Widget Image
Cum sociis natoque penatibus et magnis part masa urient montes, nascetur ridiculus mus.
[contact-form-7 404 "Not Found"]


Privacy Policy

Privacy Policy

Before buying, and using, Whitestory AS’ products and services, you consent that we can treat personal information about you, and confirm that you have read, understood and content.

The declaration describes what kind of personal information we collect through our websites, and when using our products and services, and how the information and data is treated.

When you visit our websites data concerning the following is collected: web browser, Internet service provider (ISP), referral and exit sites, operating systems, data, time of day, clickstream and other user services as part of our service analysis. These data are not linked to other personal data we collect, and are anonymous.

We use cookies on our website for marketing purposes, to gather reliable traffic data, and to increase the functionality on our web pages. For information on cookies, and how these are used, please visit our Cookie Policy (link til Cookie på nettsiden).

This declaration includes detailed information concerning our service providers, so that we are transparent.


Responsible company:

Whitestory AS

Eckersbergs gate 4

0266 Oslo


E-mail: hilde@whitestory.no


Data Protection Officer:

Hilde Hagen

System administrator

E-mail: hilde@whitestory.no


If you have any objections with regards to privacy or the use of data that has not been treated in a proper matter, you can also form a complaint and send it to The Norwegian Data Protecion Authority.

Whitestory AS is responsible for the treatment of personal information in connection to visits to our website, or when ordering products and services from our company, and with contact to our Customer Service.

The following personal data is collected in order to identify and register (1) the customer relationship, (2) contact person(s) in the customer relationship, (3) user accounts in our systems.

  1. First name, surname, postal address, telephone number, e-mail address
  2. First name, surname, telephone number, e-mail address
  3. First name, surname, telephone number, e-mail address

And in order to deliver the service in accordance with our agreement, and to perform customer service at request. Due to security reasons the IP-address that is used when ordering, administrating, and using our services is saved. It is not voluntary to give out personal information unless something else can be seen from this declaration, or from the user interface of the services.

Personal information is saved on services owned and operated by Whitestory AS, and is localised in Norway and/or EU, unless other information is specified.

Whitestory AS is obliged to delete or correct personal information that is not correct. Personal information that is not correct or inconclusive will be updated by using third party information from, but not limited to, 1881.no, the Norwegian Post, Bring, Experian, The Brønnøysund Register Centre and other public sources to information.


Stripe, Bookly, iZettle, Facebook Ireland and Facebook Inc, GlobalSign, Google Analytics, Google Adwords



When paying with a debit- or credit card, the information on you card is saved at Stripe, which is PCI DSS-certified. Credit card information will only be accessible for Whitestory AS, in “anonymized” form. No parts of the card number is saved in our systems, only a reference to the transaction in Stripe.


Bookly operates the platform that is used to book appointments for trying our products. All information is registered and saved in e-mail correspondence with hilde@whitestory.no is saved on servers owned and operated by PageLook.no (FaceLook AS).

When using a chat services, information concerning IP address and web browser version is saved. Other personal information is given to us on a voluntary basis, and you can use the service anonymous.

Facebook Ireland and Facebook Inc.

Facebook measures and the reach and results of our marketing campaings on Facebook.


GlobalSign provides SSL-certificates that we use for encryption of communication in our systems. Information collected in connections with registration of a SSL-certificate is saved on servers owned and operated by GlobalSign.

Google Analytics

Whitestory AS collect website data by using Google analytics. Google Analytics use Cookies and receive general website statistics such as web browser, time, language, referral website. Received information is in accordance with Google’s policy for privacy.



Google Adwords

Whitestory AS use for Adwords for marketing on Google.

Received information is in accordance with Google’s policy for privacy.


Registrar services (International)

Personal Information which is collected in connection to registering domain name will be saved at Registrar for the relevant top level, and published at WHOIS in line with our Service agreement, and current regulations for the relevant top level, which you accepted when registering.


Suppliers outside the EU, that do not offer saving of data inside the EU, and in compliance with the EU-U.S. Privacy Shield framework agreement and the U.S. Swiss Safe Harbor framework agreement established by the US Deparment of Commerce, and commit to treating to all personal information from EU member countries with the trust the framework agreements implies, in accordance with the agreements current principles.

