Privacy Policy

Last updated: 21.02.2025

1. Introduction

This privacy policy applies to Bookingtjeneste.no (owner Preferium AS) (hereinafter referred to as "we") and explains why we collect information about you, how we use this information and how we take your privacy into account. We are the data controller for all processing of personal data where we ourselves determine the purpose of the processing of the information and the means we use for this.

Our basis for processing personal data will vary, will consist of your consent or because it is required by law. Furthermore, it may be necessary to process personal data to fulfill a contract with you or to comply with a legal obligation. You can withdraw your consent at any time.

Questions or concerns?

Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our services. If you still have questions or concerns, please contact us via the contact information at the bottom of the text.

2. About personal data, consent and cookies

Personal data is information and assessments that can be linked to an identifiable individual. This may include name, address, telephone number, email address, IP address and visit and behavior history.

All processing of personal data, such as collection, registration, storage and disclosure, is subject to specific rules, including the Personal Data Act. We are responsible for ensuring that the processing is carried out in accordance with the provisions of the Act. The Norwegian Data Protection Authority supervises compliance with the Act.

Optional sharing of information

We only store certain information if you give us active consent to collect it. Examples of this are information about you that can be used to show you advertisements on third-party websites based on products you have viewed in our online store. If we use such services, we will ask you for consent to this on our website, and we will only collect the information if you give us consent. If you do not take a position on the question, we will not collect the information either.

3. How do we keep your information safe?

We have organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or warrant that hackers, cybercriminals or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal or alter your information.

4. What kind of information do we collect?

In order to provide the best possible service, we rely on collecting various types of information, including personal information about you. Below is an overview of how we typically collect personal information and what information this typically is. We do not collect sensitive information, and we do not receive any information from third parties.

a) Information you provide to us

When you register and/or shop on our website, you may be asked to provide some information that is stored by us, such as your name, email address, address, postal address, job title, username, billing address, debit/credit card number and mobile phone number. We will also store information when you contact us later.

b) Information we obtain through the use of our services

When you use our services, we record information about which services you use and how you use them. We collect information about, among other things:

Your device and your internet connection. We may record information about the device you are using, such as mobile/PC manufacturer, device features, language references, country, location, information about how you use our services, operating system and browser. We may also collect information about your connection to our services, such as IP addresses, network IDs, cookies and unique identifiers.

Use of service or purchase. We record information about your use of the services, such as which pages you visit, when you visit the pages, and which features you have used on the pages.

c) Information we receive from other sources

We may receive information about you if you use any of the other services we offer on this website. We also work closely with third parties (e.g. business partners, technical service providers, payment and delivery services, advertising networks, analytics companies, search engines and credit reference agencies) and may receive information about you from them. This also includes information that is publicly available.

d) Cookies and other content stored locally

When you use our services or visit our websites, cookies and other data are stored that can later be read by us.

e) Automatic assessments

Through analysis of your purchases and behavior, automatic categorization of you as a customer can be derived.

5. What is the information used for?

We use personal data for the following purposes:

a) To provide and improve our services

We use personal data to deliver our goods (or services) to you. For example, we need personal data to enable you to log in to our sites and, where relevant, to pay for goods and services. We also use personal data to ensure the best possible user experience for you, including by adapting the display of content to your screen/device and ensuring the fastest possible loading of pages.

b) To personalize the services, provide you with recommendations and relevant marketing

We want to provide you with recommendations, product information and service customizations that are most relevant to you. This will be based on your own behavior, such as which pages you have visited, ads you have clicked on, or articles you have read, and on the behavior of other users with similar usage patterns to you.

C) To respond to user inquiries/offer support to users

We may process your information to respond to your inquiries and resolve any issues you may have with the requested service.

d) To send you administrative information

We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.

e) To fulfill and manage your orders

We may process your information to fulfill and administer your orders, payments, returns and exchanges made through the Services.

f) To enable user-to-user communication

We may process your information if you choose to use any of our offerings that allow communication with another user.

G) To improve digital communication and advertising

We use your personal data to improve our advertising. By creating a profile with us, you agree to targeted advertising through programmatic purchasing and targeted advertising through social media where your personal data will be used in the purchase of such advertising.

h) To prepare statistics and understand market trends

We compile statistics and map market trends. We do this in order to improve and further develop our product offerings and services. As far as is practical, we try to do this with anonymous information, without us knowing that the information is linked specifically to you.

i) To prevent misuse of our services

We use personal information to prevent misuse of our services. Misuse may include attempts to log into other people's accounts, attempted fraud, spamming, incitement, harassment and other actions that are prohibited by Norwegian law.

6. Sharing information with third parties

In order to deliver our services effectively, we work with selected third-party service providers who perform various functions on our behalf, including server hosting, email services, customer support, and payment processing. These service providers are carefully selected to ensure that they maintain high standards of data security and privacy.

