Privacy Policy
Last Updated: June 9, 2026
CENTRQ AS (Registrert i Foretaksregisteret) ("we," "our," or "us") operates the online portal located at online.centrq.no (the "Website" or "Portal"). We are committed to protecting your personal data in accordance with the Norwegian Personal Data Act (Personopplysningsloven) and the EU General Data Protection Regulation (GDPR).
This policy explains how we collect, use, and protect your data, as well as your rights as a user of our Portal.
1. Data Controller
The data controller responsible for the processing of your personal data on this website is:
Company Name: CENTRQ AS (Registrert i Foretaksregisteret)
Organization Number (Organisasjonsnummer): MVA 937 706 626
Address: Fagerneset 20, 5962 BJORDAL, Norway
Email: info@centrq.no
2. Personal Data We Collect & Why
Because this website acts strictly as an authenticated portal for our software, we only collect the minimum amount of operational data necessary to manage your account and deliver our services safely.
| Data Category | How We Collect It | Purpose | Legal Basis (GDPR) |
|---|---|---|---|
| Account & Authentication Data | Provided during account creation / setup | To verify your identity, allow secure access, and manage your subscription. | Performance of a contract (Art. 6(1)(b)) |
| Technical & Security Data | Automatically via server and portal infrastructure logs | To maintain system security, detect fraudulent access, and troubleshoot application errors. | Legitimate interest (Art. 6(1)(f)) |
3. Cookies and Tracking
We maintain a strict privacy-first approach to user tracking:
- No Tracking/Marketing Cookies: We do not use any analytical, tracking, or marketing cookies (such as Google Analytics or marketing pixels).
- Necessary Session Cookies: The Portal uses essential cookies exclusively to handle security and authentication. These cookies simply remember that you are logged in as you navigate between pages. They are technically required for the application to function and do not require explicit cookie consent banners.
4. Data Sharing and Infrastructure (Data Processors)
We do not sell, rent, or trade your personal data. Your information is processed exclusively within secure infrastructures governed by Data Processing Agreements (DPAs) that comply with EEA standards:
- Hosting & Infrastructure: The Portal infrastructure is securely hosted on Oracle Cloud Infrastructure.
- Email & Communications: Operational emails (such as password resets or system notifications) are transmitted using secure SMTP connectors through our email service provider, Webhuset.
International Data Transfers
Your data is stored and processed within regions that comply fully with EEA data privacy standards. If any infrastructure routing transiently utilizes entities based outside the EEA, we ensure valid legal mechanisms—such as EU Standard Contractual Clauses (SCCs)—are active to safeguard your information.
5. Data Retention
We retain your personal data only as long as necessary to fulfill our commitments to you:
- Active Accounts: All account profiles and associated software data are retained exclusively for the duration of your active subscription contract. Upon termination of the contract, data is securely deleted or anonymized in accordance with our terms of service.
- System & Security Logs: Automated server access logs are regularly overwritten and deleted on a routine technical maintenance schedule.
6. Your Rights
Under the GDPR, you hold the following rights regarding your personal data:
Right to Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request that we correct inaccurate or incomplete data.
Right to Erasure ("Right to be Forgotten")
Request to delete your account data, subject to contract limitations.
Right to Restrict or Object
Object to or limit how we process your personal data.
Right to Data Portability
Request your data in a structured, machine-readable format.
To exercise any of these rights, please contact us directly at info@centrq.no. We will evaluate and respond to your request without undue delay, and at the latest within 30 days.
7. How to Complain
If you believe we are processing your personal data in violation of privacy regulations, we encourage you to contact us directly so we can resolve the issue.
You also retain the legal right to lodge a formal complaint with the official Norwegian supervisory authority:
Datatilsynet (The Norwegian Data Protection Authority)
Postal Address: P.O. Box 458 Sentrum, 0105 Oslo, Norway
Website: www.datatilsynet.no