Discover Bergen
Last Updated: 13.11.2025
This Privacy Policy governs the manner in which Discover Bergen (“Discover Bergen”, “we”, “us”, or “our”)
collects, uses, maintains, and discloses information from users (“you”, “your”) of our website, booking systems,
and all services we operate, including guided walking tours, electric bike tours, ATV/quad adventures, yacht
charters, RIB tours, and electric boat excursions in and around Bergen, Norway.
We are committed to protecting your personal data and handling it in accordance with the General Data
Protection Regulation (GDPR) and the Norwegian Personal Data Act (Personopplysningsloven).
1. Data Controller
Discover Bergen
Strangeplassen 2, 5011 Bergen
info@discoverbergen.no
We control and are responsible for your personal data when you engage with our website or services.
2. Categories of Data We Collect
We may collect and process the following categories of personal data:
- 2.1. Identification and Contact Information
• Full name
• Email address
• Phone number
• Country of residence - 2.2. Booking and Participation Data
• Tour dates, group size, preferences
• Emergency contact information
• Health or mobility notes (when voluntarily provided for safety purposes) - 2.3. Payment Information
• Processed exclusively by third-party payment providers
• We do not store credit card numbers, CVV codes, or bank details - 2.4. Technical and Device Data
• IP address
• Browser type and version
• Device identifiers
• Log files and analytics data
• Cookies (see Section 8) - 2.5. Media and Consent-Based Data
• Photographs or videos taken during activities
• Testimonials or reviews
• Social media-related data when voluntarily provided - 2.6. Safety & Incident Documentation
• Accident reports
• Medical assistance notes
• Insurance-related documentation
Sensitive data is processed only when necessary and strictly for safety or legal reasons.
3. Legal Basis for Processing
We process your personal data based on:
• Performance of Contract – to deliver the service you booked
• Legitimate Interests – safety, improvement of service, fraud prevention
• Legal Obligations – accounting, regulatory compliance, maritime safety logs
• Consent – marketing communications, photos, newsletters
You may withdraw consent at any time (see Section 7).
4. How We Use Your Personal Data
We use your data for:
• Managing bookings, payments, confirmations, and customer communication
• Ensuring safety and operational preparedness during activities
• Maintaining incident reports required by Norwegian maritime and tourism law
• Providing customer service and support
• Conducting analytics to improve routes, safety procedures, and user experience
• Sending newsletters or promotions (only with opt-in consent)
• Complying with tax, auditing, insurance, and regulatory frameworks
5. Data Sharing and Transfers
We do not sell, rent, or trade personal data. We may share data only when necessary with:
• Payment processors (Stripe, Vipps, etc.)
• Booking platforms and system providers
• Guides and subcontractors responsible for delivering your tour
• Insurance providers and emergency services
• Government or regulatory authorities when legally required
When partners operate outside the EEA, transfers are protected under GDPR adequacy mechanisms.
6. Data Retention
We store data only for as long as needed:
• Booking records: 5 years (mandatory accounting period)
• Incident reports: as required by maritime and safety regulations
• Marketing data: until withdrawal of consent
• Technical logs: up to 12 months
• CCTV or vessel-recorded media: up to 30 days, unless part of an investigation
7. Your Rights Under GDPR
You have the right to:
• Access your personal data
• Request correction of inaccurate data
• Request deletion (“right to be forgotten”)
• Restrict processing
• Data portability
• Withdraw consent at any time
• File a complaint with the Norwegian Data Protection Authority (Datatilsynet)
Requests may be submitted at any time to: booking@discoverbergen.no
8. Cookies and Tracking Technologies
We use cookies for:
• Essential website functionality
• Booking system performance
• Analytics (Google Analytics or equivalent)
• Load balancing and security
You can modify cookie preferences in your browser.
9. Security of Personal Data
We apply industry-standard security measures:
• Encrypted connections (HTTPS/TLS)
• Secure hosting within the EEA
• Role-based access control for staff
• Regular audits and system monitoring
• Secure deletion protocols
10. Changes to This Policy
We may update this Privacy Policy periodically. Updated versions are published on this page with a revised
“Last Updated” date.