Privacy Policy

• Account information: email address, name, and organization details
• Business contact data: company names, contact persons, email addresses, phone numbers, and other business information you enter into the CRM
• Communications: correspondence with us, including support requests
• User preferences: settings and configurations within the Service

• Usage data: how you interact with the Service, features used, and actions taken
• Device information: browser type, operating system, and device identifiers
• Log data: IP addresses, access times, and pages viewed
• Analytics data: aggregated usage patterns and performance metrics

When you connect third-party services to Base 12, we may receive information from those services:

• Microsoft 365: calendar events, email metadata, and contact information when you authorize the integration
• Other integrations: data necessary to provide the connected functionality

• Providing and maintaining the Service
• Processing transactions and managing your account
• Delivering customer support
• Sending service-related communications

• Improving and developing the Service
• Analyzing usage patterns to enhance user experience
• Detecting and preventing fraud, abuse, or security incidents
• Enforcing our terms of service

• Sending marketing communications (where you have opted in)
• Using optional features that require explicit consent

• Complying with applicable laws and regulations
• Responding to legal requests and preventing harm

We work with third-party service providers who assist us in operating the Service. These providers are contractually obligated to protect your data and may only use it for the purposes we specify:

• Cloud hosting and infrastructure (data storage and processing)
• Analytics services (usage analysis and product improvement)
• Email delivery services (transactional emails)
• Authentication services (secure login)

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (court orders, subpoenas)
• Government requests that meet applicable legal standards
• Protection of our rights, privacy, safety, or property
• Emergency situations involving potential threats to safety

If Base 12 is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

Your data is primarily stored and processed in the European Economic Area (EEA). When we use service providers located outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication requirements
• Employee training on data protection
• Incident response procedures

In the event of a data breach that poses a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

You can request a copy of the personal data we hold about you and information about how we process it.

You can request correction of inaccurate or incomplete personal data.

You can request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for its original purpose.

You can request that we limit the processing of your personal data in certain circumstances.

You can request to receive your personal data in a structured, commonly used, and machine-readable format.

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.

You have the right not to be subject to decisions based solely on automated processing that significantly affect you.

We use essential cookies that are necessary for the Service to function properly. These cookies enable core functionality such as security, authentication, and session management.

We use PostHog for product analytics to understand how users interact with our Service. This helps us improve the user experience and develop new features. PostHog collects:

• Page views and navigation patterns
• Feature usage and interactions
• Performance metrics
• Error reports

Analytics data is processed in accordance with GDPR and is used solely for product improvement purposes.

You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of the Service.

If you are not satisfied with our response or believe we are processing your personal data in violation of applicable law, you have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet):