Privacy Policy

1. Introduction

Quivranxshak ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website quivranxshak.world (the "Site").

We comply with the General Data Protection Regulation (GDPR), the Norwegian Personal Data Act (Personopplysningsloven), the Norwegian Personal Data Regulations (Personopplysningsforskriften), and other applicable EEA data protection laws. Where we use cookies or similar technologies that are not strictly necessary, we also follow the rules on electronic communications applicable in Norway (including the Electronic Communications Act — ekomloven) and the EU ePrivacy framework.

2. Data Controller

The data controller responsible for your personal data is:

If we are registered in the Norwegian business register, our organization number (organisasjonsnummer) is available on request.

3. Information We Collect

3.1 Information You Provide

We collect information you voluntarily provide when you:

• Fill out our contact form (name, email address, message content)
• Subscribe to communications
• Correspond with us directly

3.2 Information Collected Automatically

When you visit our Site, we may automatically collect:

• IP address (anonymized where possible)
• Browser type and version
• Operating system
• Pages visited and time spent
• Referring website
• Cookie data (see our Cookie Policy)

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent for specific purposes (e.g., marketing communications)
• Contractual necessity: When processing is necessary to fulfill a contract or respond to your requests
• Legitimate interests: When processing is necessary for our legitimate business interests, such as improving our services and ensuring website security
• Legal obligation: When processing is required by law

5. How We Use Your Information

We use collected information for the following purposes:

• To respond to your inquiries and requests
• To improve our website and services
• To analyze website usage patterns
• To send communications you have opted into
• For direct marketing by email or similar electronic channels, only where we have obtained your prior, explicit consent (opt-in), except where another legal basis clearly applies under applicable law. You may withdraw marketing consent at any time (e.g. via an unsubscribe link or by contacting us); withdrawal does not affect the lawfulness of processing based on consent before withdrawal
• To comply with legal obligations
• To protect against fraud and ensure website security

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Contact form submissions: Retained for up to 2 years after your last interaction
• Analytics data: Retained for up to 26 months
• Cookie consent preferences: Retained for 12 months

After these periods, data is securely deleted or anonymized.

We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you. If this changes, we will update this policy and inform you as required by law.

7. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service providers: Third parties who assist us in operating our website and conducting business (e.g., hosting providers, analytics services)
• Legal requirements: When required by law, court order, or governmental authority
• Business transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers are contractually obligated to protect your data and process it only as instructed by us.

8. International Data Transfers

Your data may be transferred to countries outside the European Economic Area (EEA). When this occurs, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Binding Corporate Rules

9. Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access: Request a copy of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your data ("right to be forgotten")
• Right to restrict processing: Request limitation of how we use your data
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us using the details in Section 2. We will respond without undue delay and within one month at the latest, as a rule (Article 12 GDPR). That period may be extended by up to two further months where necessary due to complexity or number of requests; we will inform you of any extension and the reasons.

You may also lodge a complaint with a supervisory authority; see Section 14.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• SSL/TLS encryption for data transmission
• Secure server infrastructure
• Access controls and authentication
• Regular security assessments
• Staff training on data protection

While we strive to protect your data, no transmission over the internet is completely secure. We cannot guarantee absolute security.

11. Children's Privacy

Our Site is not directed at children under 13. In Norway, the age from which consent to information society services may be given without parental authority is 13, in line with GDPR Article 8 and national rules. We do not knowingly collect personal data from children under 13. If you are between 13 and 15, we encourage you to involve a parent or guardian when using the contact form. If you believe we have collected data from a child without appropriate grounds, please contact us immediately.

12. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

13. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last updated" date. Significant changes may be communicated via email or website notice.

14. Complaints

If you believe we have not handled your personal data appropriately, you have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) or, if you reside or work in another EEA country, with the supervisory authority there.

For general information on data protection in the EEA, see also the European Data Protection Board resources at edpb.europa.eu.

15. Contact Us

For questions about this Privacy Policy or our data practices, please contact us: