Privacy Policy
Last updated: February 22, 2026
Quick Summary
This summary is for convenience only. The full notice below governs how we handle your data.
- What we collect: Your name, email, and username when you sign up, plus standard server logs (IP, browser, device).
- Analytics: We use Plausible Analytics — it doesn't use cookies or track you individually.
- Billing data: Payments go through AWS Marketplace. We never see your payment details.
- Who we share with: AWS (infrastructure) and Plausible (analytics). We don't sell your data.
- Your rights: You can access, correct, or delete your data. Email privacy@compliance.tf.
- Where data lives: Servers in the US and Ireland (AWS). We use standard safeguards for international transfers.
- Security: We use encryption in transit and at rest. No system is 100% secure, and we're upfront about that.
This Privacy Notice explains how Betajob AS (org. nr. 999 153 976), doing business as compliance.tf ("we," "us," or "our"), handles your personal information when you use our services ("Services"), including when you:
- Visit compliance.tf or any website that links to this notice
- Engage with us in other related ways, including sales, marketing, or events
Betajob AS has not appointed a Data Protection Officer as we do not meet the thresholds under GDPR Article 37. For privacy inquiries, contact privacy@compliance.tf.
This notice explains your privacy rights and how we make decisions about your data. If you disagree with our practices, please don't use the Services.
Table of Contents
- What Information Do We Collect?
- How Do We Process Your Information?
- What Legal Bases Do We Rely On?
- When and With Whom Do We Share Your Information?
- Do We Use Cookies?
- How Do We Handle Your Social Logins?
- Is Your Information Transferred Internationally?
- How Long Do We Keep Your Information?
- How Do We Keep Your Information Safe?
- Do We Collect Information From Minors?
- What Are Your Privacy Rights?
- Controls for Do-Not-Track Features
- Do United States Residents Have Specific Privacy Rights?
- Do Other Regions Have Specific Privacy Rights?
- Data Breach Notification
- Do We Make Updates to This Notice?
- How Can You Contact Us About This Notice?
- How Can You Review, Update, or Delete Your Data?
1. What Information Do We Collect?
Personal information you provide
We collect personal information you provide when you sign up, contact us, or interact with our Services. This may include:
- Email addresses
- Usernames
- Names
Sensitive Information. We do not process sensitive personal information.
Social Media Login Data. We offer the option to register using your Google account. If you choose this, we receive certain profile information from Google, such as your name and email address.
Payment Information. We do not collect payment information directly. All billing is handled through AWS Marketplace.
All personal information you provide must be true, complete, and accurate. Please notify us of any changes.
Information collected automatically
When you visit, use, or navigate our Services, we automatically collect certain technical information. This does not reveal your specific identity (like your name or contact information) but may include device and usage data such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, country, location, and information about how and when you use our Services.
We use a small number of cookies for authentication and security purposes. We do not use advertising or tracking cookies. For analytics, we use Plausible Analytics, which does not use cookies or collect personal data. See our Cookie Policy for details on each cookie we set.
The information we collect automatically includes:
- Log and Usage Data. Service-related diagnostic, usage, and performance information our servers automatically collect when you access the Services.
- Device Data. Information about the device you use to access the Services (computer, phone, tablet, etc.).
2. How Do We Process Your Information?
We process your information to provide, improve, and administer our Services, communicate with you, ensure security, prevent fraud, and comply with the law. We may also process your information for other purposes with your consent.
Specifically, we process your personal information to:
- Create and manage your account and authenticate your identity.
- Deliver the Service — including registry access, API tokens, and module downloads.
- Respond to your inquiries and provide support.
- Send administrative information such as service updates and security alerts.
- Manage your subscription and fulfill orders through AWS Marketplace.
- Ensure security and prevent abuse of our Services.
3. What Legal Bases Do We Rely On to Process Your Information?
We only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law. As a Norwegian company, we process personal data in accordance with the Norwegian Personal Data Act (Personopplysningsloven), which incorporates the GDPR into Norwegian law.
If you are in the EU, EEA, or UK
The GDPR and UK GDPR require us to explain the legal bases we rely on to process your personal information. We rely on the following:
- Consent. We may process your information if you have given us specific permission for a particular purpose.
- Performance of a Contract. We process your personal information when necessary to fulfill our contractual obligations to you — for example, creating your account and providing the Service.
- Legitimate Interests. We may process your information when reasonably necessary for our legitimate business interests, provided those interests don't override your fundamental rights and freedoms. Our legitimate interests include operating and improving the Service, ensuring security and preventing fraud, and understanding how our Services are used.
- Legal Obligations. We may process your information where necessary to comply with our legal obligations, such as tax and accounting requirements.
If you are located in Canada
We may process your information if you have given us specific permission (express consent), or in situations where your permission can be inferred (implied consent).
In some exceptional cases, we may be legally permitted to process your information without your consent, including:
- When collection is clearly in the interests of an individual and consent cannot be obtained in a timely way
- For investigations, fraud detection, and prevention
- For business transactions, provided certain conditions are met
- When disclosure is required to comply with a subpoena, warrant, court order, or rules of the court
- When the information is publicly available and specified by the regulations
7. Is Your Information Transferred Internationally?
Your information may end up in a country other than your own. Our infrastructure runs on Amazon Web Services (AWS) in the US (us-east-1) and Ireland (eu-west-1).
If you are a resident of the European Economic Area (EEA), United Kingdom (UK), or Switzerland, please note that some of your data may be processed in the United States. AWS has certified under the EU-US Data Privacy Framework and provides Standard Contractual Clauses as an additional transfer safeguard.
We have assessed the data protection laws of the countries where your data may be processed and have implemented appropriate safeguards, including encryption and access controls, to protect your personal information in accordance with this Privacy Notice and applicable law.
