Utspring Privacy Policy

Last Updated: 28. Jan 2026

1. Responsible Data Controller The entity responsible for processing personal data (Data Controller) is: Name: Utspring Org.nr: 935697476 Address: Storsjøvegen 2592, 2133 Gardvik Email: hello@utspring.life

2. What Information We Collect To manage your membership and ensure safety at our events, we can collect the following:

  • Personal Info: Name, email address, and phone number.
  • Payment Data: Transaction history and payment method details (processed securely via Stripe; we do not store full credit card numbers).
  • Membership Status: Which membership tier you have chosen and your agreement to our principles.

3. Why We Collect It (Purpose) We process data based on the General Data Protection Regulation (GDPR):

  • Contractual Necessity (Art. 6.1.b): To process your payment, confirm your membership, and deliver event details.
  • Legal Obligation (Art. 6.1.c): To comply with the Norwegian Bookkeeping Act (Bokføringsloven) regarding transaction history.
  • Legitimate Interest (Art. 6.1.f): To communicate important safety updates regarding events.

4. Sensitive Data We do not collect sensitive health data (e.g., medical history, severe allergies) through our automated checkout systems. Any health-related needs must be communicated directly to organizers via secure channels or in person.

5. How We Store and Share Data

  • Stripe: We use Stripe.com as our payment processor. Your data is transferred to Stripe specifically to process payments and prevent fraud. Stripe operates under strict security standards (PCI-DSS).
  • Third Parties: We do not sell your data. We may share member lists with core organizers strictly for event logistics (e.g., gate lists).
  • International Transfers: Data processed by Stripe may be stored on servers in the US, protected by the EU-US Data Privacy Framework.

6. Data Retention

  • Membership Data: Stored as long as you are an active member.
  • Transaction Data: Stored for 5 years as required by Norwegian Accounting Law.

7. Your Rights Under GDPR, you have the right to:

  • Request a copy of the data we hold on you.
  • Request correction of wrong data.
  • Request deletion of data (Right to be Forgotten), unless we are legally required to keep it (e.g., for accounting).

To exercise these rights, contact us at: hello@utspring.life