Download or print this agreement for signing

Print / Save PDF
Norsk | EspaƱol

Data Processing Agreement

between the Data Controller and Timeplaner AS

1. Parties to the Agreement

Data Controller

Organization: _______________________

Org. No: _______________________

Contact Person: _______________________

Email: _______________________

Data Processor

Organization: Timeplaner AS

Org. No: 936 380 387

Contact Person: Alexander Kvarven

Email: [email protected]

Data Protection Officer: Alexander Kvarven ([email protected])

2. Background and Purpose

This Data Processing Agreement governs the Data Processor's processing of personal data on behalf of the Data Controller in connection with the use of the service Timeplaner.no.

Timeplaner.no is a digital planning tool for teachers that enables:

Important: Timeplaner.no processes data about teachers (employees) and pseudonymized student identifiers. The teacher decides what is recorded about students (number, initials, or name). No national ID numbers, formal grades, or health information are processed.

3. Categories of Personal Data

3.1 Data Processed

Category Data Source
Identification Name, email address Feide / Google / Microsoft
Authentication Feide ID, Google ID, Microsoft ID Feide / Google / Microsoft
Organization Affiliation School/municipality, role at organization (teacher/staff/student) — role is used solely to reject student logins at registration, not stored in the service database Feide
User Content Weekly plans, yearly plans, notes Created by user
Technical Login time, language preference System generated
Student identifiers Nickname/number/initials, gender (optional), birthday (MM-DD, optional) Recorded by teacher
Student activity Homework status (submitted/not submitted/late), test and quiz results Recorded by teacher / system generated
Absence registration Date, lesson, absence status (present/sick/unauthorized) Recorded by teacher
Security logging IP address, user agent (retained 12 months) System generated
Activity logging Page visits, in-service actions (aggregated) System generated
AI lesson context Subject name, class name, topic, teacher's text (only when AI assistant is used) Teacher-activated
Cloud-stored content Documents created by the teacher (only when Drive/OneDrive is connected) Teacher-activated
About student data: The teacher is the data controller for student information and decides what is recorded in the identifier field (number, initials, or name). Timeplaner.no recommends using pseudonymized identifiers. Data is isolated per teacher — no cross-access between teachers.

3.2 Data NOT Processed

4. Data Subjects

This agreement applies to the processing of personal data about:

The number of data subjects will vary based on how many teachers choose to use the service and how many students they record.

5. Purpose and Legal Basis

The Data Processor processes personal data solely for the following purposes:

  1. Authentication: Verifying user identity via Feide, Google, or Microsoft
  2. Service Delivery: Providing the functionality described in section 2
  3. AI-assisted planning: Generating lesson content suggestions when the teacher actively uses the AI assistant
  4. Cloud storage: Storing the teacher's documents in Google Drive or Microsoft OneDrive when the teacher has activated the connection
  5. User Support: Helping users with technical problems
  6. Security: Protecting against unauthorized access and misuse

Legal basis is GDPR Article 6(1)(b) - performance of a contract with the data subject.

6. Data Processor Obligations

6.1 General Obligations

The Data Processor shall:

  1. Only process personal data in accordance with documented instructions from the Data Controller
  2. Ensure that persons with access to personal data have committed to confidentiality
  3. Take all measures required under GDPR Article 32 (security)
  4. Assist the Data Controller in fulfilling its obligations to data subjects
  5. Delete or return personal data at the end of the agreement
  6. Make available all information necessary to demonstrate compliance

6.2 Security Measures

The Data Processor has implemented the following security measures:

7. Sub-processors

The Data Processor uses the following sub-processors:

7.1 Always-active sub-processors

Sub-processor Service Location
Hetzner Online GmbH Web hosting and database Server in Finland (Nordic, EU/EEA)
Cloudflare, Inc. CDN and DDoS protection EU/USA*
SMTP2GO Email delivery (transactional emails, no pupil data) EU (Amsterdam, Netherlands)**
Sikt — Norwegian Agency for Shared Services in Education and Research Feide authentication (when Feide login is used) Norway
Google LLC Google OAuth 2.0 (when Google login is used) EU/USA*
Microsoft Corporation Microsoft OAuth 2.0 (when Microsoft login is used) EU/USA*