8. How Long Do We Keep Your Information?
We keep your personal information only for as long as necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required by law (such as tax, accounting, or other legal requirements).
Specifically:
- Account data (name, email, username) — retained for the duration of your account plus 30 days after account deletion.
- Server logs — retained for 90 days.
- Pending registration records — automatically deleted after 7 days.
When we no longer have a legitimate business need to process your personal information, we will either delete or anonymize it. If deletion is not immediately possible (for example, because your information is in backup archives), we will securely store your personal information and isolate it from further processing until deletion is possible.
9. How Do We Keep Your Information Safe?
We encrypt data in transit (TLS) and at rest. We use access controls, audit logging, and regular security reviews to protect your data.
That said, no system is perfectly secure. We can't guarantee that unauthorized parties won't find a way in. Use the Services over secure connections and keep your own credentials safe.
10. Do We Collect Information From Minors?
We do not knowingly collect data from or market to anyone under 18. By using the Services, you confirm that you are at least 18. If we learn that a user is under 18, we will deactivate their account and delete their data promptly. If you become aware of any data we may have collected from someone under 18, please contact us.
11. What Are Your Privacy Rights?
Depending on where you live, you may have certain rights regarding your personal information. In regions like the EEA, UK, Switzerland, and Canada, these may include the right to request access to and obtain a copy of your personal information, to request correction or deletion, to restrict processing, to data portability, and to not be subject to automated decision-making.
We will consider and act on any request per applicable data protection laws.
If you believe we are unlawfully processing your personal information, you have the right to lodge a complaint with your supervisory authority:
- Norway: Datatilsynet (Norwegian Data Protection Authority)
- EU/EEA: Your Member State data protection authority
- UK: The Information Commissioner's Office (ICO)
- Switzerland: The Federal Data Protection and Information Commissioner
Withdrawing your consent
If we rely on your consent to process your personal information, you can withdraw your consent at any time by contacting us. This won't affect the lawfulness of processing before your withdrawal.
Account Information
To review or change your account information, or to terminate your account, you can:
- Log in to your account settings and update your profile.
- Contact us using the information provided below.
If you request account termination, we will deactivate or delete your account and its data from our active databases. We may retain some information to prevent fraud, troubleshoot problems, assist with investigations, enforce our terms, and comply with legal requirements.
Cookies and similar technologies
Most browsers accept cookies by default. You can usually set your browser to remove or reject cookies, though this may affect certain features of our Services. If you have questions about your privacy rights, email us at privacy@compliance.tf.
12. Controls for Do-Not-Track Features
We don't currently respond to Do-Not-Track (DNT) browser signals because there is no universal standard for them. However, we use Plausible Analytics, which doesn't track individual users at all — so DNT is effectively honored by default.
13. Do United States Residents Have Specific Privacy Rights?
If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have specific rights regarding your personal information under state data protection laws.
We do not sell your personal information as defined by the CCPA. We do not share your personal information for cross-context behavioral advertising purposes. We do not use advertising cookies or tracking pixels.
Your Rights
Under applicable US state data protection laws, you may have the right to:
- Know whether we are processing your personal data
- Access your personal data
- Correct inaccuracies in your personal data
- Request deletion of your personal data
- Obtain a copy of the personal data you shared with us
- Non-discrimination for exercising your rights
- Opt out of the processing of your personal data for targeted advertising, sale, or profiling
How to Exercise Your Rights
To exercise these rights, email us at privacy@compliance.tf. We will honor your opt-out preferences if you enable the Global Privacy Control (GPC) signal in your browser.
California "Shine The Light" Law
California Civil Code Section 1798.83 permits California residents to request, once per year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.
14. Do Other Regions Have Specific Privacy Rights?
Norway
As Betajob AS is a Norwegian company, we process personal data in accordance with the Norwegian Personal Data Act (Personopplysningsloven), which incorporates the GDPR into Norwegian law. We also comply with the Norwegian E-Commerce Act (ehandelsloven) regarding electronic communications and cookies.
Australia and New Zealand
We collect and process your personal information under the obligations set by Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020. You have the right to request access to or correction of your personal information. If you believe we are unlawfully processing your data, you can file a complaint with the Office of the Australian Information Commissioner or the Office of New Zealand Privacy Commissioner.
Republic of South Africa
You have the right to request access to or correction of your personal information. If you are unsatisfied with how we handle your complaint, you can contact the Information Regulator (South Africa) at enquiries@inforegulator.org.za.
15. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority (Datatilsynet for Norway) within 72 hours, as required by GDPR Article 33.
If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, as required by GDPR Article 34. We will provide details about the nature of the breach, the likely consequences, and the measures taken or proposed to address it.
16. Do We Make Updates to This Notice?
We may update this Privacy Notice from time to time. The updated version will be indicated by a new "Last updated" date at the top. If we make material changes, we will notify you either by posting a prominent notice or by sending you a notification directly. We encourage you to review this Privacy Notice periodically.
17. How Can You Contact Us About This Notice?
If you have questions or comments about this notice, email us at privacy@compliance.tf or contact us by post at:
Betajob AS (org. nr. 999 153 976)Fredbos vei 59
Asker, Viken 1383
Norway
18. How Can You Review, Update, or Delete the Data We Collect From You?
Depending on where you live, you may have the right to access, correct, or delete your personal information, or to withdraw your consent. To make a request, email us at privacy@compliance.tf.
6. How Do We Handle Your Social Logins?
Our Services allow you to register and log in using your Google account. When you choose to do this, we receive certain profile information from Google, typically your name and email address.
We use this information only for the purposes described in this Privacy Notice. We do not control and are not responsible for how Google uses your personal information outside of our Services.