Privacy Policy
Effective date: 2026-02-03
This Privacy Policy applies to the Sivil mobile application (the “Application”), operated by Sivil AS (the “Service Provider”), a company established in Norway. This policy explains how personal data is collected, used, stored, and protected in accordance with the EU General Data Protection Regulation (GDPR).
1. Data Controller
Sivil AS is the data controller for the processing described in this policy.
Contact: [email protected]
2. Personal Data We Process
2.1 Data You Provide
- Account information (if you create an account)
- Content you submit in the Application
- Communications with support
2.2 Automatically Collected Data
- Device information (device model, OS version)
- App usage and diagnostics data
- IP address
2.3 Location Data
The Application collects location data to provide core functionality.
- Precision: approximate and/or precise location, depending on your device permissions
- Purpose: enabling location‑based features of the Application
Location data is required for the core service to function.
3. Purposes and Legal Bases
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Core app functionality (including location) | Contract necessity (6(1)(b)) |
| Optional analytics | Consent (6(1)(a)) |
| Crash reporting and stability | Legitimate interest (6(1)(f)) |
| Legal obligations | Legal obligation (6(1)(c)) |
4. Analytics (Optional)
Analytics are optional and disabled by default.
- You may choose to enable analytics to help improve the Application
- You can withdraw consent at any time in the Application settings
5. Third‑Party Services
The Application uses third‑party services acting as data processors:
- Google Play Services
- Firebase Analytics (optional)
- Firebase Crashlytics
Data may be processed outside the EU/EEA. Where applicable, processing is safeguarded using Standard Contractual Clauses or other approved mechanisms.
6. Data Retention
- Account and user‑provided data: retained while you use the Application and for a reasonable period thereafter
- Analytics data: retained according to provider defaults or anonymized
- Crash and diagnostic data: retained up to 24 months
You may request deletion of your data by contacting us.
7. Your Rights
Under GDPR, you have the right to:
- Access your data
- Rectify inaccurate data
- Erase your data
- Restrict processing
- Data portability
- Object to processing
- Withdraw consent at any time
You also have the right to lodge a complaint with Datatilsynet (Norway).
You may request access to or a copy of your personal data by contacting us at [email protected].
8. Children’s Privacy
The Application is not intended for children under the age of 13. We do not knowingly collect personal data from children under this age.
9. Security
We implement appropriate technical and organizational measures to protect personal data. No system can guarantee absolute security.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Continued use of the Application after changes constitutes acceptance.
11. Contact
For privacy‑related questions or requests, contact: [email protected]