Privacy Policy
These policy is updated 2023/07/01
Never Ending Story AS is the responsible controller for your personal data Your personal data is safe with us, and we only use data for purposes that are described in this document.
​
-
ABOUT NEVER ENDING STORY AS, THE SERVICES AND THE REGISTRANTS
Who we are
Never Ending Story AS, Norwegian company registration no. 926 663 941 publishes several products and services. This privacy policy is valid when we process personal data about you. Never Ending Story AS use data about our users across all our products and services for different purposes – hereunder deliver the best possible services to our users and customer.
Never Ending Story AS depends on your trust in how we process your personal data. This privacy policy explains why we gather information about you, how that information is used, and how we consider your privacy.
The Services
The privacy policy explains how Never Ending Story AS and our partners gather and use personal data when you register with and use our websites and other services. Never Ending Story AS delivers websites, mobile applications, newsletters and alerts, print magazines and memberships. Hereinafter together, these are called «the Services».
Individual publications control personal data used for journalistic purposes. Personal data processing for journalistic purposes is exempt from legal obligations such as rights of information, deletion and legal basis for processing.
This privacy policy also explains your privacy-related rights towards Never Ending Story AS and our partners. The Services are owned and run by Never Ending Story AS. Its registered address is Huserveien 70, 1684 Vesterøy, Norway. If you wish to contact the controller with any concerns, you may send an e-mail or contact us via the contact page.
-
WHOSE PERSONAL DATA DO WE PROCESS
Never Ending Story and its subsidiaries has several groups of end users. If you visit or use the Services, you will belong to one of those groups of end users. The General Data Protection Regulations (“GDPR”) defines you as a «registrant» when you are an end user and identifiable individual with personal data processed.
Subscribers and registered users
Never Ending Story AS processes the most personal data on active subscribers. You are considered a passive user if you have cancelled your subscription to one of Never Ending Story AS Services and more than 12 months have passed since you cancelled it. After that, we will keep some data as regulated by law. We will ask for your consent to store and process further for other data and purposes. You can also be a registered user without having a subscription to our services. This will be the case if you receive a  newsletter, have registered for a trial access to the Services, or registered for any other service that does not require payment.
Unregistered users
Unregistered users visit any Services but neither register nor pay to use them; Never Ending Story AS processes very little personal data about this group of users.
Why do we process your personal data?
We process personal data about you for these overall purposes:
1. We process your personal data to be able to provide you with the Services and fulfil any customer agreements we have with you. This includes, for instance, giving you access to the Services, allowing you to administer your user and customer relations, delivering magazines to your address, sending invoices and reminders to your email address, and informing you about important matters related to your customer relationship or the Services.
2. We also use data about you to personalize the Services to your user profile, for example, by customizing some of the content shown to you.
3. Data about you is also used to prevent misuse of the Services. Misuse may be attempted by logging onto other people’s accounts, trying to swindle people, “spamming”, hate messages, harassment, and other acts forbidden according to relevant legislation and our terms and conditions.
4. We use data about you and your use of the Services to ensure an optimal user experience and learn more about how we can and should develop the Services further. We do this by analyzing data about how our users consume the Services, testing the Services during product development and personalizing content recommendations.
5. We use data about you and your use of the Services for direct communication and marketing purposes through channels like our digital platforms, email, text messaging, letters, and telephone calls, or on other services like mobile push and social media platforms,  unless you have opted out from such communication or in other ways have withdrawn your consent. We use behavioral data to offer products and services within our portfolio that we think will be useful for you. Some types of communication is not possible to opt-out from – e.g. dialogues related to payment for services.
6. Our Services is mainly financed by advertising revenue and depends on providing, personalizing, and measuring the effect of adverts and other marketing in the Services. This is done by Never Ending Story and its subsidiaries and in collaboration with third parties, for example Google Ireland Ltd.
The data is also used by us and our advertisers, restricted to the Services for profile and segment-based marketing, further developing targeted advertising products, programmatic advertising, automatic marketing, and so-called «retargeting».
By «Programmatic advertising», we mean automated trading of digital advertising via an exchange where we make our ad impression inventory available, and the advertisers can place bids on the impressions based on their criteria. Ads are served in real-time.
By «Retargeting» we mean repeated and targeted advertising towards an end-user within the context of the Services.
-
OVERVIEW OF NWEVER ENDING STORY LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
Any processing of personal data requires a legal basis. This means that before we starts processing your personal data, we must ensure that we are entitled to carry out that processing. That basis may come directly from you for instance, in the form of an agreement with us (for instance, our subscription and user terms), or in the form of active consent (for instance, if you have accepted receiving offers via email from us while being a non-subscriber). Here is an explanation of what bases we use to process personal data and when we use them.
​
Never Ending Story and its subsidiaries neither can nor will process personal data about you other than what is expressly stated, and neither can nor will we do it in other ways than those described in this policy.
​
Agreement
​
If you are a subscriber to or a registered user without a subscription for the Services, we process personal data about you to fulfil your user agreement. It is only the processing that is necessary for meeting our obligations under the agreement that is carried out with this processing basis.
​
What processing is necessary to fulfil the agreement will depend on the user agreement between you and Never Ending Story and its subsidiaries. The agreement will vary for end users based on what kind of subscription is agreed upon. Your user agreement will be available, and you should read it before you accept the agreement.
