Privacy Policy

This Privacy Policy explains how Bremnes Data & Consulting processes personal data when you visit our website, contact us, request services, or use services delivered by us.

Last updated: 24 April 2026

1. Who We Are

Bremnes Data & Consulting, also known as BREDC, is a web design, Joomla, hosting, automation, and consulting business based in Norway.

Business name: Bremnes Data & Consulting
Address: Nesevågen 13, 5970 Byrknesøy, Norway
Email:
Phone: +47 405 43 981

Bremnes Data & Consulting is the data controller for personal data we process for our own business purposes, such as customer communication, website enquiries, project administration, invoicing, and service delivery.

2. Personal Data We May Collect

We only collect personal data that is relevant and necessary for the purpose for which it is collected. Depending on how you interact with us, we may process the following types of personal data:

  • Name and company name
  • Email address
  • Phone number
  • Postal or business address
  • Information submitted through contact forms, support forms, proposal forms, or email
  • Project-related information needed to deliver our services
  • Billing and accounting information
  • Technical information such as IP address, browser type, device information, and website usage data
  • Login or account information if you use a customer portal, support system, or similar service provided by us

3. How We Collect Personal Data

We may collect personal data when you:

  • Visit our website
  • Submit a contact form or request form
  • Request a proposal or quote
  • Become a customer or supplier
  • Communicate with us by email, phone, or other channels
  • Use a support system, client portal, hosting service, or other service connected to BREDC
  • Enter into an agreement with us

4. Why We Process Personal Data

We process personal data for the following purposes:

  • To respond to enquiries and customer requests
  • To prepare and send proposals, quotes, and agreements
  • To deliver web design, Joomla, hosting, automation, consulting, and related services
  • To provide customer support and technical assistance
  • To manage customer relationships and project communication
  • To issue invoices and maintain accounting records
  • To operate, maintain, secure, and improve our websites and services
  • To prevent misuse, fraud, spam, and security incidents
  • To comply with legal obligations under Norwegian law

5. Legal Basis for Processing

We process personal data only when we have a valid legal basis. The relevant legal bases may include:

  • Contract: When processing is necessary to provide a service, prepare a proposal, manage a customer relationship, or fulfil an agreement with you.
  • Legal obligation: When processing is required for accounting, tax, documentation, or other legal requirements.
  • Legitimate interest: When processing is necessary for normal business operations, website security, customer follow-up, service improvement, or protection against misuse.
  • Consent: When we rely on your consent, for example for certain types of cookies, newsletters, or optional marketing communication.

6. Cookies and Website Analytics

Our website may use cookies and similar technologies to make the website function correctly, improve user experience, analyse website traffic, and protect the website against misuse.

Some cookies may be necessary for technical functionality, while others may be used only with your consent. If analytics, marketing, or tracking tools are used, they should be described in a separate cookie notice or cookie settings panel where you can manage your preferences.

7. Customer Data and Project Work

When we provide services such as Joomla website development, hosting, maintenance, migrations, automation, integrations, or technical consulting, we may process customer data that is necessary to perform the agreed work.

This may include access to websites, hosting accounts, databases, CMS administrator accounts, email systems, third-party services, files, or technical logs. Such access is used only for the purpose of providing the agreed service.

Where we process personal data on behalf of a customer, the customer may be the data controller and Bremnes Data & Consulting may act as a data processor. In such cases, processing should be governed by a suitable data processing agreement where required.

8. Sharing of Personal Data

We do not sell personal data. We may share personal data only when necessary for legitimate business, technical, contractual, or legal purposes.

Personal data may be shared with:

  • Hosting providers and server infrastructure providers
  • Email and communication service providers
  • Accounting and invoicing systems
  • Payment processors
  • Domain registrars and DNS providers
  • Security, backup, monitoring, and maintenance providers
  • Automation, integration, and productivity tools used to deliver our services
  • Public authorities when required by law

Service providers that process personal data on our behalf must process the data only according to our instructions and must protect the data using appropriate technical and organisational measures.

9. International Transfers

Some service providers may process or store personal data outside Norway or the European Economic Area. Where personal data is transferred outside the EEA, we aim to ensure that appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms.

10. Data Retention

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Typical retention periods may include:

  • Contact enquiries: kept as long as necessary to respond and follow up
  • Customer and project records: kept for the duration of the customer relationship and a reasonable period afterwards
  • Accounting records: kept according to Norwegian accounting and tax requirements
  • Support tickets and technical logs: kept as long as necessary for support, security, documentation, and service improvement
  • Consent records: kept as long as needed to document consent and preferences

11. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, disclosure, or destruction.

Security measures may include access controls, secure passwords, encryption where appropriate, backups, software updates, server security, logging, monitoring, and limitation of access to personal data.

No digital service can be guaranteed to be completely secure, but we work to maintain a responsible and practical level of protection based on the type of data and the services we provide.

12. Your Privacy Rights

Depending on the situation and applicable law, you may have the right to:

  • Request access to personal data we process about you
  • Request correction of inaccurate or incomplete personal data
  • Request deletion of personal data
  • Request restriction of processing
  • Object to processing based on legitimate interests
  • Request data portability where applicable
  • Withdraw consent where processing is based on consent
  • Complain to a supervisory authority

To exercise your rights, contact us at . We may need to verify your identity before processing your request.

13. Complaints

If you believe that we process your personal data in violation of applicable data protection rules, you may contact us first so we can review the matter.

You also have the right to lodge a complaint with the Norwegian Data Protection Authority:

Datatilsynet
Website: www.datatilsynet.no

14. Children

Our services are primarily intended for businesses and adults. We do not knowingly collect personal data from children unless it is necessary for a specific service and a valid legal basis exists.

15. Third-Party Websites

Our website may contain links to third-party websites, services, or platforms. We are not responsible for the privacy practices, content, or security of third-party websites. We recommend that you read the privacy policy of any external website you visit.

16. Changes to This Privacy Policy

We may update this Privacy Policy when necessary, for example if our services, systems, legal requirements, or data processing practices change.

The latest version will be published on our website with an updated revision date.

17. Contact Us

If you have questions about this Privacy Policy or how we process personal data, please contact:

Bremnes Data & Consulting
Nesevågen 13
5970 Byrknesøy
Norway

Email:
Phone: +47 405 43 981