Legal

Privacy policy

Last updated: 12 June 2026

This privacy policy is provided for general information. Pål Arnesen may adapt it over time as the site changes. It is not individual legal advice; if you have a specific legal question, please seek independent advice.

1. Introduction

This privacy policy describes how Norwegian Careers (norwegiancareers.com) collects, uses, and protects personal data when you visit the site or buy The Norway Job Playbook.

The data controller is:

This is a small independent operation selling a single digital book. The site keeps data collection to the minimum needed to take your order, deliver the file, and meet legal obligations.

2. What data is collected

Contact data

Your email address, collected during checkout or when you contact Pål directly by email.

Payment data

Payments are processed by Stripe. Your card and payment details are entered with Stripe and handled by Stripe — they are never stored on this site, and Pål does not see or keep your full card number.

Order data

Basic details about your purchase: the product you bought (The Norway Job Playbook), the amount paid, and the time of the order.

Analytics data

The site uses Plausible Analytics to understand overall traffic. Plausible is privacy-friendly and cookieless: it does not set tracking cookies and does not collect identifiable personal data. It produces only aggregated usage statistics, such as how many people visited a page.

3. How and why data is used

Personal data is used to:

  • Process and deliver your order, so you receive the ebook you paid for.
  • Send essential service emails, such as a receipt or help resolving a download problem.
  • Respond to questions and support requests you send by email.
  • Comply with legal and tax obligations, including keeping records required by law.
  • Understand overall site traffic through Plausible and improve the site.

4. Legal bases under the GDPR

The site relies on the following legal bases:

  • Contract — to process your payment and deliver the ebook you ordered.
  • Legal obligation — to keep order and tax records for as long as accounting and tax law requires.
  • Legitimate interests — limited to running privacy-friendly, cookieless analytics through Plausible to see how the site is used. There is no invasive tracking or profiling.

5. Processors and third parties

A small number of trusted providers help run the site. They process data on Pål's behalf or as independent controllers for their own service.

Stripe

Stripe is the payment processor. It handles your card and payment details on Pål's behalf to take payment securely. Stripe may process some data outside the European Economic Area, but applies appropriate safeguards (such as the EU–US Data Privacy Framework and/or Standard Contractual Clauses). You can read how Stripe handles data in their own privacy documentation: Stripe privacy policy (link to be added).

Plausible Analytics

Plausible is a privacy-friendly analytics provider. It processes only aggregated, non-identifiable usage data and does not use cookies or similar identifiers. You can read more on their privacy and compliance page: Plausible privacy and data policy (link to be added).

6. Cookies and tracking

Plausible is used without cookies. At this time the site does not use marketing tracking cookies, advertising pixels, or cross-site tracking tools of any kind.

If new tools or cookies are added in future, this policy will be updated and, where the law requires it, your consent will be requested first.

7. Data retention

Order and customer data is kept for as long as necessary to fulfil your order and for as long as tax and accounting laws require records to be retained. After that, it is deleted or anonymised.

Plausible analytics data is held only in aggregated, non-identifiable form, in line with Plausible's standard retention.

8. Your rights

If you are in the EU, you have the following rights over your personal data, in plain terms:

  • Access — ask what data is held about you.
  • Rectification — ask to correct data that is wrong.
  • Deletion — ask to have your data erased, where the law allows.
  • Restriction — ask to limit how your data is used.
  • Objection — object to certain uses, such as those based on legitimate interests.
  • Data portability — ask for your data in a portable format.
  • Complaint — lodge a complaint with a supervisory authority in your country.

To make any of these requests, email mail@paularnesen.com.

9. International transfers

Stripe, and possibly other sub-processors, may process some data outside the European Economic Area. Where this happens, they rely on appropriate safeguards such as the EU–US Data Privacy Framework or Standard Contractual Clauses. Details are set out in their own privacy documents, linked above.

10. Security

Reasonable measures are taken to protect personal data, including using established providers like Stripe for payments and limiting the data that is collected and stored. No method of transmission or storage is completely secure, but reasonable care is taken to keep your data safe.

11. Changes to this policy

This privacy policy may be updated from time to time. When it changes, the "last updated" date at the top of the page will be revised. Significant changes will be made clear on the page.

12. Contact

For any privacy-related question or request, contact: