Privacy Policy | TromsoExplorer.no

Privacy Policy for TromsoExplorer.no

Effective Date: 21.04.2025

At LOGINS AS (“we,” “us,” or “our”), we are committed to protecting your personal data and handling it responsibly. This Privacy Policy describes how we collect, use, and protect your personal information in accordance with the Norwegian Personal Data Act, which incorporates the General Data Protection Regulation (GDPR), and relevant EEA and Norwegian regulations.

1. Definitions

  • Personal Data: Any information relating to an identified or identifiable individual (e.g., name, email address, IP address).
  • Data Controller: The party responsible for determining the purposes and means of processing personal data (LOGINS AS).
  • Data Processor: A third party that processes data on behalf of the Data Controller (e.g., Stripe).
  • Processing: Any operation involving personal data, such as collection, storage, or deletion.
  • Consent: Freely given, specific, informed, and unambiguous indication of the data subject’s agreement.
  • Third Party: Entities other than the data subject, controller, or processor involved in data processing.
  • Anonymized Data: Data that cannot be linked to a specific individual.

2. Data Controller

LOGINS AS
Email: info@logins.no
Phone: +47 922 28 317
Contact: https://tromsoexplorer.no/contact

3. Scope of This Policy

This policy covers personal data collected through:

  • Our website: TromsoExplorer.no
  • Social media: Facebook, Instagram, YouTube
  • Third-party platforms: Tripadvisor and GetYourGuide
  • Advertising platforms: Google Ads
  • Hosting: Bluehost
  • CMS: WordPress
  • Our core services: Private tour bookings and related communications

4. What Data We Collect and Why

Type of Data Examples Purpose Legal Basis
Identity Data Name, surname Managing bookings and customer identity Performance of a contract (Art. 6(1)(b))
Contact Data Email (required), phone (optional) Booking confirmations, communication Legitimate interest (Art. 6(1)(f))
Financial Data Payment info via Stripe Payment processing, receipts Performance of a contract (Art. 6(1)(b))
Technical Data IP, browser, OS info Website security, analytics, troubleshooting Legitimate interest (Art. 6(1)(f))
Usage Data Website activity, ad interactions Analytics, improving user experience Legitimate interest / Consent (Art. 6(1)(f)/(a))
Advertising Data Clicks, retargeting info Serve relevant ads, measure performance Consent (Art. 6(1)(a))

5. How We Use Your Data

  • Bookings & Customer Service: Responding to inquiries, managing reservations
  • Payments: Securely processing payments via Stripe
  • Analytics & Website Functionality: Improving site performance through tools like Google Analytics and Bluehost
  • Advertising: Running targeted campaigns via Google Ads (with consent)
  • Compliance: Meeting accounting and legal obligations

6. Who We Share Data With

  • Stripe – Secure payment processing
  • Bluehost – Website hosting infrastructure
  • WordPress – Content management
  • Google Analytics & Ads – Analytics and advertising
  • Social Media – Facebook, Instagram, YouTube
  • Tripadvisor – Feedback and review collection
  • GetYourGuide – Booking and partner sales platform
  • Public Authorities – If required by law

We do not sell your personal data.

7. Data Security

  • Encryption of sensitive data
  • Access control limited to authorized personnel
  • Regular audits and updates to maintain compliance

8. Data Retention

  • Booking data: Retained for up to 5 years for legal and accounting purposes
  • Analytics/advertising data: Retained for up to 26 months unless otherwise specified

9. International Data Transfers

Some of our service providers may process your personal data outside the European Economic Area (EEA), particularly in the United States. When such transfers occur, we ensure that your data remains protected through one or more of the following safeguards:

  • Standard Contractual Clauses (SCCs): Legally binding agreements approved by the European Commission
  • EU-U.S. Data Privacy Framework: For providers certified under this mechanism
  • Data Minimization & Encryption: Only necessary data is shared and securely transmitted

Our key service providers that may transfer data outside the EEA include:

  • Google (Ads & Analytics)
  • Stripe (Payments)
  • Bluehost (Hosting)
  • WordPress (CMS)
  • GetYourGuide (Bookings & Partner Sales)

By using our website and services, you acknowledge and agree to such international transfers under these protection standards.

10. Your Rights Under the GDPR

You have the right to:

  • Access your data
  • Rectify inaccurate data
  • Erase unnecessary data
  • Restrict processing in specific cases
  • Withdraw consent at any time
  • Port your data to another provider
  • Lodge a complaint with Datatilsynet (Norwegian Data Protection Authority)

To exercise these rights, email: info@logins.no. We aim to respond within 30 days.

Visit www.datatilsynet.no for more information regarding your rights.

11. Cookies

We use cookies and similar tracking technologies on our website. Details on how cookies are used, including Google Ads and analytics cookies, are available in our separate policy:

Read our Cookie Policy

12. Changes to This Policy

We may update this Privacy Policy to reflect legal, regulatory, or operational changes. The latest version will always be available on our website.

13. Contact Us

LOGINS AS
Email: info@logins.no
Phone: +47 922 28 317
Contact: https://tromsoexplorer.no/contact