Facebook Linkedin

Privacy Policy

Last updated: 3 May 2026  |  Nordic Gulf Advisory  |  Stavanger, Norway

This Privacy Policy explains how Nordic Gulf Advisory collects, uses, and protects your personal data when you visit our website or use our services. We are committed to handling your data responsibly and in full compliance with the EU General Data Protection Regulation (GDPR) and Norwegian Personopplysningsloven.

1. Who We Are

The data controller responsible for your personal data is:

  • Company name: [COMPANY LEGAL NAME — e.g. Nordic Gulf Advisory AS]
  • Organisation number (org.nr): [ORG.NR — 9-digit number from Brønnøysundregistrene]
  • Registered address: [REGISTERED ADDRESS], Stavanger, Norway
  • Contact email: [PRIVACY EMAIL — e.g. [email protected]]
  • Website: nordicgulfadvisory.com

2. What Data We Collect

We collect personal data in the following ways:

  • Contact forms — Name, email address, phone number, country, area of interest, and any message you voluntarily submit.
  • Booking tool (Calendly) — Name, email address, and any details you provide when scheduling a call.
  • Google Analytics 4 — Anonymised IP address, pages visited, time on site, browser type, and general geographic location. This data is only collected after you consent to analytics cookies via our cookie banner.
  • Email correspondence — Any information contained in emails you send us.
  • WhatsApp messages — If you contact us via WhatsApp, we receive your phone number and the content of your message.

We do not collect sensitive personal data (e.g. racial origin, health data, financial account numbers).

3. Why We Collect It & Legal Basis

We process your personal data for the following purposes:

  • To respond to your enquiry — Legal basis: legitimate interests (Art. 6(1)(f) GDPR).
  • To schedule and conduct advisory calls — Legal basis: performance of a contract or pre-contractual steps (Art. 6(1)(b) GDPR).
  • To send follow-up information you have requested — Legal basis: consent (Art. 6(1)(a) GDPR). You can withdraw consent at any time.
  • To analyse website traffic and improve our service — Legal basis: consent (Art. 6(1)(a) GDPR). Analytics cookies are only activated after you click «Accept» in our cookie banner.

4. How Long We Keep Your Data

  • Contact form submissions: Retained for [INSERT: 6 / 12 / 24] months from the date of receipt, then permanently deleted.
  • Email correspondence: Retained for up to 3 years for legitimate business record purposes.
  • Google Analytics data: Retained per the GA4 data retention setting (default: 14 months). You can adjust this in your GA4 property settings.
  • Booking records (Calendly): Retained for 12 months after the call date.

When the retention period expires, data is securely deleted or anonymised.

5. Who We Share Your Data With

We do not sell your personal data. We may share data with the following trusted third-party processors:

  • Google LLC (Google Analytics 4) — Website analytics. Google is certified under the EU-US Data Privacy Framework. Google Privacy Policy. [INSERT: confirm DPA is signed at analytics.google.com/terms/dpa/dataprocessingamendment_20160909.html]
  • Calendly LLC — Appointment scheduling. Calendly Privacy Policy. [INSERT: other tools e.g. Mailchimp, HubSpot — add here]

We may be legally required to disclose personal data to Norwegian authorities (e.g. Datatilsynet, police) if required by applicable law.

6. Your Rights Under GDPR

As a data subject, you have the following rights. You can exercise any of them by contacting us at [PRIVACY EMAIL].

  • Right of access (Art. 15) — You can request a copy of all personal data we hold about you.
  • Right to rectification (Art. 16) — You can ask us to correct inaccurate or incomplete data.
  • Right to erasure (Art. 17) — You can request deletion of your personal data («right to be forgotten»). We will comply unless we have a legal obligation to retain it.
  • Right to restriction (Art. 18) — You can ask us to limit processing of your data in certain circumstances.
  • Right to data portability (Art. 20) — You can request your data in a structured, machine-readable format.
  • Right to object (Art. 21) — You can object to processing based on our legitimate interests. We will stop unless we have compelling legitimate grounds.
  • Right to withdraw consent — Where processing is based on consent, you can withdraw at any time by contacting us or updating your cookie preferences.

We will respond to all requests within 30 days.

7. Cookies

We use cookies on this website. Our cookie banner gives you the choice to accept or reject non-essential cookies.

  • Necessary cookies — Required for the website to function. Always active.
  • Analytics cookies (Google Analytics 4) — Used to understand how visitors use our site. Only activated with your consent.

You can change your cookie preferences at any time by clicking the «Cookie settings» link in the footer, or by clearing your browser cookies and revisiting the site.

8. Contact & Complaints

For any questions about this Privacy Policy, or to exercise your rights, please contact us:

Nordic Gulf Advisory
Email: [PRIVACY EMAIL]
Address: [REGISTERED ADDRESS], Stavanger, Norway

If you believe we have mishandled your personal data, you have the right to lodge a complaint with Datatilsynet (the Norwegian Data Protection Authority):

  • Website: www.datatilsynet.no
  • Telephone: +47 74 07 70 00
  • Address: Datatilsynet, Postboks 458 Sentrum, 0105 Oslo, Norway

We encourage you to contact us first so we can resolve any concern directly.

We may update this Privacy Policy from time to time. The date at the top of this page will always reflect the latest version. Continued use of our website after changes are posted constitutes acceptance of the updated policy.

Whatsapp