Privacy Policy
How we collect, use, and protect your personal information
Last updated: December 2025
Quick Summary
- • We only collect data you provide directly (contact forms, emails)
- • We use Google Analytics for anonymous website statistics
- • We never sell your personal data to third parties
- • You can request deletion of your data at any time
- • We comply with GDPR and Norwegian data protection laws
1. Data Controller
The data controller responsible for your personal data is:
Pure Minerals AS
Organization number: NO 928 309 231 MVA
Ølvegata 18B, 7715 Steinkjer, Norway
Email: post@pureminerals.no
2. Information We Collect
2.1 Information You Provide
- Contact Information: Name, email address, company name when you submit forms
- Communication Data: Content of messages you send us
- VDR Access Requests: Professional information for due diligence access
2.2 Automatically Collected Information
- Analytics Data: Anonymous usage statistics via Google Analytics (pages visited, time on site, device type)
- Technical Data: IP address (anonymized), browser type, operating system
- Cookies: Essential and analytics cookies (see Section 6)
3. Legal Basis for Processing (GDPR Article 6)
| Purpose | Legal Basis |
|---|---|
| Responding to inquiries | Legitimate interest / Contract performance |
| Website analytics | Consent (via cookie banner) |
| VDR access management | Contract performance / Legitimate interest |
| Legal compliance | Legal obligation |
4. How We Use Your Information
- Respond to your inquiries and provide requested information
- Process VDR access requests and manage investor relations
- Improve our website and services through analytics
- Send updates about our projects (only with your consent)
- Comply with legal and regulatory obligations
- Protect against fraud and ensure website security
5. Data Sharing & Third Parties
We do not sell your personal data. We may share data with:
- Google Analytics: Anonymous usage statistics (USA - Privacy Shield certified)
- Web3Forms: Contact form processing (Privacy-focused, no data storage)
- Legal authorities: When required by Norwegian law
- Professional advisors: Lawyers, accountants under confidentiality agreements
6. Cookies & Tracking Technologies
Essential Cookies
Required for website functionality. Cannot be disabled.
Analytics Cookies (Google Analytics)
Help us understand how visitors use our website. You can opt-out via the cookie banner or by installing the Google Analytics Opt-out Browser Add-on.
Cookie Settings: You can manage your cookie preferences at any time through your browser settings or by clicking the cookie settings link in the footer.
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Contact form submissions | 2 years or until deletion request |
| VDR access records | Duration of access + 5 years |
| Analytics data | 26 months (Google Analytics default) |
| Email correspondence | 3 years from last contact |
8. Your Rights Under GDPR
Under the General Data Protection Regulation (GDPR), you have the following rights:
Right of Access
Request a copy of your personal data
Right to Rectification
Correct inaccurate personal data
Right to Erasure
Request deletion of your data ('right to be forgotten')
Right to Restrict Processing
Limit how we use your data
Right to Data Portability
Receive your data in a portable format
Right to Object
Object to processing based on legitimate interests
Right to Withdraw Consent
Withdraw consent at any time
Right to Complain
Lodge a complaint with supervisory authority
To exercise any of these rights, contact us at post@pureminerals.no. We will respond within 30 days.
9. International Data Transfers
Some of our service providers (e.g., Google Analytics) may process data outside the EEA. When this occurs, we ensure appropriate safeguards are in place:
- EU-US Data Privacy Framework certification
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
10. Data Security
We implement appropriate technical and organizational measures to protect your data:
- HTTPS encryption for all data transmission
- Secure hosting infrastructure
- Access controls and authentication
- Regular security assessments
11. Supervisory Authority
If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Norwegian Data Protection Authority:
Datatilsynet
Postboks 458 Sentrum, 0105 Oslo, Norway
Phone: +47 22 39 69 00
Website: www.datatilsynet.no
12. Contact Us
For any questions about this Privacy Policy or to exercise your rights:
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.