Data Processing Addendum (DPA)

Last updated: 2026-04-24

Parties

This DPA is between the customer ("Controller") and Custom Projects AS ("Processor"), and applies when Custom Hours processes personal data on behalf of the Controller.

Service

Custom Hours is a time tracking, project tracking, employee hour registration, approval, absence tracking, and reporting service operated by Custom Projects AS. Organisation number: 934561112. Country: Norway.

Subject matter and duration

Custom Hours processes personal data to provide the Service. Processing continues for the duration of the customer's use of the Service, unless a longer retention period is required by law or agreed with the customer.

Nature and purpose of processing

Types of personal data

Categories of data subjects

Processor obligations

Subprocessors

Custom Projects AS may use subprocessors for hosting, database services, email, authentication, monitoring, and payment processing. Custom Projects AS remains responsible for subprocessors' performance of their obligations.

International transfers

The Service is intended for EU/EEA-oriented business use. If transfers outside the EU/EEA occur, appropriate safeguards will be used as required by law.

Security measures

Deletion and return of data

Upon termination, the Controller may request export and/or deletion of customer data within a reasonable time, unless retention is required by law.

Contact

For DPA requests, contact Custom Projects AS through the contact details provided during account setup or customer communication.