Personvernerklæring

Nordlys Livsstilstudio AS

Privacy Policy

1. Introduction and Company Information

This privacy policy explains how Nordlys Livsstilstudio AS collects, uses, stores, shares, and protects personal data in connection with our services, website, customer communications, and other business activities.

Data controller: Nordlys Livsstilstudio AS
Address: Storgata 12, 0155 Oslo, Norway
Email: [email protected]
Phone: +47 22 45 78 19

Nordlys Livsstilstudio AS is a lifestyle business offering services and/or products related to lifestyle, wellbeing, inspiration, and customer engagement. We process personal data in accordance with applicable privacy legislation, including the General Data Protection Regulation (GDPR) and relevant Norwegian data protection rules.

2. Data Collection and Processing

We may collect and process the following categories of personal data:

  • Identification data: name, contact details, and any information you provide when contacting us.
  • Communication data: messages, inquiries, feedback, and correspondence.
  • Customer and service data: information related to appointments, purchases, bookings, preferences, and service history.
  • Technical data: IP address, browser type, device information, log data, and usage statistics from our website or digital services.
  • Marketing data: consent preferences, newsletter subscriptions, and interaction with our communications.
  • Other information you choose to provide: for example, information relevant to your preferences or requests.

We collect personal data directly from you, through your use of our services and website, and from third parties where permitted by law.

3. Purpose of Data Processing

We process personal data for the following purposes:

  • To provide and administer our services, products, bookings, and customer support.
  • To respond to inquiries and maintain communication with customers and business contacts.
  • To manage customer relationships and improve our services.
  • To send newsletters, offers, and marketing communications where permitted.
  • To analyze usage patterns and improve website functionality, content, and user experience.
  • To comply with legal obligations, accounting requirements, and record-keeping duties.
  • To prevent misuse, fraud, and unauthorized access, and to maintain security.

4. Legal Basis for Processing

We process personal data only when we have a valid legal basis. Depending on the context, the legal basis may be:

  • Performance of a contract: when processing is necessary to provide services or fulfill agreements with you.
  • Legal obligation: when we must process data to comply with applicable laws and regulations.
  • Legitimate interests: when processing is necessary for our legitimate business interests, provided that your interests and fundamental rights do not override those interests.
  • Consent: when you have given us clear consent, for example for certain marketing activities or optional cookies.

5. Data Sharing and Third Parties

We may share personal data with trusted third parties where necessary for the purposes described in this policy. These may include:

  • IT and hosting providers
  • Payment service providers
  • Accounting, auditing, and legal advisors
  • Marketing and communication service providers
  • Booking, customer management, or analytics providers
  • Public authorities where required by law

We require third parties that process personal data on our behalf to protect the data and to process it only in accordance with our instructions and applicable law.

6. Data Transfer to Third Countries

In some cases, personal data may be transferred to or accessed from countries outside the European Economic Area (EEA). If such transfers occur, we will ensure that appropriate safeguards are in place, such as:

  • an adequacy decision by the European Commission,
  • Standard Contractual Clauses, or
  • other lawful transfer mechanisms permitted under applicable data protection law.

Where required, we will also implement supplementary measures to protect your personal data.

7. Storage Duration

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.

  • Customer and service data are retained for the duration of the customer relationship and for a reasonable period thereafter.
  • Accounting and transaction records are retained for the period required by applicable law.
  • Marketing data are retained until you withdraw consent or object, unless we have another lawful basis to retain the data.
  • Technical logs and security data are retained for a limited period necessary for operational and security purposes.

8. User Rights

Subject to applicable law, you have the following rights regarding your personal data:

  • Access: the right to know whether we process your personal data and to receive a copy of it.
  • Rectification: the right to request correction of inaccurate or incomplete data.
  • Erasure: the right to request deletion of your data in certain circumstances.
  • Restriction: the right to request limited processing in certain situations.
  • Data portability: the right to receive certain data in a structured, commonly used, machine-readable format and, where technically feasible, to have it transmitted to another controller.
  • Objection: the right to object to processing based on legitimate interests and to direct marketing at any time.

To exercise your rights, please contact us using the details provided below. We may ask for additional information to verify your identity before responding.

9. Withdrawal of Consent

Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

You may withdraw consent by contacting us at [email protected] or by using any unsubscribe or preference management options we provide.

10. Right to Complain

If you believe that our processing of your personal data does not comply with applicable law, you have the right to lodge a complaint with the relevant supervisory authority.

In Norway, this is the Norwegian Data Protection Authority (Datatilsynet). We encourage you to contact us first so that we can try to resolve your concerns directly.

11. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, disclosure, or destruction. These measures may include access controls, encryption where appropriate, secure storage, staff confidentiality obligations, and regular review of our security practices.

While we work to protect your personal data, no method of transmission or storage is completely secure. We therefore cannot guarantee absolute security.

12. Contact Information

If you have questions about this privacy policy or our processing of personal data, or if you wish to exercise your rights, please contact us:

Nordlys Livsstilstudio AS
Storgata 12, 0155 Oslo, Norway
Email: [email protected]
Phone: +47 22 45 78 19

13. Changes to Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, services, legal requirements, or other operational reasons. The updated version will be published on our website or otherwise made available to you.

We encourage you to review this policy periodically to stay informed about how we process personal data.

4/8/2026 Hjem