We, Kantega SSO AS, business registration no. 921 336 195, Bassengbakken 4, 7042 Trondheim, Norway (“Kantega”), strive for full transparency of the way we process personal data when you use our products and services.
2. What kind of data do we collect and why?
2.1 When you visit our website
When you visit our website, we collect the following information from your device:
date and time of the access,
name and URL of the accessed file,
browser type and version, and
further information sent by the browser (such as your computer’s operating system, the name of your access provider, geographical origin, etc.).
We only process these data to ensure trouble-free connection to the website, comfortable use of our website, for evaluating system security and stability, and for administrative purposes, unless otherwise stated in section 2.6 (cookies) and 3.4 (YouTube). The processing is necessary for the performance of a contract with you (General Data Protection Regulation (GDPR) art. (1) b).
Please note that we are not responsible nor can control how third parties’ websites that we link to from our website process personal data.
2.2 Evaluation and use of our apps
When you install our apps, we process:
company name, and
name of the purchaser.
The processing is necessary for the performance of a contract to which the legal entity that you represent is a party.
The legal basis for the processing is the performance of our contract with you (GDPR art. 6 (1) b).
2.3 When you use our Single Sign-On app
When you use our Single Sign-on app, we do not collect personal data as the app is hosted by the Customer.
2.4 When you use our Figma Connect app
When you use our Figma Connect app, we integrate and process your Figma content and sketches. In order to do so we also process the following personal data:
user ID in Confluence and Figma,
user details that you have registered in Atlassian like email address, position, telephone number, etc.,
name of the person who made or amended the content, and
name, comment information, and metadata related to the Figma content
We process the personal data to authorize the user and make the Figma content and comments available in Confluence. The legal basis for this processing is the performance of our contract with you (GDPR art. 6 (1) b).
We offer support through three different channels based on your choice:
in order to answer your question or respond to your request, comment, or complaint. The processing is necessary for the performance of a contract with you (GDPR art. (1) b).
A “cookie” is a piece of data sent from a website that is visited and stored locally on your browser. The purpose of cookies is to maintain data related to user preferences, account settings, and evaluate and compile statistics about user activity. Please find our list of cookies we use on our website and other services here.
You can choose whether to accept cookies by editing your browser settings. However, if cookies are refused, some features on our website may not work as intended. Information about the procedure to follow in order to enable or disable cookies can be found at:
We use third-party services for analytics, marketing, and hosting.
3.1.1 Facebook and LinkedIn
We have an account on Facebook and LinkedIn to present our products and Kantega.
Kantega will be the controller of the personal data we process for our own purposes of advertising and communication through Facebook and LinkedIn. However, the social platforms will be the controller of the personal data they process for their own purposes.
Please read more about what information Facebook and LinkedIn process in their privacy policies.
We use Twitter to present our products and Kantega. The only personal data we can see is your interactions with our tweets.
Kantega will be the controller of the personal data we process for our own purposes of advertisement and communication through Twitter. However, Twitter will be the controller of the personal data it processes for its own purposes.
We use YouTube (Google app) to show videos on our website for providing our users with instructions, advertising, and analytical purposes.
We can see the usernames of our followers and anyone who comments on our videos. Any comments will automatically be deleted after 60 days. YouTube does not share personal data with us but provides us with analytics of the users who watches our videos.
Kantega will be the controller of the personal data we process for our own purposes of advertisement and communication through Marketing emails in SendInBlue. SendInBlue stores its data in europe in accordance with GDPR and guarantees that it ensures the protection of the data subject’s rights.
We use Amazon Web Services (AWS) for hosting the app and storing necessary data about integrations and clients. The data is stored in a European region behind standard security measures provided by the platform.
Relevant personal data may also be provided to third parties such as lawyers, advisers, buyers, and prospects in connection with a business transaction, including a prospective or completed merger, acquisition, or stock sale (including transfers made as part of insolvency or bankruptcy proceedings). Non-disclosure agreements will securely protect any change of corporate control or disclosure for the purpose of determining whether to proceed or continue with such a transaction or business relationship.
4. Safety measures
The protection of your personal data is a high priority for us. Our security measures include physical, technical, and administrative measures. Everyone at Kantega who handles personal data has received training and guidance on how to handle personal data safely. We adopt industry-standard software and guidelines to protect your personal data and other confidential information. Our organization follows industry best practices for ensuring the confidentiality, integrity, and availability of your data.
5. Your rights as a data subject
Subject to applicable law, you may have certain rights with respect to our processing of your personal data.
We will provide you with the right to have access to a copy of, rectify, correct, and update the personal data that we have about you in accordance with GDPR chapter 3. You may also have the right to restrict processing or have your data deleted. If our processing is based on your consent, you may also withdraw any consents you have given at any time. Please contact us at firstname.lastname@example.org.
Please let us know if you consider that our processing of your personal data infringes applicable law.
If you believe that we process your data in violation of your rights, you have the right to complain to the Norwegian Data Inspectorate (“Datatilsynet”). You should always contact us before sending a complaint to Datatilsynet so that we can try to resolve or clarify the issue.
6. For how long do we store personal data
We will retain and use personal information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. Upon effective termination of our apps, we will delete any personal data related to your account within three months.