FFoundit

Privacy Policy

Last updated: 13.12.2025

Norsk

Foundit provides QR codes and labels that make it easier to recover lost items. When a QR code is scanned, a person can send a message about the item. This policy explains how we handle such information, as well as what data we collect when you purchase and use Foundit.

1. Personal data we collect

When someone finds an item and sends a message ("ping")

The finder may voluntarily share:

  • Message text written by the finder
  • Location where the item was found (if the finder chooses to share their location)
  • Photo of the item, if the finder chooses to upload a photo
  • Name and/or phone number, so the owner can contact the finder if necessary

All information submitted by the finder is voluntary.

When you, as an owner, purchase or use Foundit

We collect:

  • Name and address (to produce and ship labels)
  • Email address (for order confirmations, status updates, and future notifications about active/ inactive codes)
  • Phone number (if provided, used for SMS notifications when a ping is received)
  • Order history
  • Which QR codes you have activated
  • Number of pings each QR code has received (anonymous usage statistics)

We do not store payment card information; payments are handled by Stripe.

2. How we use the data

We use the data to:

  • provide the service (deliver messages from finder to owner)
  • notify you when someone has found an item (via email and/or SMS, depending on your chosen settings)
  • produce and ship labels
  • give you an overview of your QR codes and messages
  • secure and technically improve the service
  • send marketing communications, only if you have explicitly consented

We do not use data for:

  • third-party advertising
  • selling personal data
  • profiling without consent

3. Storage and deletion

All pings (found-item messages) are stored for 90 days. After that, the content is permanently deleted:

  • message content
  • location
  • photo
  • contact details
  • technical metadata

What remains is anonymous statistics (number of pings and last ping date per code). This cannot be linked to any individual.

Purchase-related information (name, address, email, phone number) is stored as long as necessary to provide the service and to comply with accounting and legal obligations.

4. Who we share data with

We do not share personal data with parties that use it for their own purposes.

The following providers process data on our behalf:

  • Stripe – payments
  • Cloudinary – storage of images that finders may upload
  • Email provider (SMTP) – used to send necessary service-related messages such as order confirmations, ping notifications, and other communications you have requested or consented to
  • SMS provider – used to deliver SMS notifications if you have chosen to receive them

5. Security

We protect data through measures including:

  • encrypted communication (HTTPS)
  • access control
  • automatic deletion of pings after 90 days
  • deletion of uploaded photos under the same rule
  • security logging and abuse prevention

6. Your rights

You have the right to:

  • request access to your personal data
  • request correction
  • request deletion (as far as it does not conflict with legal obligations)
  • withdraw consent
  • opt out of marketing communications
  • lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet)

If you are located outside Norway or the EEA, we will still process your personal data in accordance with GDPR principles.

These rights apply to your personal data. Anonymous statistics and internal system data are not considered personal data.

7. Contact us

If you have questions about privacy, access, or deletion, you can contact us:

  • Email: hei@foundit.no
  • Company: Foundit
  • Org. no.:
Norsk versjon