Norexeco Logo

Privacy Policy

Last updated: Friday 15, December, 2023

Customize your data

Click here to customize your data

Data Controller

This Privacy Policy (the “Privacy Policy“) describes the processing of your personal data by NOREXECO ASA (“NOREXECO“).

By using our website and / or contacting us to use our services or for other inquiries, NOREXECO will process personal data about you. Below you will find information about what personal data we collect, the purposes for which we process your personal data and information regarding your rights related to the processing of personal data.

The data controller is NOREXECO by Mr. Stein Ole Larsen, the CEO. The contact information to him is:

Address: Brugata 10, 2212 Kongsvinger, NORWAY

E-mail address:

Telephone number: +47 6281 3000

Organization number: 998 548 217 (VAT)

If you have any questions about our processing of your personal data, please contact us at .

Personal data we process and Why we process personal data

We collect and process your personal data for different purposes, depending on who you are and how we come into contact with you. We collect the following personal information for the purposes stated here:

In order to fulfill the documentation requirements of becoming a Trade Member of NOREXECO, enter into other agreements with NOREXECO, fulfill an agreement we have with you and/or answer your inquiries to us, we will process your name, e-mail address, address and other contact information, and if required by law store a copy of personal identification and payment information.In order to send out marketing, newsletters and provide information about our business, we will process your e-mail address and name. The processing is based on your consent.

Disclosure of personal information to others

We will not share your personal data with others unless there is a legal basis for such disclosure. Such legal basis will typically be an agreement with you or that the law requires us to provide such information.

NOREXECO uses data processors to collect, store or otherwise process personal data on their behalf. In such cases, we have entered into an agreement with the data processor to ensure data security at all stages of the processing. We use the following categories of data processors today:

Suppliers operating IT systemsSuppliers assisting in salary administrationSuppliers assisting the operation of different core systemsSuppliers assisting with security measures, for example access controlPostHog product analytics tool to collect data about how you use

All processing of personal data is taking place within the EU / EEA area or in a third country provided the supplier is confirmed GDPR compliant.


We do not store your personal data any longer than necessary to fulfill the purpose of the processing, and otherwise as long as we are required by law. For example, we store certain payment information for 5 years, according to the Norwegian Bookkeeping Act Section 13.

This means, for example, that personal data that we process on the basis of your consent will be deleted when you withdraw your consent. Personal data we process to fulfill an agreement with you will be deleted when the agreement is fulfilled and all obligations arising from the agreement are fulfilled. We will nevertheless store data as long as we are required by law, and also if a special need arises, for example to establish, exercise or defend complaints or legal claims directed against us or by us.

Your rights when we process your personal data

Privacy laws and regulations give you a variety of rights related to the processing of your personal data.

While this Privacy Policy provides a lot of information about our processing of your personal data, you may ask for more in-depth information on how we process your data. Furthermore, you have the right to access the personal data we process about you. If your personal data is incorrect, you have the right to have them rectified. If we do not have the legal basis to process personal data, the data should be erased, and you may require this to be done if we have not deleted it on our own initiative. You may request that we restrict the use of your personal data. You are entitled to so-called data portability and may request that your personal data be transferred to you or to another business in a structured, commonly used and machine-readable format. You may oppose our processing of your data. You may also object to be subject to completely automated individual judicial decision-making. If you believe that we process your personal data without a legal basis, you may also complain to the Norwegian data authority (“Datatilsynet”), but we ask you to contact us first in order for us to address your objections and resolve any misunderstandings.

Privacy legislation has extensive provisions on the above and there may be exemptions from certain rights. If you wish to exercise your rights, please contact us using the contact information at the top of the document, and we will answer your inquiry as soon as possible and usually within 30 days.


If there is a change in our organization or in our services, or if there are changes to privacy laws or regulations, this Privacy Policy may change. If we have your contact information, we will notify you of these changes. Otherwise, updated information will always be available on our website.