us to correct the error at any time by contacting us.

The right to erasure and restriction:

You have the right to request that your personal data is erased or that its use is restricted, for example, if you believe that your personal data is being processed in violation of applicable law. We will as far as possible comply with a request to erase personal data, but we cannot do this if we are required by law to store certain data e.g. for accounting purposes or to comply with a legal claim.

The right to data portability:

In some cases, you may have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format. If technically possible, you may also request that the data be transferred to a third party.

The right to object:

You have the right to object to our processing of your personal data if, for example, it is processed on the basis of our legitimate interests.

The right to withdraw consent:

If you have given consent to our processing of your personal data, you always have the right to withdraw this consent at any time by contacting us. However, this does not affect the lawfulness of the processing based on your consent until you have withdrawn it.

To exercise your rights, as described above, you can contact us at [email protected].

Your inquiry will be answered as quickly as possible, and within one month at the latest. If it takes longer than one month, you will always be notified, together with the reason for such delay.

8. COMPLAINTS

If you feel that our processing of personal data does not comply with what we have described here or that we are otherwise in breach of the data protection regulations, you can complain to the Norwegian Data Protection Authority:

You can find more information about complaints to the Norwegian Data Protection Authority on their websites.

9. CHANGES

If there are changes made in how we process your personal data, we will update or change our privacy policy. In the event of major changes, we will inform you of this.