privacy

How Vassbrekke AS handles personal data on vassbrekke.no · Last updated: July 4, 2026

Vassbrekke AS ("Vassbrekke", "we", "us", or "our") operates the website at vassbrekke.no. This policy explains what personal data we collect, why we process it, your rights, and how to contact us. It applies to visitors of this website. Mobile apps published under VassDev have separate privacy policies.

# man 5 privacy.controller

$ cat /etc/vassbrekke/legal.conf

Data controller: Vassbrekke AS
Location: Haugesund, Norway
Email: contact@vassbrekke.no
Privacy inquiries: privacy@vassbrekke.no

We have not appointed a Data Protection Officer (DPO). For privacy questions or to exercise your rights, contact us at the addresses above. We respond within the timeframes required by applicable law (typically 30 days under GDPR).

# man 5 privacy.collection

$ grep COLLECT /var/log/access.log

Depending on how you use the site, we may process:

  • Contact form data — name, email, company, message, and interest category when you submit our contact form.
  • Technical data — IP address, browser type, device information, referring URL, and pages viewed, collected automatically by our web server and hosting provider for security and operations.
  • Cookie and consent data — your cookie preferences stored locally in your browser (see Cookies below).
  • Communications — content of emails you send us and our replies.

We do not knowingly collect personal data from children under 16 without parental consent. We do not sell personal information as defined under US state privacy laws.

# man 5 privacy.lawful_basis

$ cat /etc/gdpr/lawful-basis.map

We process personal data on the following legal bases:

  • Consent — optional analytics cookies (only if you opt in via our cookie banner).
  • Contract / pre-contractual steps — responding to your contact or investment inquiries.
  • Legitimate interests — securing and operating the website, preventing abuse, and understanding aggregate traffic (where not overridden by your rights).
  • Legal obligation — where required by Norwegian or EU law.

Business purposes (CCPA/CPRA): providing and maintaining the website, communicating with you, security and fraud prevention, compliance with law, and internal analytics if you consent.

# man 5 privacy.sharing

$ ls /etc/third-party/

We do not sell or share personal information for cross-context behavioral advertising. We may share data with:

  • Hosting and infrastructure providers — to deliver the website (data may be processed in the EU/EEA or countries with adequacy decisions).
  • Email providers — to deliver messages you send via our contact form or email.
  • Authorities — when required by law or to protect our legal rights.

We do not use third-party advertising or social-media trackers on this site. If that changes, we will update this policy and request consent before loading non-essential scripts.

# man 5 privacy.transfers

$ traceroute privacy.global

Vassbrekke is based in Norway (EEA). Personal data is primarily processed within the EEA. If we transfer data outside the EEA — for example to a subprocessors in the United States — we rely on appropriate safeguards such as EU Standard Contractual Clauses (SCCs) or adequacy decisions, and we assess transfer risks as required by GDPR Chapter V.

# man 5 privacy.retention

$ find /var/data -mtime +365

  • Contact inquiries: up to 24 months after the last communication, unless a longer period is required for legal claims.
  • Server logs: typically 30–90 days, depending on hosting configuration.
  • Cookie consent records: stored in your browser until you clear site data or we change our consent version.

We delete or anonymize data when it is no longer needed for the purposes above.

# man 5 privacy.cookies

$ cat /etc/cookies/categories.conf

Cookies are small text files stored on your device. We use the following categories:

  • Strictly necessary — required for basic site operation and to remember your cookie consent choice. Always active.
  • Analytics — optional; help us understand site usage. Not loaded unless you accept them in our cookie banner.
  • Marketing — not used on this site.

You can change your preferences at any time by clearing site data and revisiting the site, or by using your browser settings. Essential cookies cannot be disabled without affecting site functionality.

# man 5 privacy.rights

$ man gdpr-rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — obtain a copy of data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure — request deletion where applicable.
  • Restriction — limit how we use your data.
  • Portability — receive data in a structured, machine-readable format (GDPR).
  • Objection — object to processing based on legitimate interests or direct marketing.
  • Withdraw consent — at any time, without affecting prior lawful processing.
  • Opt out of sale/sharing — see Do Not Sell or Share below (US residents).
  • Non-discrimination — we will not discriminate against you for exercising privacy rights.
  • Lodge a complaint — with your local supervisory authority (see below).

To exercise any right, email privacy@vassbrekke.no. We may need to verify your identity before responding.

Do Not Sell or Share My Personal Information

Under the California Consumer Privacy Act (CCPA), as amended by CPRA, and similar US state laws (Virginia VCDPA, Colorado CPA, Connecticut CTDPA, and others), California and certain US residents have the right to opt out of the "sale" or "sharing" of personal information for cross-context behavioral advertising.

Vassbrekke does not sell personal information and does not share it for cross-context behavioral advertising. No action is required to opt out. If our practices change, we will provide a clear opt-out mechanism on this page and honor Global Privacy Control (GPC) signals where legally required.

To submit a privacy request (access, deletion, correction), email privacy@vassbrekke.nowith the subject line "Privacy Request" and your state of residence.

# man 5 privacy.regional

$ grep -R NOTICE /etc/privacy/

European Economic Area & UK (GDPR / UK GDPR)

If you are in the EEA or UK, GDPR/UK GDPR applies. Our lawful bases, retention periods, and transfer safeguards are described above. You may contact the Norwegian Data Protection Authority (Datatilsynet) at datatilsynet.no or the UK ICO at ico.org.uk.

Brazil (LGPD)

Brazilian residents may confirm processing, access, correct, anonymize, or delete data, and withdraw consent. Contact privacy@vassbrekke.no. You may also contact ANPD (Autoridade Nacional de Proteção de Dados).

Canada (PIPEDA)

Canadian residents may access personal information we hold and challenge its accuracy. Contact us at privacy@vassbrekke.no. You may file a complaint with the Office of the Privacy Commissioner of Canada.

South Africa (POPIA)

South African residents may request access to or correction of personal information, and object to processing. Contact privacy@vassbrekke.no.

Japan (APPI)

Japanese residents may request disclosure, correction, or suspension of use of personal information. Contact privacy@vassbrekke.no.

Singapore (PDPA)

Singapore residents may access and correct personal data, and withdraw consent. Contact privacy@vassbrekke.no.

South Korea (PIPA)

Korean residents may access, rectify, or delete personal information and suspend processing. Contact privacy@vassbrekke.no.

Australia (Privacy Act)

Australian residents may access and correct personal information. Contact privacy@vassbrekke.no. You may complain to the Office of the Australian Information Commissioner (OAIC).

Switzerland (FADP)

Swiss residents have rights of access, rectification, and deletion under the revised FADP. Contact privacy@vassbrekke.no.

European Union (ePrivacy)

We obtain valid consent before storing or accessing non-essential cookies on your device, in line with the ePrivacy Directive as implemented in EU member states. Essential cookies are used without consent where permitted by law.

# man 5 privacy.changes

$ git log --oneline privacy.md

We may update this policy from time to time. The "Last updated" date at the top will change when we do. Material changes will be highlighted on the site where appropriate.

# man 5 privacy.apps

$ ls /opt/vassdev/*/PRIVACY

VassDev mobile and desktop apps have product-specific privacy policies. See the VassDev page for links — for example, DeepCleaner privacy policy.