This Privacy Policy explains how Osoft NUF (“we”, “us”, “our”) processes your personal data when you use SantaClues (Beta) — our real-time sales-coaching platform.
We are committed to handling your data transparently, securely, and in compliance with the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679).
This Privacy Policy describes what personal data we collect, why we collect it, how we use it, and what rights you have under the GDPR.
It applies to users in the European Union (EU) and European Economic Area (EEA) who access the SantaClues (Beta) service operated by Osoft NUF.
It does not apply to external websites or services we link to.
SantaClues is currently in beta testing, meaning our data-processing activities may evolve as the service matures. We will notify you of any significant updates before they take effect.
Definitions such as “personal data”, “processing”, “controller”, and “processor” follow Article 4 of the GDPR.
Controller: Osoft NUF
Organisation number: 995048477
Registered address: c/o Hydra Regnskap AS, Idrettsvegen 103E, 5353 Straume
Email: hello@santaclues.ai
Osoft NUF is responsible for the processing of your personal data.
We have not appointed a formal Data Protection Officer, but all privacy inquiries are handled according to Articles 37–39 GDPR.
If you choose to sign in using Google or Meta (Facebook), we receive limited profile information from the provider, including:
This information is used solely to create, authenticate, and manage your SantaClues account.
We do not receive additional information from Google or Meta beyond what is necessary for authentication.
We use limited data from providers that help us deliver SantaClues, including Webflow Inc. (website hosting) and Google LLC (fonts, analytics, OAuth).
Each provider acts as our data processor and processes data only under our instructions.
We process personal data only when we have a valid legal basis under Article 6 GDPR.
We use your data to provide and operate the SantaClues (Beta) platform. This includes creating and authenticating user accounts — including accounts created via third-party sign-in providers such as Google and Meta. This processing is necessary for the performance of our contract with you.
We also use data to maintain security, debug issues, and improve the platform. These uses are based on our legitimate interest in developing and maintaining a reliable service.
Where required by law, such as for analytics or marketing communications, we rely on your consent.
We may process certain information to comply with legal obligations, such as responding to lawful requests by authorities.
We do not use your personal data for automated decision-making that produces legal or similarly significant effects (Article 22 GDPR).
We use your personal data to operate the service, ensure security, deliver insights, and improve performance.
We may share personal data only with trusted service providers who process data on our behalf under strict contractual safeguards.
We may also share data when required by law or a valid legal request from authorities.
We never sell your personal data to third parties.
Our key service providers include Google LLC (for fonts, analytics, OAuth), Webflow Inc. (for website hosting), and OpenAI L.L.C. (for AI analysis).
Some of these providers are located outside the EEA, primarily in the United States.
When transferring personal data internationally, we use the European Commission’s Standard Contractual Clauses (SCCs) or rely on an adequacy decision where available, in accordance with Articles 44–49 GDPR.
Copies of these safeguards can be requested at hello@santaclues.ai
We keep personal data only for as long as necessary to fulfil the purposes described in this policy.
After the retention period, data is securely deleted or anonymised.
We apply appropriate technical and organisational measures to protect personal data as required by Article 32 GDPR.
These include encryption in transit (TLS), access controls, secure storage, and regular security monitoring.
Although no online service is entirely risk-free, we continuously review and strengthen our safeguards to prevent unauthorised access, loss, or misuse.
As an EU/EEA user, you have the right to:
You can exercise your rights by contacting hello@santaclues.ai
We respond to all valid requests within one month, as required by Article 12 GDPR.
If you believe your rights have been violated, you can file a complaint with your national Data Protection Authority or with Datatilsynet in Norway.
Where personal data is transferred outside the EEA, we use appropriate safeguards such as Standard Contractual Clauses or rely on adequacy decisions recognised by the European Commission.
We regularly review these safeguards to ensure ongoing compliance.
SantaClues uses cookies and similar technologies to ensure the site functions properly and to measure usage patterns.
You can manage or delete cookies through your browser settings at any time.
If you sign in through Google or Meta, you may revoke our access to your account information at any time through your provider’s security settings.
Revoking access may prevent you from signing in to your SantaClues account until another login method is created.
We may update this Privacy Policy from time to time to reflect new features or legal requirements.
When we make material changes, we will post a notice on our website or email registered users before the new version takes effect.
The “last updated” date at the top shows when this version became active.
Osoft NUF
Email: hello@santaclues.ai
Address: c/o Hydra Regnskap AS, Idrettsvegen 103E, 5353 Straume
If you have any questions or concerns about this Privacy Policy or your personal data, please contact us using the email above.