Privacy Policy

This policy applies to personal data processed through the F-Løsning web application, APIs, support channels, onboarding workflows, and related operational services. It covers data processed when you create an account, invite team members, run daily operations, request support, or otherwise interact with the platform.

For clarity, "personal data" means information that identifies or can reasonably identify a person, directly or indirectly. "Processing" includes collection, storage, use, disclosure, transfer, and deletion. "Organization" means the farm business, cooperative, or company that contracts for and administers a F-Løsning workspace.

For customer account administration and platform operations, F-Løsning typically acts as a data processor on behalf of the contracting organization, which acts as the data controller for most workforce and business records. For account security, billing administration, and direct support communications, F-Løsning may act as an independent controller where required by law.

Privacy requests, processor inquiries, and compliance questions can be submitted through your authenticated support channel or by email to support@flosning.dk. To protect users, we may require identity verification before disclosing, correcting, exporting, or deleting personal data tied to an account.

Depending on product usage, we may process profile and account data (name, role, email, phone), organization and farm metadata, payroll and attendance records, scheduling inputs, inventory actions, supplier contacts, and operational logs that document who performed what action and when.

We also collect technical and diagnostic data such as IP address, device/browser details, session timestamps, API request metadata, authentication outcomes, and error events. This information is used to maintain service security, detect abuse, troubleshoot incidents, and improve reliability.

F-Løsning is not designed as a repository for highly sensitive personal data unless explicitly enabled under a contractual requirement with documented safeguards. Customers should avoid storing unnecessary health, biometric, national identification, or similarly sensitive information in free-text fields.

If sensitive data is intentionally processed for a legitimate business purpose, the customer organization is responsible for identifying a lawful basis and configuring access controls accordingly. F-Løsning supports role-based permissions, audit trails, and restricted visibility to help enforce least-privilege access.

Where data protection laws require a lawful basis, we rely on one or more of the following: contract performance, legitimate interests, legal obligations, consent, or vital/public-interest bases when applicable. The specific basis depends on context, feature usage, and customer obligations in the relevant jurisdiction.

Examples include contract performance for account provisioning, legitimate interests for security monitoring and fraud prevention, legal obligations for accounting and regulatory retention, and consent for optional communications or cookie categories where consent is required.

Primary processing purposes include service delivery, account administration, workforce scheduling, attendance and payroll workflows, inventory operations, communication features, customer support, and analytics that improve product quality and usability.

We also process data for resilience and governance purposes, such as backup operations, abuse prevention, incident investigation, access audits, and change management. We do not sell customer personal data, and we do not use customer production records for third-party advertising profiling.

We share personal data only with parties necessary to operate and secure the service, such as cloud hosting providers, infrastructure partners, monitoring vendors, and communication service providers. These partners are bound by contractual obligations, confidentiality commitments, and data protection requirements proportionate to their role.

We may also disclose data when required by law, legal process, or valid governmental request, and when necessary to protect rights, safety, and platform integrity. Where appropriate and legally permitted, we seek to limit scope and notify affected customers before disclosure.

When data is transferred across borders, we implement appropriate safeguards consistent with applicable legal standards. These safeguards may include contractual protections, transfer impact assessments, technical controls, and organizational measures designed to maintain equivalent protection levels.

Customers with specific residency or localization requirements should coordinate with our support and legal contacts before deployment. We can provide information about hosting regions, sub-processor scope, and available controls for regulated or contract-sensitive workloads.

Security controls include encrypted transport channels, authentication safeguards, role-based authorization, audit logging, monitored infrastructure, and backup protections. Administrative access is restricted to authorized personnel with defined responsibilities and traceable access events.

No online system is risk free, but we continuously improve technical and procedural safeguards to reduce likelihood and impact of incidents. Customers are also responsible for strong credential hygiene, appropriate role assignment, and internal governance around exported reports and downloaded data.

We retain personal data only for as long as needed for service delivery, support obligations, legal compliance, contractual commitments, and legitimate security interests. Retention duration varies by data category, customer configuration, and legal context, including accounting and audit requirements.

When retention is no longer required, we delete or anonymize data according to controlled procedures. Some records may remain in secured backups for limited periods before scheduled purge cycles, after which restoration pathways no longer expose that historical data in normal operations.

Depending on jurisdiction, eligible individuals may request access, correction, deletion, export, restriction, objection, or consent withdrawal where consent-based processing applies. In many workforce contexts, the employing organization remains the primary point for rights handling because it controls employment and operational records.

When we receive a rights request directly and the customer is the relevant controller, we route or coordinate that request with the organization unless prohibited by law. We respond within legally required timelines and may request additional information to verify identity and prevent unauthorized disclosure.

Operational notifications, security alerts, and account-related communications are considered part of service delivery and may be sent even when optional marketing preferences are disabled. These messages include items such as login alerts, policy updates, billing notices, incident advisories, and critical maintenance windows.

Optional marketing or educational communications are managed with preference controls where required. You can unsubscribe from optional outreach through provided mechanisms, while still receiving mandatory notices needed to maintain account security and contractual service continuity.

F-Løsning is intended for professional use by organizations and authorized workers, and it is not directed to children. We do not knowingly solicit personal data from minors for independent consumer use through this service.

If you believe data involving a child or ineligible minor has been submitted without proper authority, contact us promptly. We will review the report, restrict processing where necessary, and coordinate remediation with the responsible organization.

We may use automated systems for security detection, anomaly monitoring, system health scoring, and workflow efficiency recommendations. These mechanisms are primarily designed to support operations and reliability, not to make standalone legal or similarly significant decisions about individuals.

Where customer workflows rely on derived metrics or recommendation outputs, final operational decisions remain with human administrators and managers. Customers should review permissions and approval flows to ensure appropriate oversight for scheduling, payroll, or disciplinary decisions.

We maintain internal procedures for identifying, triaging, containing, and remediating security events. Incident workflows include evidence preservation, root-cause analysis, corrective action tracking, and post-incident hardening to reduce recurrence risk.

When legally required and when relevant to customer risk, we provide incident notifications with available facts, expected impact, and recommended mitigation steps. Communication timelines depend on incident scope, verification progress, and regulatory obligations in applicable jurisdictions.

We may update this Privacy Policy to reflect product evolution, infrastructure changes, legal developments, or audit findings. Material changes are communicated through in-product notices, account channels, or direct communication where required.

The effective date shown at the top indicates the most recent revision. Continued use of the service after updates means the revised policy applies, subject to any contractual rights or legal obligations that require additional consent or implementation steps.

Messaging features process text messages, attachments, links, and voice notes submitted by authorized users in an organization workspace. Message payloads are encrypted for storage in database envelopes and protected in transit using TLS-secured channels. In staging and production environments, a dedicated service master secret is required for secure key-wrapping operations and must be configured before encrypted messaging can be considered operationally safe.

Organizations can configure an owner-managed messaging encryption key that controls active encryption key versions and supports rotation without breaking historical decryption for authorized users. Direct voice and video calls rely on WebRTC signaling and network traversal services; media streams are intended to remain peer-to-peer where possible, while signaling and operational metadata may be processed for reliability, abuse prevention, and incident response obligations.

Only authorized organizational roles may manage messaging key lifecycle actions, and key-rotation events are recorded in audit logs using non-sensitive metadata to preserve accountability without exposing raw cryptographic material. Customers are responsible for establishing internal policies on who may create channels, upload files, and use call features, including employee notice requirements and lawful-use boundaries under Danish and broader EU labor and privacy rules.

Messaging retention and deletion practices should align with contractual terms, legal obligations, and documented customer policy. Organizations should define retention schedules for chat records and attachments, apply quota controls for storage growth, and communicate expected handling of support, export, and deletion requests to their users. Where a conflict exists between local policy and mandatory law, the stricter legal requirement applies.