PRIVACY STATEMENT
Effective Date: May 20, 2026
Website: stellasommerseth.com
At Stella Sommerseth, we are committed to protecting your personal data and respecting your privacy. This privacy policy explains how we collect, use, process, and protect your personal information when you visit our website or make a purchase from our store.
Our operations comply with the General Data Protection Regulation (GDPR) and applicable local data protection laws.
1. Data Controller
Stella Sommerseth is the data controller responsible for your personal data.
Address: Fagerlibakken number 12 – 3046 in the town Drammen – Norway
Email: stella (at) stellasommerseth.com
Organization Number: 915 367 658
2. What Personal Data We Collect and Why
We collect personal information directly from you when you interact with our site, register an account, or make a purchase.
A. E-Commerce and Account Data (WordPress & WooCommerce)
When you visit our store or purchase products, we collect the following to fulfill your order:
Identity Data: Name, username.
Contact Data: Email address, phone number, billing address, and shipping address.
Transaction Data: Details about products you purchased, order timestamps, and total amounts.
Legal Basis: Processing is necessary for the performance of a contract (fulfilling your order) or to take steps at your request before entering into a contract.
B. Technical and Usage Data
When you browse our website, we automatically collect:
Technical Data: IP address, browser type, operating system, and device type.
Usage Data: Information about how you use our website, pages viewed, and links clicked.
Legal Basis: Our legitimate interests to maintain website security, optimize performance, and understand user behavior.
3. Third-Party Data Processors and Service Providers
We do not sell your personal data. We share your information with trusted third-party service providers (Data Processors) only to operate our website and deliver our services:
Hosting Provider
Webhuset: Our website files and SQL databases are securely hosted by Webhuset. All customer data stored via WordPress and WooCommerce physically resides on Webhuset’s servers, protected under a formal Data Processor Agreement (DPA).
Payment Processors
To complete transactions, your payment details are processed directly by securely encrypted payment gateways. We do not store your credit card numbers on our servers:
Stripe: Handles card transactions. Your billing data and payment details are processed by Stripe in compliance with their privacy guidelines.
Vipps: For mobile payments, your phone number and transaction authorization are securely verified through Vipps MobilePay.
Video Streaming and Media Embedded Players
We embed video content on our site. Interacting with these video players may allow providers to track your IP address, browser information, or viewing analytics:
YouTube: Provided by Google LLC. Viewing YouTube videos on our site may transmit viewing behavior data to YouTube.
Vimeo: Videos hosted via Vimeo collect technical information and player engagement metrics.
Wistia: We use Wistia for business video hosting, which tracks video engagement and viewing analytics.
Email Marketing & Newsletter Signups (MailerLite)
When you voluntarily subscribe to our newsletter using the forms on our website, we collect:
Contact Data: Your email address, and optionally your name.
Engagement Data: Information on whether you open our emails or click links inside them.
Legal Basis: We process this data based strictly on your explicit consent. You can withdraw your consent at any time by clicking the “unsubscribe” link at the bottom of any email we send.
4. How Long We Keep Your Data
We retain your information only as long as necessary to fulfill the purposes we collected it for, including legal, accounting, or reporting requirements:
Order History: Retained in our WooCommerce system for 5 years to comply with financial and tax regulations.
Account Data: Retained for as long as your user account remains active. You can request deletion at any time.
5. Cookies
Our website uses cookies to keep track of cart contents while you browse, remember your preferences, and analyze site traffic. You can manage your cookie preferences through our cookie consent banner upon your first visit.
6. Your Rights Under GDPR
If you reside within the European Union (EU) or European Economic Area (EEA), you possess the following rights regarding your data:
Right of Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can request that we correct inaccurate or incomplete data.
Right to Erasure (“Right to be Forgotten”): You can request that we delete your personal data, subject to legal retention constraints (like tax laws).
Right to Restrict or Object to Processing: You can object to us processing your data under certain conditions.
Right to Data Portability: You can request that we transfer your data to another organization or directly to you.
To exercise any of these rights, please contact us at stella (at) stellasommerseth.com
7. Changes to this Privacy Policy
We may update this privacy statement from time to time to reflect changes in technology, law, or business operations. Any updates will be posted directly to this page with an updated effective date.