No personal Information is handed to third party suppliers without explicit consent from you. However, a supplier can pass on data to a third party functioning as an agent on their behalf. If so, the transfer will not happen without complying with the principles of the Privacy Shield for all trailing transfers of personal information from the EU, including the provisions concerning responsibility for further transfers.

Stripe Privacy Shield-certification:



Alternatively, you can contact us, and let us lead the case for you.

You can also, under certain conditions, further described Privacy Shield’s website, submit binding arbitration when other procedures for dispute Resolution is exhausted.


Personal information is collected so that Whitestory AS can perform those tasks and services that we are imposed to execute in accordance to law, regulations and/or agreements. The treatment of personal information is at any time in accordance with current law and regulations.

If there is a, by law, need for disclosure to public authorities, registered personal information will be sent to the authorities according to their claims.

Please note that the treatment of personal information with regards to specific services and products can be regulated by separate agreements which are made available through our Service Agreement. This includes, but is not limited to, domain name and information registered in WHOIS.

Access and correction

At any time, you have the right to access the information that is registered. You can at any time see and edit your personal information through our Control Panel.

You can also contact Customer service, which will answer your request within 1 working day.

Storing and deleting

Information that is no longer needed for the purpose they are saved for, will be deleted consecutively.

Whitestory AS saves personal information concerning customers, at all times compliant with the current law. When you delete, or terminate, services, some of your personal information, primarily contact information, order- and invoice logs,  and copies of correspondence, will remain in our registers to the extent that is needed to protect legal rights, or legislative demands to documentation.

Data portability

You have the right to data portability. This means that you can collect your personal information in a machine-readable format.


We combine a combination of physical, electronical and procedurally security to protect personal information.

Information on your account is password protected. Furthermore, your password is protected is saved with a one-way hash-algorithm with a variable work factor.

All data transfers that occur over the Internet is password protected. All transactions are treated by a SSL/TLS-connection, with a minimum 256-bies encryption. However, there is no guarantee that someone might get access to this kind of information, or that they can be compromised, changed if there is a breach in a fire wall or in a secure server software.

Since no data transfers via the Internet is 100% secure, we cannot guarantee or promise the security of the information you send us.

If Whitestory AS is known to that there has been a breach in our security systems, we will inform you in writing per SMS or via e-mail, so that you can make needed protective measures. By using our services or by giving us personal information, you consent to that Whitestory AS can contact you electronically with regards to issues regarding security, personal data or administrative problems, related to your uses of our services.

Whitestory AS is also obliged to warn the The Norwegian Data Protection Authority within 72 hours that we are aware of any breach in our security.

You have the responsibility to implement needed security measures when using our services. That includes, but is not limited to, using a secure password, encrypting you password, secure storage of encryption keys, installation of security updates in third parties software and components.

Whitestory AS is not responsible for the information you choose to save via our services, and we cannot guarantee for the consequences as a result of breaches in security.


None of Whitestory AS’ services demands that sensitive and confidential personal information is given to us. Registering this information in Whitestory AS’ interfaces is not allowed, and shall not be given to Whitestory AS under any circumstances.

In any case you are required to send a copy of your ID, you shall blackline your social security number.


In some cases, our services include third party functions, services, apps and links, from other suppliers and websites where Privacy Policy may deviate from ours. These third party functions may collect your IP address, what website you visit, and they may save cookies so that third party functions are functioning properly.

Third party functions may also collect sensitive information, for instance financial information (credit card) to dispatch purchases of products and services.

If you send personal information to any of these websites, this information is subject to their guidelines for Privacy Policy. We encourage you to thoroughly read through the guidelines for privacy policy for all websites you visit before giving out personal information.


The customer accepts that Whitestory AS reserves the right to make changes in the Privacy Policy consecutively.

Whitestory AS is obliged to notify the Customer of any significant changes. Significant changes includes any matter that restricts the Customer’s rights, or that changes the parties commitments or rights. Changes in significant shall be notified by e-mail to the address given as contact information in the customer relationship.