How Just Technologies AS handles personal data, on this website and in the product. Written to be read, not skimmed past.
Last updated: 8 July 2026
Just Technologies AS is the controller for personal data processed through gojust.com and in connection with sales and marketing.
Just Technologies AS · Oksenøyveien 8, 1366 Lysaker · Org. nr. 918 907 661
Data protection contact: privacy@gojust.com, handled by our data protection lead.
This policy covers the gojust.com website and the inquiries you send us through it. Trade data and other customer data processed in the Just service are governed by each customer's subscription agreement and data processing agreement; section 06 summarizes the rules that always apply to that data.
Cookies and analytics on this site: Google Analytics 4 and Mixpanel, both used to understand aggregate visitor behavior (pages viewed, referral source, device type) and to measure whether the "book a walkthrough" flow works. Neither is used for ad targeting or resold to a third party. You can decline both from the cookie banner shown on your first visit.
We do not use website data for automated decision-making, and we do not sell it.
Inquiry data is kept while the dialogue is live and deleted when it is no longer needed for the purpose it was collected for. Where law requires longer retention, the legal period applies.
Specific retention periods: inquiry and CRM data, up to 24 months from last contact or until you ask us to delete it sooner; technical/security logs, 13 months; analytics data, 14 months.
Customers send Just trade data so the benchmark can score it. The rules on that data do not vary by customer size or plan:
Processing terms are set in each customer's data processing agreement. Just is SOC 2 audited; reports, subprocessors and security documentation are published at trust.gojust.com.
We use a small number of service providers (hosting, email, CRM) that process data on our instructions under data processing agreements. We do not share personal data with third parties for their own use.
Current subprocessor list: see trust.gojust.com.
Data is processed primarily within the EEA. Where a provider processes data outside the EEA, transfers rest on the EU Standard Contractual Clauses or an adequacy decision.
Transfer details per provider: listed alongside the subprocessor list at trust.gojust.com, each on either the EU-US Data Privacy Framework or the EU Standard Contractual Clauses.
If a personal data breach occurs, we notify the Norwegian Data Protection Authority (Datatilsynet) without undue delay and, where feasible, within 72 hours of becoming aware of it, as required under GDPR art. 33. Where a breach is likely to result in a high risk to your rights and freedoms, we notify you directly without undue delay, as required under GDPR art. 34.
You can ask for access to the personal data we hold about you, have it corrected or deleted, restrict or object to processing, and receive a copy in portable form. Consent, where given, can be withdrawn at any time.
Requests go to privacy@gojust.com. We respond within 30 days, as required under GDPR art. 12(3); for complex requests, this can be extended by a further two months, and we will tell you if that applies. If you are not satisfied with our answer, you can complain to the Norwegian Data Protection Authority, Datatilsynet (datatilsynet.no).
When this policy changes, the new version is published here with an updated date. Material changes affecting customers are notified directly.