How WAYSCloud processes personal data in connection with our services, websites, and platforms.
This Privacy Policy describes how WAYSCloud AS (“WAYSCloud”, “we”, “us”) processes personal data in connection with our services, websites, and platforms.
WAYSCloud is the brand name of WAYSCloud AS, a company established in Norway.
WAYSCloud AS
Universitetsgata 2, 0164 Oslo, Norway
Norwegian organisation number: NO 833 735 462 MVA
EUID: NOFOR.833735462
WAYSCloud AS operates under applicable European data protection laws, including the General Data Protection Regulation (GDPR).
Depending on the context, WAYSCloud acts either as a data controller or a data processor. When customers use our services to store or process data, the customer acts as the data controller, and WAYSCloud acts as a data processor on behalf of the customer.
For clarity, this Privacy Policy distinguishes between customer relationship data, which WAYSCloud processes as a controller in order to establish, manage, secure, and maintain the customer relationship, and customer service data, which WAYSCloud processes as a processor on behalf of customers when providing services.
WAYSCloud processes different categories of personal data depending on how our services are used.
When you create an account or use our services, we may collect personal data such as name, email address, telephone number, organization details, billing information, account identifiers, verification status, authentication information, support interactions, account preferences, and related customer information.
Telephone numbers may be used to verify users, protect services against spam and abuse, support account recovery, verify sensitive account actions, process account deletion requests, and facilitate data export requests.
Telephone numbers are not used for advertising, marketing profiling, or third-party marketing purposes.
This data is used to provide access to our services, manage customer relationships, maintain account security, handle support requests, process billing, prevent abuse, and comply with applicable legal obligations.
When customers use WAYSCloud services to store, process, or transmit data, WAYSCloud processes such data on behalf of the customer.
This may include data stored or processed through applications, databases, storage services, email services, virtual machines, infrastructure services, collaboration services, communication services, and other platform services.
In these cases, the customer acts as the data controller, and WAYSCloud acts as the data processor.
WAYSCloud does not use customer service data for its own purposes and processes it only in accordance with the customer’s instructions, applicable agreements, and applicable law.
To operate, secure, and maintain our services, WAYSCloud collects technical and operational data such as IP addresses, system logs, access logs, authentication events, service usage metrics, error data, performance data, and security-related events.
This data is used for security monitoring, troubleshooting, capacity planning, abuse prevention, fraud prevention, performance optimization, billing calculations, maintaining service reliability, and investigating security incidents.
WAYSCloud maintains audit logs relating to account activity, authentication events, administrative actions, security events, and service operations where necessary for security, compliance, abuse prevention, troubleshooting, and operational purposes.
Retention of such data varies depending on its purpose, but is limited to what is necessary for operational, contractual, legal, and security requirements.
When visiting our websites, WAYSCloud may collect limited usage data such as pages visited, browser type, device information, referring sources, and similar technical information.
This data is used for website analytics, performance monitoring, and improving user experience.
To improve our services we use self-hosted Matomo (metrics.wayscloud.net) on our sites, including meil.no and min.meil.no. We store no tracking cookies, anonymise IP addresses (the last two octets are dropped), honour the Do Not Track browser signal, and never log email content, contacts, files, or customer content for analytics purposes.
No third-party advertising or tracking platforms (such as Google Analytics) are used.
You can opt out of usage statistics in your account settings.
Additional information about cookies, session technologies, and website analytics can be found in our Cookie Policy.
WAYSCloud processes personal data for the following purposes:
Where users have explicitly opted in, WAYSCloud may also use contact information to send newsletters or product updates. Such communications are optional and can be disabled at any time through account settings or by using the unsubscribe option included in each message.
WAYSCloud does not sell personal data, use personal data for advertising purposes, perform behavioural advertising, or share personal data with third parties for profiling purposes.
WAYSCloud does not track users across services or websites for marketing purposes.
Where required under applicable law, processing is based on one or more of the following legal grounds:
WAYSCloud does not sell, rent, or share personal data with third parties for advertising or profiling purposes.
We may share limited personal data with trusted third-party providers where necessary to deliver our services. This includes payment processing providers, accounting services, and other providers necessary to operate our services.
Where users have explicitly opted in, WAYSCloud may also share limited contact information with external platforms for the purpose of collecting customer feedback or reviews. In such cases, data is shared only to facilitate the review request, and the external platform processes the data in accordance with its own privacy policy.
Users may choose whether or not to participate in such requests.
WAYSCloud operates its core infrastructure within the European Economic Area (EEA).
Customer relationship data is processed and stored exclusively within Norway. This includes account information, identity and authentication information, contact information, billing information, support interactions, verification information, and related customer records.
Customer relationship data is not transferred outside Norway as part of normal service operations. This includes associated backup and disaster recovery systems used to protect such information.
Customer service data may be processed and stored within the European Economic Area (EEA), depending on the services selected by the customer and the applicable service architecture.
Other platform services, including compute, storage, virtual machines, object storage, email services, collaboration services, and infrastructure services, may be operated from locations within the EEA.
Certain supporting services may involve globally distributed infrastructure for availability and performance purposes, such as DNS resolution. Such services are designed to route requests efficiently and do not involve persistent storage of customer relationship data outside the EEA.
WAYSCloud uses selected third-party providers to support specific functionality, such as payment processing and accounting services. These providers process data in accordance with applicable data protection laws and relevant safeguards.
For certain optional services, such as image or video generation, user-provided input prompts may be transmitted to external providers located outside the EEA. Such services are clearly identified and require explicit user consent prior to use.
Such transfers are limited to the input necessary to perform the requested function. Generated content is processed and stored within WAYSCloud-controlled infrastructure.
Text-based processing, including language model (LLM) functionality and core platform services, is performed within WAYSCloud-controlled infrastructure in the EEA.
Where personal data is transferred outside the EEA, WAYSCloud ensures that appropriate safeguards are in place in accordance with applicable data protection laws.
WAYSCloud retains personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, including legal, contractual, operational, and security requirements.
This includes:
Following termination of an account, customer relationship data may remain in a restricted soft-delete state for up to 30 days before permanent deletion, unless a longer retention period is required by law, contractual obligations, dispute resolution, fraud prevention, or legitimate security purposes.
Support and communication data may be retained for up to 24 months after account termination in order to maintain service history, handle disputes, investigate abuse, and ensure continuity.
Where appropriate, data may be deleted or anonymized when it is no longer required.
WAYSCloud implements appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.
These measures include:
WAYSCloud is designed to minimize unnecessary data exposure and maintain customer control over data.
WAYSCloud continuously reviews and improves its security practices.
Under applicable data protection laws, including the GDPR, users have the following rights:
Some information may also be accessed, updated, exported, or deleted directly through user account settings.
WAYSCloud provides account export functionality through Takeout and service-specific export mechanisms where available. Users may also request access to their personal data directly from WAYSCloud in accordance with applicable data protection laws.
Requests related to privacy and data protection can be submitted using the contact information provided in the Contact section below.
Users also have the right to lodge a complaint with a supervisory authority in their country of residence or place of work.
The supervisory authority for WAYSCloud AS in Norway is Datatilsynet.
If you reside in another EEA country, you may contact your national data protection authority. A current list of all EEA supervisory authorities is maintained by the European Data Protection Board:
WAYSCloud may update this Privacy Policy from time to time.
The latest version will always be available on our website.