1. Introduction
GoRabbit is a platform for scheduling, generating and publishing marketing content. This privacy policy explains how we process personal data in accordance with GDPR.
2. Roles and responsibilities
As a general rule, the customer is the data controller for data processed in GoRabbit. GoRabbit acts as data processor and processes data only in accordance with the customer's instructions.
When GoRabbit processes personal data for its own administrative purposes (e.g. invoicing), GoRabbit is the data controller.
3. What data we process
GoRabbit processes only data necessary to deliver the service. This includes:
- User data: name, email address and account settings
- Campaign data: text, images, ideas, tone of voice and publishing settings
- Technical logs: error codes, events, timestamps and system status
- Communication data: enquiries via email or form
GoRabbit does not process sensitive personal data or information that is not necessary for the service.
4. AI processing
GoRabbit uses AI models to generate text, suggestions and graphics based on campaign data the user enters. This means campaign data may be sent to third-party AI providers (e.g. OpenAI) for processing.
AI systems do not make autonomous decisions about individuals and are not used for profiling.
5. Access to social media
GoRabbit only gets access to accounts the user connects themselves via tokens or API keys. The platform does not read private data and publishes only content the user has approved.
6. Sub-processors
Data may be processed by sub-processors necessary for the service, including cloud providers, database providers and AI providers. All sub-processors are governed by a data processing agreement (DPA) where this is required.
7. Storage and retention
Data is stored for as long as the account is active. On termination, data is deleted or anonymised within reasonable time.
- campaign data is kept for as long as the service requires it
- system logs may be stored for a limited period for troubleshooting and security
- billing data is stored in accordance with the Accounting Act
8. Security
GoRabbit follows established security principles inspired by frameworks such as ISO 27001 and CIS Controls. We use encrypted transfer, access management and continuous monitoring of operationally critical components.
9. Cookies
GoRabbit uses necessary cookies to operate the website. If analytical cookies are used, they are used only in anonymised form to improve the service.
10. Your rights
As a data subject you have the right to:
- access to your own data
- rectification of errors
- deletion of data
- restriction of processing
- data portability
Privacy enquiries are directed to: support@gorabbit.no
11. Changes to the privacy policy
This policy may be updated as needed. The latest version is published on this page.