Privacy Policy

PRIVACY POLICY

How we protect your data, your rights, and your trust

At Ethical Norway, your privacy matters.

We are committed to handling your personal data with care, transparency, and respect — in full compliance with the EU General Data Protection Regulation (GDPR) and Norwegian privacy laws.

This policy explains what information we collect, how we use it, and how we keep it safe.

 

1. Who We Are

Ethical Norway is an inbound initiative by Ethical Travel Portal AS, based in Norway.

We create responsible and transparent travel experiences supported by the platforms STOMP (Sustainable Tourism Operational Management Platform) and Resonate (storytelling network).

Controller:

Ethical Travel Portal AS

Oslo, Norway

📧 info@ethicalnorway.com

🌍 www.ethicalnorway.com

 

2. What Data We Collect

We collect only the data necessary to provide our services, improve your experience, and meet legal requirements.

a) Information you provide directly:

  • When you sign up for our newsletter or updates
  • When you book or enquire about a journey
  • When you contact us through forms or email

This may include:

  • Name and contact details (email, phone, address)
  • Travel interests or preferences
  • Payment and billing information (for bookings)

b) Automatically collected information:

  • Cookies and analytics data (pages visited, time spent, device type, etc.)
  • IP address and browser information to improve usability and security

c) Third-party data sources:

When you interact with our partners or linked services (like payment gateways or STOMP), limited data may be shared — always under GDPR compliance.

 

3. Why We Collect Data

We use your information to:

  • Respond to your enquiries or trip requests
  • Process bookings and payments
  • Send relevant updates, newsletters, or confirmations (only with consent)
  • Improve our website’s usability and performance
  • Fulfil legal obligations such as accounting or reporting

We never sell your data or use it for unrelated marketing.

 

4. Legal Basis for Processing

We process your data only when we have a lawful reason under GDPR, including:

  • Consent (you subscribe, enquire, or agree to communication)
  • Contractual necessity (you book or purchase a service)
  • Legal obligation (for invoices or regulatory compliance)
  • Legitimate interest (to operate and improve our services responsibly)

 

5. Cookies and Analytics

We use cookies to ensure smooth site functionality, personalize content, and analyse site traffic.

Some cookies are essential; others are optional.

You can manage or disable cookies through your browser settings or via the pop-up cookie consent banner.

Full details are available in our Cookie Policy.

 

6. Data Retention

We keep your data only as long as needed to provide our services or meet legal and tax obligations.

After that, it is safely deleted or anonymised.

You may request deletion of your data at any time (see Section 8).

 

7. How We Protect Your Data

We use secure servers, encrypted communication (HTTPS), and limited staff access to protect your information.

All team members and partners handling data follow strict confidentiality and security procedures.

 

8. Your Rights

Under GDPR, you have the right to:

  • Access the data we hold about you
  • Correct inaccurate or outdated information
  • Request deletion (“right to be forgotten”)
  • Limit or object to processing
  • Withdraw consent at any time
  • Request data portability

To exercise these rights, contact us at info@ethicalnorway.com.

We will respond within 30 days.

 

9. Sharing and Third-Party Services

We may share limited information with trusted partners to deliver our services, such as:

  • Local travel providers (for confirmed bookings)
  • Payment processors (secure transactions)
  • Email and newsletter systems (communication)

All partners comply with GDPR and only process your data under our instruction.

We will never sell or lease your personal data to anyone.

 

10. International Transfers

As a Norwegian-based company, most data is stored within the EEA (European Economic Area).

If data is transferred outside the EEA (for example, via cloud storage), we ensure adequate safeguards through GDPR-approved measures such as Standard Contractual Clauses.

 

11. Updates to This Policy

We may update this Privacy Policy from time to time to reflect legal or operational changes.

The latest version will always be available on this page.

Last updated: October 2025

 

12. Contact Us

For any privacy-related questions, requests, or concerns, please contact:

📧 info@ethicalnorway.com

🌍 www.ethicalnorway.com

We are committed to handling your request transparently and respectfully.


 

We are part of the Ethical Travel Portal ecosystem—promoting local storytelling through Resonate, transparent, well-designed journeys via STOMP, and giving back through Green Box