CIRCLE OF WELLBEING PRIVACY POLICY
Last updated: May 16, 2025
Circle of Wellbeing respects your privacy and is committed to protecting your personal data in compliance with the applicable laws of the Kingdom of Norway and the European Union General Data Protection Regulation (GDPR) (EU) 2016/679, as well as other relevant data protection regulations in force in 2025. This Privacy Policy ("Policy") explains in detail how we collect, process, store, and protect your personal data when you interact with our website https://www.circleofwellbeing.net and use our services.
This Policy has been created to provide transparency about our data processing activities and how we ensure your privacy rights are protected. By accessing or using our Website, you consent to the practices outlined in this Privacy Policy. If you do not agree with this Policy, you must refrain from using the Website.
1. Controller of Personal Data
Circle of Wellbeing, as the data controller, is responsible for your personal data under the applicable data protection laws. This means we are responsible for determining the purposes and means of processing your personal data.
Controller Name: Circle of Wellbeing
Address: Geitevegen 12, 7606 Levanger, Norway
Email: info@circleofwellbeing.net
Phone: +4705013733
Organization Number: 930 303 186
2. Types of Personal Data We Collect
We collect and process personal data that is necessary to provide our services and support your use of the Website. The types of personal data we collect include:
2.1 Personal Data You Provide to Us
This data is collected directly from you when you engage with us through forms on the Website or other interactions:
Identification Data: Full name, username, or other identifiers.
Contact Data: Email address, postal address, phone number.
Payment Data: Credit card details, payment history, billing information (when making donations, purchasing services, or participating in events).
Subscription and Preferences: Information provided when you subscribe to our newsletter, notifications, or other communications.
Event Registration: Name, email address, participation preferences (e.g., dietary restrictions, special requests for events).
Support and Feedback Data: Information provided in feedback forms, customer support communications, or through surveys.
2.2 Personal Data We Collect Automatically
We may automatically collect certain information when you visit our Website or use our services, including:
Technical Data: IP address, browser type and version, operating system, device type, and settings, geographic location, access times, pages visited, and other diagnostic data related to your use of the Website.
Usage Data: Information about how you interact with the Website, including clicks, navigation paths, time spent on pages, and other interactions.
Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies to track your activity on the Website (for more information, refer to our Cookie Policy).
3. How We Use Your Personal Data
We process your personal data for various legitimate purposes, and the legal bases for our processing are outlined below.
3.1 Performance of a Contract
We process your personal data to fulfill contractual obligations, including but not limited to:
Providing services or products you have requested (e.g., event registration, donation processing).
Sending receipts, confirmations, and other communications related to your use of the Website and services.
3.2 Consent
In some cases, we rely on your consent for processing specific personal data. This includes:
Subscribing to our newsletter or communications.
Participating in voluntary surveys, promotions, or events where you are asked for consent to collect and process your personal data.
You have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
3.3 Legitimate Interests
We process personal data based on our legitimate interests, provided such interests are not overridden by your rights and freedoms. These include:
Improving user experience on the Website and providing relevant content.
Analyzing Website traffic and user behavior to optimize performance and features.
Communicating with you for marketing purposes (e.g., sending newsletters, event invitations, donation requests), unless you have opted out of such communications.
3.4 Legal Obligation
We may process your data to comply with legal obligations, including:
Compliance with accounting, tax reporting, or other regulatory requirements.
Retaining payment and transaction information for auditing purposes.
4. Sharing Your Personal Data
We may share your personal data with third parties, who act as data processors on our behalf. We ensure that these third parties comply with data protection laws and only process personal data according to our instructions.
4.1 Payment Processors
Vipps: We use Vipps, a payment service provider, to facilitate donations and payments on our Website. When you make a payment or donation, Vipps processes your payment information (e.g., credit card details, bank account numbers) to complete the transaction. For more information about how Vipps handles your personal data, please refer to their Privacy Policy here.
Solidus: Solidus is used for processing donations. Solidus collects and processes payment details, such as credit card information or bank account details, to complete your transaction. Solidus’s Privacy Policy can be accessed here.
4.2 Third-Party Analytics
Google Analytics: We use Google Analytics to collect and analyze information about how visitors use the Website, which helps us improve the content and functionality. Google Analytics collects anonymized data, including your IP address, browser type, and page views. Google Analytics uses cookies to track your activity on the Website. You can learn more about Google Analytics and how they use your data in their Privacy Policy here.
4.3 Other Service Providers
We may also share your data with other third-party service providers who support our operations, such as email marketing services, event management platforms, and website hosting services. These service providers will only process personal data according to our instructions and will be contractually obligated to ensure adequate protection of your data.
5. International Data Transfers
In some cases, we may transfer your personal data to countries outside the European Economic Area (EEA) or Norway, such as for services hosted by U.S.-based providers like Google Analytics or Solidus. In such cases, we will take appropriate steps to ensure that your personal data is protected in compliance with applicable data protection laws. These steps may include the use of standard contractual clauses or ensuring that the recipient country has an adequate level of data protection recognized by the European Commission.
6. Your Data Protection Rights
Under the GDPR, you have several important rights regarding your personal data:
Right to Access: You can request a copy of the personal data we hold about you and further details regarding its processing.
Right to Rectification: You have the right to request correction or updating of inaccurate or incomplete data.
Right to Erasure (Right to be Forgotten): You can request that we delete your personal data, subject to certain exceptions.
Right to Restrict Processing: You may request that we restrict processing of your personal data in certain circumstances.
Right to Object: You can object to the processing of your personal data on grounds related to your particular situation, unless we have compelling legitimate grounds to process your data.
Right to Data Portability: You may request that we transfer your personal data to another data controller in a structured, commonly used, and machine-readable format.
Right to Withdraw Consent: Where we rely on consent as the legal basis for processing, you have the right to withdraw that consent at any time.
To exercise these rights, please contact us using the contact details below. If you are not satisfied with the way we handle your data, you have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet).
7. Data Retention
We retain personal data for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Specific retention periods are determined based on the type of data, the purpose for which it was collected, and legal obligations.
Transaction Data: For accounting and tax purposes, we retain transaction-related data for a minimum of five years.
Marketing Data: If you are subscribed to our marketing communications, we will retain your data until you unsubscribe or request its deletion.
After the retention period, we will either delete or anonymize your data.
8. Security of Your Personal Data
We take appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include secure servers, encryption of sensitive data, and access controls. However, no method of transmission over the internet or electronic storage is 100% secure, and while we strive to protect your data, we cannot guarantee its absolute security.
9. Cookies and Similar Technologies
We use cookies and similar tracking technologies to enhance your experience on the Website, analyze usage, and improve our services. Cookies allow us to remember preferences, understand how visitors engage with the Website, and deliver personalized content. For further details, please consult our Cookie Policy.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time, in accordance with changes in laws, regulations, or our business practices. We will notify you of any significant changes by posting the updated Privacy Policy on our Website, along with the date of the update. We encourage you to periodically review this Policy to stay informed about how we are protecting your personal data.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:
Controller Name: Circle of Wellbeing
Address: Geitevegen 12, 7606 Levanger, Norway
Email: info@circleofwellbeing.net
Phone: +4705013733
Organization Number: 930 303 186