​
Newsletters and notices
​
We offer newsletters and alerts from our editorial teams. You may receive these if they are part of your subscription or if you opt-in to receive them. Opting in may be subject to either a paid subscription and/or that you register with us to receive a newsletter and accept relevant terms and conditions. You  control the sign-up, and  in the event you want to unsubscribe, you are free to do so via the unsubscribe button in the newsletter.
​
Legitimate interest
​
Moreover, we have a legitimate interest in some forms of processing, such as advertising purposes, marketing purposes etc. Such processing based on a legitimate interest applies to users with a registered profile or a subscription or passive users (former subscribers) as described above.
You have a right to «opt out», which means you can reserve yourself against the processing, as described, by contacting us by the contact page or e-mail.
​
Consent
​
You are free to use the Services without giving us your consent to process your personal data. You may use forms available on the Services to contact us directly or by other means of communication. If you choose to use an online form to contact us, we will, at minimum, process your name, email address, and any other information you provide directly in the form. By sending in the form, we consider that you have consented to this processing in the context of processing your request.
​
We might ask for your consent to send you good offers when you are no longer considered an active user or subscriber.
​
Cookies
​
We use information from our own and third parties’ cookies, tracking pixels and other tracking technology integrated into the Services. This processing applies to all groups of end users of the relevant Services.
​
When you access and start using the Services, you consent to Never Endings Story and its partners processing data about you, as described in this privacy policy.
​
If your browser allows information files, so-called cookies, this is considered as you have given us consent to using cookies, as stated in this privacy policy. Please also see our Cookie Policy. However, we wish to inform you that certain parts of the Services’ functionality depend on such consent and that your access to and experience as a user of the Services could be affected.
​
Legislation
We are required by law to carry out certain processing of personal data, for instance, any personal data that we must process in order to comply with its accounting and book-keeping obligations.
4. THE DATA THAT IS PRECESSED
​
Data that is processed about everyone using the Services:
a: Information that is available on your device and its internet connections, such as, for example, the name of the maker of your mobile phone/PC, operating system and browser version, e-mail client, and information on the connection with the Services, such as IP-addresses, network ID, cookies and unique identification files.
b: Statistics on your use of the Services, such as, for instance, how often various buttons or links are pressed, completed purchases, what pages are visited, when and for how long they are visited, cross-device-tracking for logged-in users, etc.
c: Statistics on interaction over adverts, newsletters and surveys displayed in the Services.
d: The location of the unit you use, if the unit shares such information.
The information in the above points is basically not connected with your identity but is treated as anonymized or pseudonymized data users. You can limit such storage by surfing in «Private Mode»/«Incognito Mode» when you are not logged in. You can also turn off cookies in your browser or change your privacy settings when logged in.
Data that is processed in addition for various end-users:
In addition to the information mentioned in 4.1, we may process personal data about the various end-users as described here:
​
Subscribers
​
If you register as a customer or user of the Services, stored information described in the items above may be connected to your user account. For subscribers, we process data points such as name, address, mobile number and email address, in addition to information about your customer relationship as subscription type, payment information and newsletters/alerts you subscribe to.
​
In some cases, we also process additional information collected directly from you or collected from third parties. This might include information about birthdate, gender, employer, housing type, industry, professional position, and membership number from partners.
​
Registered users
​
If you register without signing up for a paid subscription, we will connect the information described above to your user. For registered users, we process data such as name, address, mobile number, email address and which newsletters you subscribe to.
​
In some cases, we also process additional information collected directly from you. This might be information about birthdate, gender, employer, industry, and professional position.
​
5. WHERE THE INFORMATION IS GATHERED FROM
​
We process your personal data , which you yourself have given to us or through your use of the Services, to which we get access from the unit on which you use the Services and which we collect from third parties as described in this privacy policy.
6. DELETING AND STORING YOUR DATA
​
Your personal data will only be stored for as long as we have a legal basis for it, in compliance with this privacy policy and other current legislation. When there is  no legal basis for processing, the data will be deleted, encrypted or anonymized.
We delete all personal data stored about you  after the customer relationship has ceased, and we no longer have a legal basis to process your data. We will keep your data  further only if you have given your consent  for us to do so.
In general, we will keep data about user accounts with personal settings for our subscribers and registered users for three years after a subscription has stopped or the last activity on the Services is registered. We do this for security reasons and for the purpose of improving user experience when reactivating a subscription or other service. Data about financial transactions will be kept for 5 years to account for special legal requirements such as accounting obligations.
7. YOUR RIGHTS
You can withdraw your consent under this privacy policy. Such withdrawal can also be made by cancelling any customer relationships with us where you ask us to delete your user account. To delete anonymized information on your use of the Service, you must also delete cookies on the unit/browser. Withdrawal of consent does not affect the legality of the processing built on consent until the consent is withdrawn.
​
You can also get in touch with us via the contact page or by e-mail if you want to investigate which of your personal data we have stored and if you want to have these personal data transferred to you or to have the data deleted or corrected.
​
Likewise, you can contact us if you want to limit the processing of your personal data or if you want to protest against our treatment/processing of your personal data. If you wish to contact the controller with any concerns, send an e-mail or contact us via the contact page. You are also entitled to file a complaint against our treatment to the Data Protection Authorities (Datatilsynet), the supervisory authority, if you believe our treatment violates the legislation.
​
You can choose to remove our access to your unit’s location data by switching off the location tools on the unit or by refusing sharing of such data through your unit’s settings.
​
9. SALE OF BUSINESS
If this business is sold or integrated with another business your details may be disclosed to our advisers and any prospective purchasers and their advisers and will be passed on to the new owners of the business.
​
We will inform you about major changes and updates on this privacy policy.