Contact Login

Privacy Policy

Effective Date: 5 March 2025
Last Updated: 4 September 2025

 

1. Introduction

At Techstep, we view privacy not just as a legal requirement, but as a cornerstone of our relationship with users. This Privacy Policy explains how Techstep ASA and its subsidiaries collect, use, and protect your personal data when you interact with our websites, services, and applications.

We are committed to safeguarding your information and complying with applicable privacy laws, including:

  • The General Data Protection Regulation (GDPR)
  • The EU Data Act, which governs access and sharing of data generated by connected devices and services.

This Privacy Policy is issued by Techstep ASA, a company registered in Norway (company number 977 037 093), and its affiliates.

2. Scope & Applicability

This Privacy Policy applies to:

  • Visitors to our websites and digital platforms (e.g., techstep.io)
  • End users of Techstep portals, applications, or connected services
  • Customer administrators managing services on behalf of their organizations
  • Users accessing Techstep services via partner organizations or resellers

In addition to personal data, this Privacy Policy also covers data generated by connected devices and digital services, where applicable under the EU Data Act.

3. Who We Are

Techstep ASA and its subsidiaries provide mobile-first workplace solutions across Europe. Our mission is to simplify and secure the digital employee experience. We process personal data to deliver, support, and improve our services.

4. Roles & Responsibilities

Depending on the services provided, Techstep may act in different capacities:

  • Data Controller – when determining the purposes and means of processing personal data.
  • Data Processor – when processing personal data on behalf of our customers based on their instructions.
  • Data Sub-Processor – when supporting a third-party service provider in delivering a service to its end customers.

5. What Data We Collect

We may collect the following types of personal data:

  • Contact details: Name, email address, phone number
  • User credentials: Login information, authentication tokens
  • Device data: Device ID, operating system, usage statistics
  • Location data: If enabled, for service optimization
  • Communication logs: Support interactions, feedback, and inquiries
  • Contractual data: Company name, role, and service usage
  • Connected product data: Includes telemetry, configuration metadata, usage statistics, and other data generated by devices or services.

How We Collect Data:

We collect personal data through direct interactions (e.g., service requests, website forms, and customer support), automated technologies (e.g., cookies, telemetry, and analytics tools), and third-party sources (e.g., partners, resellers, and service providers).

6. Location Data Usage

Our mobile applications may collect location data as part of our Mobile Device Management (MDM) services. Use cases include:

  • Security & Compliance
  • Remote Management
  • Policy Enforcement (e.g., geofencing)

7. How We Use Your Data

We use personal data to:

  • Provide and maintain our services
  • Authenticate users and manage access
  • Deliver customer support
  • Improve product functionality
  • Comply with legal obligations
  • Send updates or marketing (with consent)
  • Fulfill obligations under the EU Data Act

Automated Decision-Making:

Techstep does not use personal data for automated decision-making or profiling that produces legal or similarly significant effects.

8. Legal Basis for Processing

We process personal data under the following legal bases:

  • Contractual necessity
  • Legitimate interests
  • Consent
  • Legal compliance (including GDPR and the EU Data Act)

9. Sharing & Transfers

We may share personal data with:

  • Techstep subsidiaries
  • Trusted service providers
  • Legal authorities
  • Partners or resellers
  • Public sector bodies under lawful requests (EU Data Act)

For more go to our Subprocessor list

Data transfers outside the EU/EEA are protected by appropriate safeguards.

10. Data Retention

We retain personal data only as long as necessary for:

  • The purpose it was collected
  • Legal and regulatory requirements
  • Contractual obligations

Data is securely deleted or anonymized when no longer needed.

11. Your Rights

You have the right to:

  • Access, correct, delete, or restrict your data
  • Object to processing
  • Withdraw consent
  • Request access to connected product data (EU Data Act)
  • Receive data in a machine-readable format
  • Understand data use terms before contracting
  • Lodge a complaint with a supervisory authority

12. Security Measures

We implement technical and organizational measures including:

  • Encryption and secure storage
  • Access controls
  • Regular audits and vulnerability assessments

13. Compliance with the EU Data Act

Techstep complies with Regulation (EU) 2023/2854, applicable from 12 September 2025. We provide pre-contractual disclosures including:

  • Data volume and nature
  • Terms of use and access
  • Identity of Techstep as data holder
  • Third-party access and legal basis
  • Communication channels for data inquiries

Retrospective fairness provisions will apply from 2027 for long-term contracts.

14. Cookies & Tracking Technologies

Our websites use cookies and similar technologies for functionality, analytics, and marketing. See our Cookie Policy for details.

15. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be posted on our website with the revised effective date.

16. Contact Us

Techstep ASA (Holding Company)
Brynsalléen 4, 0667 Oslo, Norway
Email: compliance@techstep.io
Website: https://www.techstep.io

For country-specific inquiries, refer to your service agreement or contact us via our website.