Privacy policy.
Who we are
This website is operated by Fenori IO AS, org. nr. 936 335 241, Norway. Email: legal@fenori.io.
Fenori IO AS is the data controller for personal data processed through this website. This policy applies only to your use of fenori.io. It does not apply to Fenori’s services, which are governed by separate agreements with our clients.
What data we process, why, and on what legal basis
Server logs and technical data. When you visit the website, our hosting provider automatically processes technical data necessary to deliver the site to your browser. This includes your IP address, browser type and version, operating system, referrer URL, pages visited, and the date and time of your visit.
– Purpose: delivering the website, ensuring stability and security, and detecting and preventing abuse.
– Legal basis: legitimate interest (GDPR Art. 6(1)(f)) in operating a secure and functional website.
– Retention: server logs are retained by our hosting provider for a short period consistent with security and operational needs, after which they are deleted or anonymised.
Contact by email. If you contact us by email, we process the personal data you provide, typically your name, email address, and the content of your message.
– Purpose: responding to your enquiry and any follow-up correspondence.
– Legal basis: legitimate interest (GDPR Art. 6(1)(f)) in handling correspondence, or steps taken at your request prior to entering into a contract (GDPR Art. 6(1)(b)) where your enquiry relates to a potential engagement.
– Retention: we keep correspondence for as long as necessary to handle your enquiry and any resulting relationship, and thereafter only where we have a legal obligation or legitimate interest in retaining it.
Newsletter. If you subscribe to the Fenori Intelligence newsletter, we process your email address to send you the newsletter.
– Purpose: sending you the newsletter you subscribed to.
– Legal basis: your consent (GDPR Art. 6(1)(a)).
– Retention: until you unsubscribe. You can withdraw consent at any time using the unsubscribe link in any newsletter or by emailing legal@fenori.io. Withdrawal does not affect the lawfulness of processing before withdrawal.
Data processors and recipients
We use the following processors to operate the website:
– Vercel Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA) provides hosting and content delivery for the website. Vercel processes the technical data described in section 2 on our behalf.
– Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) provides our email infrastructure (Google Workspace). If you contact us by email, your correspondence is processed on Google’s servers.
We have data processing agreements in place with these providers. We do not sell personal data and we do not share it with third parties for their own marketing purposes.
International transfers
Vercel and Google are established in the United States. Transfers of personal data to these providers are safeguarded by their certification under the EU-U.S. Data Privacy Framework and, where applicable, the European Commission’s Standard Contractual Clauses. You can request further information about these safeguards by contacting us.
Cookies
This website does not use cookies for tracking, advertising, or analytics. Only strictly necessary technical mechanisms required to deliver the website are used. If this changes, this policy will be updated and, where required, your consent will be requested before non-essential cookies are set.
Your rights
Under the GDPR you have the right to:
– access the personal data we hold about you (Art. 15)
– rectification of inaccurate data (Art. 16)
– erasure (Art. 17)
– restriction of processing (Art. 18)
– data portability (Art. 20)
– object to processing based on legitimate interest (Art. 21)
– withdraw consent at any time where processing is based on consent (Art. 7(3))
To exercise any of these rights, contact us at legal@fenori.io. We will respond within one month.
You also have the right to lodge a complaint with a supervisory authority. In Norway, this is Datatilsynet (the Norwegian Data Protection Authority), www.datatilsynet.no.
Automated decision-making
We do not use personal data collected through this website for automated decision-making or profiling within the meaning of GDPR Art. 22.
Data security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction, including transport encryption (TLS) and access controls.
Changes to this policy
We may update this policy from time to time, for example if the website’s functionality or our providers change. The current version is always available on this page with its effective date.