Privacy Policy
Last updated: March 6, 2026
This Privacy Policy explains how Samla ("we", "us", "our"), developed by Holmeide Labs, collects, uses, shares and protects your personal data when you use the Samla app and related services.
In short: We only collect what's needed for the app to work. We never sell your data. We never show ads. Children's data has extra protection. All data is stored in the EU.
1. Data Controller
Holmeide Labs
Ludvig Karstens vei 12
1064 Oslo, Norway
Email: support@familiensamla.no
2. What data do we collect?
2.1 Account data
When you create an account, we collect:
- Email address β for login and account-related communication
- Name β for display in the app
- Apple ID token β if you choose Apple Sign In (we never receive your Apple password)
2.2 Profile data
Information you enter in the app:
- Person profiles β name, emoji, color code and birth year for family members
- Home data β home name, emoji, QR invitation
- Roles and membership β who belongs to which home, with what role
2.3 Module data
Content you and your family members create: calendar entries, tasks, shopping lists, chat messages, meal plans, routines, wishlists, budget data, packing lists, storage overview, countdowns, and data related to cabins, vehicles and pets.
2.4 Children's data
Samla processes data about children in the family:
- Child profiles β name, emoji, color code, birth year and role
- Visibility settings β parents configure what each child sees in each module per home
5. Transfer to third countries
The main database is located in the EU (Supabase, Frankfurt). Some processors are located in the USA. Transfers are based on EU Standard Contractual Clauses (SCC) and data processing agreements. We only transfer data strictly necessary for the specific service to function.
6. Your rights
Under the GDPR, you have the right to: access, rectification, erasure ("right to be forgotten"), data portability, restriction of processing, objection, and withdrawal of consent at any time.
To exercise your rights, contact us at support@familiensamla.no. You can also delete your account directly in the app under Settings β Delete account. We respond within 30 days.
You also have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet): datatilsynet.no.
7. Children and privacy
Samla takes children's privacy very seriously. Children under 13 have profiles under a parent account without their own login credentials. Parents give consent for processing of children's data. In two-home families, each parent manages their own home independently. The child has a separate profile in each home. Parents can configure exactly which modules the child sees in each home.
8. The two-home model and data sharing
Samla supports families where children belong to two homes. Home data (calendar, shopping list, tasks, etc.) is private per home. Each home has its own private data.
10. Cookies and tracking
The Samla app does not use cookies or tracking tools. We have no third-party analytics, no ad tracking, and no social media data sharing. The website familiensamla.no does not use cookies.
11. Security
All data transfer uses HTTPS/TLS. The database is protected with Row Level Security (RLS). Authentication uses Supabase Auth with bcrypt-hashed passwords and JWT tokens. API keys are stored as server-side secrets.
12. Data breach
In the event of a data breach, we will notify the Norwegian Data Protection Authority within 72 hours if the breach poses a risk to your rights, and notify you directly if the risk is high.
13. Storage and deletion
Data is stored while your account is active. Upon account deletion, all personal data is deleted within 30 days. After subscription cancellation, data is retained for 90 days.
14. Automated decisions
Samla does not use automated decisions with legal effects.
15. Changes
We may update this policy as needed. For significant changes, we will notify you via push notification or email.
16. Contact
Holmeide Labs
Email: support@familiensamla.no
Address: Ludvig Karstens vei 12, 1064 Oslo, Norway