Disclosure on Use of AI and Data Sharing:

It is important for us to clarify that we do not share any of your personal data with third-party AI tools or other external companies for purposes beyond the delivery of our services. No personal data is used for analytical or marketing purposes without your explicit consent, and we are committed to maintaining full transparency and control over the processing of your data.

Our commitment to your privacy and data security lies at the core of our selection of third-party service providers, and we ensure through contractual agreements that these service providers meet strict requirements for data security and the processing of personal data in accordance with applicable data protection legislation.

Google Calendar

In connection with our integration with Google Calendar, we would like to clarify how we handle and share your personal data. When you use our service to synchronize events or tasks with Google Calendar, necessary data is collected to provide this functionality.

It is important for us to emphasize that none of the data sent to or received from Google Calendar is shared with third parties. This includes, but is not limited to, information about your calendar events, tasks, reminders, and any other data that could be considered personal. Our commitment to your privacy means that all data exchanged between you and Google Calendar through our service remains confidential and is only used to provide the requested functionality within the scope of our service.

This practice is fully consistent with our overall commitment to your privacy and our strict data protection guidelines. Our use of Google Calendar is designed to improve your user experience and efficiency without compromising your privacy.

Google Analytics and Google AdWords

Information about usage patterns on the website (including which pages are visited and when) is shared with Google, which is linked to you as a user in a partially anonymized manner. We will not be able to link this to you personally, but we can use the information to see general usage patterns on our website, and to be able to send you tailored advertising in Google's network in the form of image and text ads on third-party websites.

AIx.chat (chat and support service for suppliers)

If we were to use a chat solution from AIx.chat, the service will store the chat log and your IP address on its server. The log can be removed at your request if you contact us. We will also be able to store various information about you from contact forms, support tickets and the like. Information about your customer relationship will also be stored in the AIx.chat CRM system.

Contact forms

If you use one of our contact forms, the form will be sent as an email to us and stored on our email server. A copy of the email may also be stored in a database in addition, to ensure that we have received your message if the email does not arrive. This database is deleted at regular intervals.

Kinsta.com – Website Hosting

Server agreement used from Kinsta.com. Server location: Eemshaven, Netherlands. All data is stored securely on this server.

Brevo.com – Email provider

Brevo ensures that our customers' data integrity and confidentiality are maintained to the highest standards. Our server infrastructures are located within EU jurisdiction, with primary storage both on our dedicated servers and on Google Cloud.

We have strategically chosen French data centers – specifically Online's DC2 and DC3 facilities in Vitry-sur-Seine, Ile-de-France – for our hardware, which is owned and managed exclusively by Brevo. Additional data storage is handled in Google Cloud's data center in Belgium.

To ensure the robustness and reliability of our data processing, we replicate all data a minimum of three times, spread across two distinct geographical locations. Brevo understands the value and sensitivity of the information we manage, which is why we have also implemented regular, encrypted data backups. This process is performed weekly, with more frequent backups depending on the customer's data usage.

Twilio.com – SMS provider for notifications

SMS Service via Twilio: We provide SMS notification services to customers. This includes, but is not limited to, notifications of new bookings, reminders, and other relevant information related to the booking process. These SMS notifications are sent via a third-party service, Twilio.

Data Transfer and Storage: Twilio is responsible for the transmission and handling of SMS messages. Twilio has implemented strict security measures to protect your information. Please note that Twilio's servers may be located outside the EU/EEA, but the company complies with applicable GDPR regulations.

Personal Information: The only personal information transferred to Twilio for this service is your mobile number and relevant booking details, which are used solely to send you relevant SMS notifications. No other personal information is shared.

Security and Confidentiality: The security of your data is important to us, and we have implemented necessary security measures to protect your personal information. Twilio also adheres to high standards of data integrity and confidentiality. For more information about Twilio's privacy practices, please see – Twilio's GDPR Program, https://www.twilio.com/en-us/gdpr

Consent: By enabling SMS notifications in our system, you consent to your personal data, as described here, being processed by Twilio. You have the right to withdraw this consent at any time, but this will result in you no longer receiving SMS notifications.

Twilio.com – SMS provider for phone number verification (OTP)

Bookingtjeneste.no is committed to protecting your privacy when you use our services, including SMS verification (OTP). Here is how we handle data in connection with OTP verification:

• Data Collection: When you verify your phone number via SMS verification (OTP), we collect and store your phone number and the generated one-time code to ensure your identity is confirmed.
• Use of Data: Your phone number is used solely to send the OTP code and verify your identity. This information is not used for any other purpose without your consent.
• Data Storage: We store your verified phone number to make future booking processes easier. This information is kept securely and in accordance with applicable privacy laws.
• Data Leakage and Security: We use advanced security measures to protect your data from unauthorized access, loss or destruction. All data is handled in accordance with our general privacy policy.
• Third-Party Services: SMS verification is provided by Twilio. We assure you that Twilio also complies with all relevant privacy obligations. For more information about Twilio's privacy practices, please visit their website.

