Privacy Policy

Last updated: 1 June 2026

This privacy policy describes how Timelista collects, uses and protects personal data when you use our services. We process personal data in accordance with the General Data Protection Regulation (GDPR) and Norwegian privacy legislation.

1. Data controller

The data controller for the personal data is ALEKSANDER MARIANSKI (the Timelista / Timelista.no service), company registration number 926 341 979, Hanaveien 12A, 4327 SANDNES, Norway. Email: kontakt@timelista.no.

2. What personal data we process

We process the following categories of personal data:

  • Account data: name, email address, phone number and company affiliation.
  • Working time data: registered hours, breaks, absences, holidays and related notes.
  • Personalliste data: name, national ID or D-number, and check-in/check-out times, where this is required by law.
  • Technical data: IP address, browser type, device information and usage statistics.

3. Purpose and legal basis

We process personal data in order to:

  • provide and operate the service (legal basis: contract).
  • fulfil statutory requirements, such as keeping a personalliste under bokføringsforskriften and arbeidsmiljøloven (legal basis: legal obligation).
  • improve and secure the service (legal basis: legitimate interest).
  • send important information about the service (legal basis: contract/legitimate interest).

4. Storage and deletion

Personal data is stored for as long as necessary for the purposes described above, or for as long as we are required to retain it by law. Working time and personalliste data is retained in accordance with statutory retention obligations (up to five years). When the data is no longer needed, it is deleted or anonymised.

5. Data processors and third parties

We use sub-processors for, among other things, operations, storage (cloud services) and analytics. All processors are subject to data processing agreements that ensure personal data is handled in accordance with this policy and applicable law. We do not sell personal data to third parties.

6. Your rights

You have the right to:

  • request access to the personal data we process about you.
  • request rectification of inaccurate data.
  • request erasure of data ("the right to be forgotten").
  • request restriction of processing.
  • object to processing and request data portability.
  • lodge a complaint with the Norwegian Data Protection Authority if you believe the processing breaches the regulations.

To exercise your rights, contact us at kontakt@timelista.no.

7. Cookies

We use cookies and similar technology to remember settings (such as language and theme), keep you signed in and understand how the service is used. You can manage cookies in your browser.

8. Security

We have implemented technical and organisational measures to protect personal data against unauthorised access, alteration and loss, including encryption, access control and logging of changes.

9. Changes to this privacy policy

We may update this privacy policy when necessary. Material changes will be communicated via the service or by email. The current version is always available on this page.

10. Contact

If you have questions about how we process personal data, contact us at kontakt@timelista.no.