Privacy Policy

Privacy Policy

Last updated: 2025

This Privacy Policy explains how NorwayStories ENK (“we”, “our”, “us”) collects, uses, protects, and processes personal data when you access our website https://norwaystories.org and related domains including norwaystories.com, norway.in, nuowei.com, and other connected platforms and services.

We are committed to handling your data responsibly, transparently, and in full compliance with the General Data Protection Regulation (GDPR) and applicable Norwegian and EU laws.

What Personal Data We Collect

We collect the minimum data necessary to provide our services effectively:

2.1 Information you provide voluntarily

Name and surname
Email address
Billing address
Payment information (processed securely by third-party providers)
Account login details (if you create a user account)
Submitted content (comments, messages, support requests)
We never store full payment card numbers on our servers.

2.2 Data collected automatically

When you visit our website, we automatically collect:
IP address
Browser type and device information
Pages visited and interaction data
Time and duration of visit
Referring website or link
Cookies and tracking technologies
This helps us improve the user experience and protect the security of our platform.

2.3 Payment Data

Payment processing is handled entirely by:
Stripe
Airwallex
Razorpay
These services collect payment details securely on their own encrypted servers. NorwayStories ENK never receives or stores your credit card number.

Why We Collect Your Data

We use your data for:

Service Delivery

Providing access to free and premium content
Processing payments and subscriptions
Managing your user account

Communication

Sending receipts, confirmations, and service updates
Responding to support requests

Platform Improvements

Analytics (e.g., Google Analytics, Matomo)
Content performance analysis
Security, fraud detection, and prevention

Legal Compliance

Tax requirements
Digital transaction documentation
GDPR obligations

Cookies & Tracking Technologies

We use cookies to:

Enable login and user authentication
Improve website performance
Provide secure payment flows
Personalize content for your region
Analyse traffic patterns

By using our website, you consent to our use of cookies in accordance with this policy. You may disable cookies in your browser settings, but this may affect certain features.

(Full cookie list is provided in our separate Cookies Policy.)

How We Store and Protect Your Data

We use secure, GDPR-compliant hosting and services:

Kinsta (EU servers)
Cloudflare security layer
Encrypted backups
Strict access controls
Security monitoring tools (e.g., Wordfence)

Data retention is limited to what is necessary for service delivery and legal obligations.

How Long We Keep Your Data

We retain different types of data for different periods, depending on legal requirements and operational needs:

User account data: Kept until you delete your account.
Subscription and payment history: Kept for 5–10 years (required by accounting and tax laws).
Support messages: Stored for 24 months to improve service and follow up on issues.
Analytics data: Kept for 14–38 months, depending on the analytics provider settings.
Cookies: Stored from 1 day to 1 year, depending on cookie type and purpose.

Who We Share Data With

We only share data with trusted third-party processors necessary to run the service:

Payment Processing

Stripe
Razorpay
Airwallex

Analytics & Performance

Google Analytics
Kinsta server logs
Cloudflare CDN

Email Delivery

MailerLite / SendGrid (if used in future)

Legal Authorities
Only when required by law.

We never sell or rent personal information to third parties.

International Data Transfers

Our servers are located in the European Union (Helsinki data center).
Some partners may process data outside the EU (e.g., Stripe).
In such cases, GDPR-approved mechanisms (SCCs) are always used.

Your Rights Under GDPR

You have the right to:

Access your personal data
Correct inaccurate information
Request deletion (“right to be forgotten”)
Restrict processing
Object to processing
Export your data
Withdraw consent at any time

To exercise your rights, contact us at: kontakt@norwaystories.org

Children’s Privacy

Our services are not directed at individuals under 16 years of age.
We do not knowingly collect children’s data.

Changes to This Policy

We may update this Privacy Policy to reflect:

legal changes
new features
improvements to our platform

Updates will be posted on this page with a revised date.

Contact Information

If you have questions, requests, or concerns, you can contact us at:

kontakt@norwaystories.org

NorwayStories ENK, Ålesund, Norway