By using SMS verification (OTP) on Bookingtjeneste.no, you consent to this processing of your personal data.

YouTube video embedded

Videos from Youtube can be included on the website.

Payment services: Stripe, Vipps and Mollie.

The website can use these payment solutions when buying/selling services.

Advertising on social media

We can advertise our services on Facebook, Google, TikTok, SnapChat, among others.

User account registration and authentication

WordPress Single Sign-In.

Business Transfers. We may share or transfer your information in connection with, or during negotiations for, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

In case of suspicion of a crime

Information may be disclosed to public authorities upon request. We may also disclose information in the event of suspicion of fraud, or information that is necessary to resolve specific disputes.

7. Deletion of personal data

We are required by law to retain certain personal information. Examples of this are:

– Accounting Act
– Order data according to the right of withdrawal
– Order data according to guarantees

You have the right to have all our information about you deleted upon request, unless we are legally required to store it. You can contact us regarding this and cancel your customer relationship by sending us an email (See "contact information at the bottom of the page").

8. Securing personal data

We use appropriate security measures to protect personal information under our control from unauthorized access, collection, use, disclosure, copying, modification or disposal. We aim to protect your personal information through a system of organizational and technical security measures. We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of all personal information we process. Despite our security measures and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal or alter your information. While we will do our best to protect your personal information, any transmission of personal information to and from our Services is at your own risk. You should only access the Services in a secure environment.

9. Especially about marketing in e-mail and SMS

If you have an active customer relationship with us, we may send you marketing by email or other electronic communication methods in accordance with Section 15 of the Marketing Act. This includes newsletters and other inquiries regarding content, services, offers, campaigns and events from us, via email, telephone, SMS and social media.

However, if you do not have an active customer relationship, we will only send such marketing if you have given us your consent to do so. Your personal data may also be used to customize this communication. You can unsubscribe from marketing communications at any time easily and free of charge through the unsubscribe function in the emails/SMS.

10. Is your information transferred internationally?

We may transfer, store and process your information in countries other than your own.

Our server is hosted at Kinsta.com. Server location: Eemshaven, Netherlands. All data is stored on this server. If you access our services from outside, please be aware that your information may be transferred to, stored and processed by us in our facilities and by the third parties with whom we may share your personal information.

11. HOW LONG DO WE KEEP YOUR INFORMATION?

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless otherwise required by law.

We will only retain your personal information for as long as necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this notice will require us to retain your personal information for longer than the period for which users have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

12. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly collect data from or market to children under the age of 18.

We do not knowingly solicit data from or market to children under the age of 18. By using the Services, you represent that you are at least 18 years of age or that you are the parent or guardian of such minor and consent to such minor's use of the Services. If we become aware that personal information from users under the age of 18 has been collected, we will deactivate the account and take reasonable steps to promptly delete such data from our records.

13. Withdrawal of your consent

If we rely on your consent to process your personal data, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us using the contact details provided in the section at the bottom of the text.

Please note, however, that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal data carried out in reliance on lawful processing grounds other than consent.

Opt out of marketing and promotional communications:

You may unsubscribe from our marketing and promotional communications at any time by clicking the unsubscribe link in the emails we send you, or by contacting us by email. You will then be removed from our marketing lists. However, we may still communicate with you – for example, to send you service-related messages necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.

Account information

If at any time you would like to review or change the information in your account or terminate your account, you can:

Contact us using the contact information provided at the bottom of the page. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with investigations, enforce our legal terms and/or comply with applicable legal requirements.

Cookies and similar technologies

Most browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this may affect certain features or services on our Services. To opt out of interest-based advertising from advertisers on our Services, visit http://www.aboutads.info/choices/ . For more information, see our Cookie Statement on the website.

Most browsers and some mobile operating systems and mobile applications include a do-not-track (“DNT”) feature or setting you can enable to signal your privacy preference not to have data about your browsing activities monitored and collected.

14. Changes to the Privacy Policy

We may periodically update or change the privacy policy.

In the event of major changes, we will inform you about this.

15. Right to complain

You have the right to complain to a supervisory authority, which in Norway is the Data Protection Authority.

16. Contact information

If you have any questions about our privacy policy, questions about the use of personal data, whether you would like to receive data we have registered about you, correction of registered data, withdrawal of consent or deletion, please contact us.

Data Protection Officer (DPO)

Name Robert André Johansen

Email post@bookingtjeneste.no

Address Sponheimveien 19, 1610 Fredrikstad. Norway.

Supervisory authority

Website: http://www.datatilsynet.no/
E-mail: postkasse@datatilsynet.no
Phone: +47 22 39 69 00