Privacy policy

Last updated: 1 May 2026

Who we are

TSworkflow AS is a Norwegian company providing an AI-powered CRM platform. For privacy questions, contact post@kundeoppfølging.no.

What data we collect

• Account data: name, email, organisation, role, profile photo (if provided)
• Customer data: contacts, deals, quotes, contracts, calendar, email threads — entered or synced by you
• Usage data: page views, button clicks (anonymised when possible), error reports
• Technical data: IP, browser, OS — for security and abuse prevention

How we use it

• To provide the platform features you have enabled
• To respond to support requests
• To improve the platform and detect abuse
• To meet legal obligations (e.g. accounting, security)

Data residency

All customer data is stored within the EU (Supabase EU regions, Google Cloud europe-north1). No transfer to third countries without explicit consent.

Your rights (GDPR)

• Right of access — download all your data
• Right to rectification — fix inaccurate data
• Right to erasure — delete your account and associated data
• Right to portability — export in machine-readable format
• Right to object — opt out of non-essential processing

To exercise any right, email us. We respond within 30 days.

Subprocessors

We use the following processors. All are GDPR-compliant.

• Supabase — database and auth (EU)
• Google Cloud Run — application hosting (europe-north1)
• OpenAI — AI inference (with EU data residency option)
• Retell AI — phone AI (US, with DPA)
• Sentry — error monitoring (EU)

Cookies

We use functional cookies for sign-in and language preference. Optional analytics cookies (Plausible) are aggregated and contain no personal data. We ask for consent before any non-essential tracking.

Retention

Active customer data is retained until account deletion. Logs are kept up to 90 days for security purposes, then deleted automatically.

Changes to this policy

We notify users of material changes via email at least 30 days before they take effect.