7.2 Optional sub-processors (teacher-activated)

The following sub-processors process personal data only when the individual teacher actively activates an optional feature:

Sub-processor Service / data Location Activated when
Google LLC Gemini AI — lesson context (subject name, class name, topic, teacher's text). Paid plan; data is not used to train Google's models. USA* Teacher uses the AI assistant
Google LLC Google Drive — document storage (teacher's own documents) USA* Teacher connects Google Drive
Microsoft Corporation Microsoft Graph / OneDrive — document storage (teacher's own documents) USA* Teacher connects OneDrive

* Transfers to the USA are secured under the EU-US Data Privacy Framework and Standard Contractual Clauses (SCC).
** Timeplaner's SMTP2GO account is hosted in SMTP2GO's European data center in Amsterdam. All email is sent, stored, and processed on servers within the EU/EEA. SMTP2GO is ISO 27001 certified and GDPR compliant; the European data center is additionally SOC 2 Type II and ISAE 3402 certified. SMTP2GO Pty Ltd is incorporated in New Zealand, and Standard Contractual Clauses (SCC) apply to the corporate parent relationship.

The Data Processor will inform the Data Controller of any planned changes to sub-processors at least 30 days before the change takes effect.

7.3 Sharing features activated by the teacher

The service includes three optional sharing mechanisms that the teacher activates:

All sharing can be revoked by the teacher, and tokens are random and unguessable.

8. Transfer of Personal Data

Personal data is primarily stored on servers in the Nordic countries (server in Finland, EU/EEA).

Email is sent through SMTP2GO's European data center in Amsterdam, so transactional email content is stored and processed within the EU/EEA.

Data is transferred to the USA only when Google, Microsoft, or Cloudflare services are used (secured under the EU-US Data Privacy Framework and Standard Contractual Clauses).

Transfers outside the EU/EEA are secured through:

9. Data Subject Rights

The Data Processor shall assist the Data Controller in fulfilling data subject rights:

Inquiries about data subject rights can be directed to: [email protected]

10. Breach Handling

In the event of a personal data breach, the Data Processor shall:

  1. Notify the Data Controller without undue delay and within 24 hours at the latest
  2. Document all breaches, including circumstances, consequences, and measures taken
  3. Assist the Data Controller with notification to supervisory authorities and data subjects if necessary

Notification will be sent to the contact person specified in section 1, as well as to: [email protected]

11. Audit Rights

The Data Controller has the right to:

Audits shall be notified at least 14 days in advance and conducted in a way that does not disrupt normal operations.

12. Retention and Deletion

12.1 Retention Period

12.2 Upon Termination of Agreement

Upon termination of the agreement, the Data Processor shall:

  1. Give the Data Controller the opportunity to retrieve data (30 days)
  2. Delete all personal data, including backups (90 days)
  3. Confirm in writing that deletion has been completed

13. Duration of Agreement

This agreement enters into force upon signing and applies as long as the Data Controller has users using Timeplaner.no via Feide.

The agreement may be terminated by either party with 3 months written notice.

14. Liability

The Data Processor is liable for:

The Data Processor is exempted from liability if it is proven that the Data Processor is not responsible for the event that caused the damage.

15. Governing Law and Jurisdiction

This agreement is governed by Norwegian law. Any disputes shall be sought resolved through negotiations. If negotiations are unsuccessful, the dispute shall be decided by Norwegian courts with Bergen District Court as the legal venue.

16. Signatures

This agreement is executed in two copies, one for each party.

For the Data Controller:

Place and date: _______________________

Name: _______________________

Position: _______________________

For the Data Processor (Timeplaner AS):

Place and date: _______________________

Name: Alexander Kvarven

Position: CEO

Appendix A: Technical and Organizational Security

A.1 Technical Security Measures

A.2 Organizational Measures

A.3 Contact Information

Data Protection Officer (DPO): Alexander Kvarven — [email protected]
General inquiries: [email protected]
Breach and security incidents: [email protected]

Data Processing Agreement for Timeplaner.no

Version 2.3 - Updated May 2026

Timeplaner AS | Org. No: 936 380 387 | timeplaner.no