Privacy Policy

Introduction

This Privacy Policy explains how grandorvexilium.top AS ("we", "our", or "us") collects, uses, and protects your personal information when you visit our website grandorvexilium.top or use our services. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and Norwegian privacy legislation.

As the data controller, we are responsible for ensuring that your personal data is processed lawfully, fairly, and transparently. This policy describes the data we collect, how we use your information, and explains your rights regarding your personal data.

Data Collection

We collect various types of information to provide and improve our services. The data we collect includes both information you provide directly and information we gather automatically when you use our website.

Information You Provide

• Contact information (name, email address, phone number)
• Company details and business information
• Communication preferences and enquiry details
• Any other information you choose to provide through our contact forms or communications

Information Collected Automatically

• Technical information such as IP address, browser type, and operating system
• Usage data including pages visited, time spent on site, and navigation patterns
• Device information and screen resolution
• Referral sources and search terms used to find our website

How We Use Your Information

We use of your data is based on legitimate legal grounds and is necessary for the provision of our services. We process your personal information for the following purposes:

• To respond to your enquiries and provide customer support
• To deliver our retail scaling services and maintain business relationships
• To improve our website functionality and user experience
• To comply with legal obligations and regulatory requirements
• To prevent fraud and ensure the security of our services
• To analyse website performance and optimise our content
• To send relevant business communications with your consent

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use and how to control them, please refer to our Cookie Policy.

Data Sharing and Third Parties

We do not sell or rent your personal information to third parties. We may share your data only in the following circumstances:

• With trusted service providers who assist in operating our website and delivering services
• When required by law or to protect our legal rights
• With analytics and advertising platforms (such as Google) subject to your consent preferences
• In connection with a business transfer or merger, with appropriate safeguards

Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. Contact enquiry data is typically retained for three years unless you request earlier deletion. Business relationship data may be retained longer to maintain our ongoing service provision. We regularly review our data retention practices to ensure compliance with applicable regulations.

Your Rights

Under GDPR and Norwegian data protection law, you have several rights regarding your personal data. These rights include the ability to control how your information is processed and to ensure its accuracy.

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Correct any inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Limit how we use your information
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to certain types of processing, including direct marketing
• Right to Withdraw Consent: Withdraw consent for processing where applicable

Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, access controls, regular security assessments, and staff training. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

International Data Transfers

As we operate within the European Economic Area, your data is primarily processed within the EEA. If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of any significant changes by posting the updated policy on our website with a revised date. We encourage you to review this policy regularly to stay informed about how we protect your information.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out using the following contact information:

You also have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) if you believe your data protection rights have been violated.