Privacy Policy

This policy describes how personal data is processed under the EU GDPR as incorporated in Norway through the Personal Data Act and supervised by Datatilsynet.

Controller details

Controller name: Detoxnew. Address: Flåm Market, 5743 Flåm, Norway. Contact: +4791923250 and cooperation@detoxnew.world.

Data categories

We process contact form details, communication content, technical security logs, and cookie preference records. We do not request health diagnostics or sensitive category data.

Legal bases

Article 6(1)(a) consent is used for optional cookies. Article 6(1)(f) legitimate interest supports website security and abuse prevention. Article 6(1)(c) legal obligation applies to bookkeeping and compliance records when relevant.

Purpose and proportionality

Data is used for communication, website operations, legal compliance, and quality improvement. Processing is limited to what is necessary for each purpose.

Retention periods

Contact messages are retained up to 12 months. Security and anti-abuse logs are generally retained up to 90 days. Documentation for legal or accounting purposes may be retained for statutory periods under Norwegian law.

Recipients and transfers

Data may be processed by hosting, security, and analytics providers under data processing agreements. If transfers outside the EEA occur, we use lawful safeguards such as adequacy decisions or standard contractual clauses.

Your rights

You may request access, rectification, erasure, restriction, objection, and portability where applicable. You may withdraw consent at any time for optional processing. You can file complaints with Datatilsynet if needed.

Security measures

We apply access control, role limitation, secure configuration, and periodic data minimization review. No system can guarantee absolute security, but controls are maintained and reviewed.

Policy updates

Material changes are published on this page with updated wording. Continued use after publication means you acknowledge the revised text.