Privacy Policy

Sidekicks
Effective date: 29.12.2025

1. Introduction

This Privacy Policy explains how Sidekicks (“the App”) collects, uses, stores, and protects personal data.

The App is owned and operated by:
Superhero Invest
Organization number: 917 333 300
Email: contact@asoldi.com

Sidekicks is intended for use only in Norway and complies with applicable Norwegian and EU data protection laws, including the General Data Protection Regulation (GDPR).

By using the App, you agree to the practices described in this Privacy Policy.

2. Personal Data We Collect

We may collect and store the following personal data:

Information you provide directly:

  • Email address

  • Phone number

  • Name

  • Optional profile image

  • Information about existing memberships with third-party providers that make you eligible for discounts in the App

Account-related data:

  • Login and account identifiers

  • Password reset requests (passwords themselves are never stored or visible to us)

Phone number data (clarification):

  • What we collect: your mobile phone number (and whether it has been verified, where applicable).

  • What we do not collect from your phone number: we do not collect contacts, call logs, SMS history, location data, or any device data from your phone number.

3. How We Use Your Data

Your personal data is used for the following purposes:

  • Creating and managing your Sidekicks account

  • Enabling access to coupons and discounts

  • Verifying discount eligibility based on external memberships

  • Account verification and security (including future two-factor authentication)

  • Sending password reset and essential service emails

  • Sending marketing communications (only where consent is given)

  • Improving app functionality and user experience

4. Email Services (Brevo)

We use Brevo as a third-party service provider to manage:

  • Email communications

  • Marketing emails (where consent is given)

  • Password reset emails

Brevo processes email-related data on our behalf and in accordance with applicable data protection laws. Brevo’s privacy practices can be reviewed at their privacy policy page.

We do not store or have access to your password at any time.

5. Phone Number Usage

Your phone number is a required functional component of the App and is collected solely for core app functionality and security. We do not collect phone numbers for marketing, tracking, or advertising purposes.

Your phone number is collected for:

  • Secure delivery of digital vouchers and redemption codes via SMS (transactional communications)

  • Preventing duplicate redemption and fraud (e.g., stopping multiple anonymous accounts repeatedly redeeming promotional vouchers)

  • Verifying ownership of the account (authentication and account integrity)

  • Allowing merchants to validate vouchers at the time of redemption (ensuring the voucher is associated with the correct user/account)

  • Account recovery

  • Potential future features (you will be notified and can opt-in before any new use)

Why it is necessary:
Without a verified phone number, users could create multiple anonymous accounts and repeatedly redeem promotional vouchers. This would break the core functionality of the service and expose merchants to fraudulent use.

Not used for advertising / tracking:
We do not use your phone number for:

  • Advertising or ad targeting

  • Tracking across apps or websites

  • Selling or renting personal data

  • Sharing with third parties for their marketing purposes

  • Unsolicited marketing SMS or calls

Marketing consent rule (existing practice, clarified):
We do not use your phone number for marketing calls or SMS without your explicit consent.

Where the phone number is stored:
Your phone number is stored securely in our account systems on our servers (or hosting providers acting on our behalf) and protected by technical and organizational security measures (see Section 11). Access is limited to authorized personnel and systems that require it to provide the App’s voucher and account services.

Service providers (SMS delivery if used):
If we use a third-party provider to deliver SMS messages (such as voucher codes or verification messages), that provider will only process your phone number to deliver those messages on our behalf and under contractual obligations to protect your data and comply with applicable data protection laws (see Section 12).

6. Profile Images

Providing a profile image is optional. If uploaded, the image is used only to personalize your account and is not shared publicly or with third parties beyond what is required to operate the App.

7. QR Code Functionality

The App includes QR code functionality for discount verification:

  • You can display a personal QR code in the App for discount redemption

  • Authorized Sidekicks employees at participating locations can scan your QR code using their devices

  • The App does not access your device camera for recording, monitoring, or any other purpose beyond displaying your QR code

  • QR code scans are used solely to verify discount eligibility at participating businesses

8. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

  • Your consent

  • Performance of a contract (providing the App’s services)

  • Compliance with legal obligations

  • Legitimate business interests (such as fraud prevention, security, improving app features, and providing customer support), where applicable and lawful

9. Data Retention

We retain personal data only for as long as necessary to:

  • Provide the App’s services

  • Comply with legal obligations

  • Resolve disputes or enforce agreements

Account data is retained for the duration of your active account. After you delete your account, data is retained for 30 additional days to process any final transactions or fulfill legal obligations, after which it is securely deleted or anonymized.

Phone number retention (clarification):
Your phone number is retained for as long as your account is active because it is required for voucher delivery, account integrity, fraud prevention, and merchant validation. After account deletion, the phone number follows the same retention schedule described above (typically up to 30 days), unless a longer retention period is required by law (e.g., accounting, dispute resolution, fraud investigation).

10. Account Deletion and Your Rights

Under GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion of your account and associated data

  • Withdraw consent for marketing communications

  • Object to processing based on legitimate interests

  • Data portability (receive your data in a structured format)

To exercise these rights or request account deletion, contact:
📧 contact@asoldi.com

Requests will be processed within 30 days in accordance with GDPR requirements.

11. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption of data in transit using SSL/TLS protocols

  • Encrypted storage of data at rest

  • Access controls and authentication requirements

  • Regular security assessments

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

12. Data Sharing

We do not sell your personal data.

Your data may only be shared with:

  • Trusted service providers (such as Brevo and any SMS delivery provider used for transactional voucher/verification messages) who are contractually required to protect your data and use it only for providing services to us

  • Law enforcement or regulatory authorities, only when legally required by court order or applicable law

All service providers are required to comply with GDPR and applicable data protection regulations.

13. Children’s Privacy

Sidekicks is not intended for children under the age of 13. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 13, we will delete it promptly.

14. International Data Transfers

Your data is processed and stored within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated policy will be posted in the App with a new effective date. Continued use of the App after changes are posted constitutes acceptance of the updated policy.

16. Contact Information

If you have questions or concerns about this Privacy Policy or how your data is handled, contact us at:

📧 contact@asoldi.com

Data Protection Officer (if applicable):
Superhero Invest
917 333 300

End of Privacy Policy

Scroll to Top