Privacy Policy (GDPR)

1. Controller identity and contact

Last updated: 20.02.2026

Welcome to miyukiandvik.com. This Privacy Policy explains how Andvik Brand ENK collects and uses personal data when you use our website, quiz, newsletter, and shop. We aim to be clear, practical, and respectful of your privacy.

Who we are

Data controller: Andvik Brand ENK
Website: miyukiandvik.com
Public business address: c/o Firma24, Karl Johans gate 25, 0159 Oslo, Norway
Country and rules: Norway (GDPR applies)


How to contact us

If you have questions about privacy or want to use your rights, contact us at support@miyukiandvikc.om.

2. Purposes and legal basis

In this section we explain what we use personal data for and the legal basis we rely on.

A) Delivering your quiz results

Data used

  • Quiz answers
  • Quiz result and the personality traits assigned based on your responses
  • Email address
  • Name

Legal basis

  • Contract / steps at your request (GDPR Art. 6(1)(b)), because you asked us to provide your result
  • Legitimate interests (GDPR Art. 6(1)(f)) for limited troubleshooting and to keep the service reliable

We use your quiz answers and contact information to generate your quiz result and send it to you by email. If you later choose to buy a personalized digital product, we use your quiz result to generate the correct version for you.

B) Processing purchases and delivering the digital product

Data used

  • Contact and billing details entered at checkout (full name, country, address, email address, phone number if provided)
  • Purchase information (product purchased, price, date, payment status, transaction references)
  • Country location evidence used for tax purposes (billing country, IP based location)

Legal basis

  • Contract (GDPR Art. 6(1)(b))
  • Legal obligation (GDPR Art. 6(1)(c)) for required accounting and tax records
  • Legitimate interests (GDPR Art. 6(1)(f)) to prevent fraud and misuse, and to handle disputes when needed

We use checkout and purchase information to complete your order, deliver your digital product, and provide help if there are delivery issues. We also keep required records for accounting and tax purposes.

C) Sending newsletters and marketing emails (optional)

Data used

  • Email address
  • Name
  • Newsletter subscription choice (checkbox)
  • Consent records (such as signup date and confirmation status)

Legal basis

  • Consent (GDPR Art. 6(1)(a))

If you opt in, we use your contact information to send newsletters and marketing emails. You can unsubscribe at any time using the link in any email.

 

D) Customer support

Data used

  • Support messages you send us
  • Contact details you provide
  • Order details you provide (if the issue relates to a purchase)

Legal basis

  • Legitimate interests (GDPR Art. 6(1)(f))
  • Contract (GDPR Art. 6(1)(b)) when the request relates to a purchase or delivery

We use your support message and contact details to reply and help you. We may keep a record of the conversation so we can follow up and provide consistent support.

Our legitimate interest
Providing effective support and keeping the service reliable.

 

E) Running the website (essential functions, security, analytics)

Data used

  • Cookie preferences (stored by CookieYes)
  • WooCommerce session and cart data needed for checkout
  • Basic technical and usage data (such as device and browser information)
  • Analytics data through Google Analytics, only if you consent to analytics cookies

Legal basis

  • Legitimate interests (GDPR Art. 6(1)(f)) for website security, stability, and troubleshooting
  • Consent (GDPR Art. 6(1)(a)) for analytics cookies and any non-essential tracking

We use necessary technical data to run and secure the website and to make cart and checkout work. If you consent, we also use analytics data to understand website usage and improve the site.

 

F) Feedback form and optional launch refund

Data used

  • Feedback responses you submit
  • Order ID (included in the form link and submitted as a hidden field)
  • Order information already stored in WooCommerce (used to identify the purchase and process the refund)

Legal basis

  • Contract (GDPR Art. 6(1)(b))
  • Legitimate interests (GDPR Art. 6(1)(f)) to improve the product and prevent misuse of the refund program

Short explanation
We may invite buyers to submit feedback after they have had time to use the journal. We use the order ID to match the feedback to a purchase and, where applicable, to process a refund.

Our legitimate interest
Improving the product and keeping the feedback and refund process reliable.

3. Data sharing, transfers, and retention

Who we share personal data with

We share personal data only when necessary to run the website and deliver the services you use. We may share personal data with these categories of recipients:

  • Website hosting and technical infrastructure providers
  • Quiz and form service providers
  • Email delivery and email list providers
  • E-commerce and digital delivery providers
  • Payment service providers
  • Feedback form providers (to collect feedback responses)
  • Analytics providers (only if you consent to analytics cookies)
  • Customer support and communication providers
  • Security and fraud prevention providers
  • Public authorities where required by law

We do not sell personal data.

International transfers

Some of our service providers may process personal data outside Norway and the EEA, including in the United States. Where personal data is transferred outside the EEA, we use a lawful transfer mechanism under GDPR Chapter V, such as:

  • an adequacy decision (for example the EU U.S. Data Privacy Framework) where applicable; or
  • Standard Contractual Clauses (SCCs).

You can contact us if you want more information about the safeguards used.

Retention

We keep personal data only as long as needed for the purposes described in this policy and as required by law. We use the criteria below to decide how long we keep different types of data:

  • Orders, invoices, and required accounting records: kept for as long as required by Norwegian accounting and tax rules.
  • Checkout contact and billing details: kept together with the order record for as long as we are required to keep that record.
  • Country location evidence used for tax purposes: kept together with the order record for as long as we are required to keep that record.
  • Quiz answers and quiz results: kept for as long as needed to deliver your result and handle support requests related to the quiz or your personalized product, then deleted or anonymised.
  • Newsletter data (only if you opt in): kept while you are subscribed. After you unsubscribe, we keep only what is needed to respect your opt-out and keep basic consent records.
  • Support messages: kept for as long as needed to handle your request and follow up, then deleted or anonymised.
  • Cookie preferences (CookieYes): kept until you change your cookie choices, or until the consent cookie expires (depending on your settings).
  • Feedback form responses and order ID: kept for as long as needed to review feedback and process any related redun, then deleted or anonymized.
  • Analytics data (Google Analytics, only if you consent): kept according to our analytics settings, then deleted or anonymised. 

4) Your rights and choices

Under GDPR, you have the right to request access to your personal data, ask us to correct inaccurate data, request deletion in some cases, request restriction of processing, object to certain processing, and receive the data you provided in a portable format where applicable.

If we rely on your consent, you can withdraw that consent at any time. This does not affect processing that was lawful before you withdrew consent. You can unsubscribe from marketing emails using the link in any email, and you can change cookie choices through our cookie settings.

You also have the right to lodge a complaint with a supervisory authority. If you are in Norway, you can complain to Datatilsynet.

To exercise your rights, contact us at post@andvikbrand.no.

5) When data is required

Some personal data is required for us to provide the services you request. If you do not provide and confirm an email address, we cannot send your quiz results. If you do not provide the required checkout information, we cannot complete your purchase or deliver your digital product. Newsletter signup is optional and only applies if you choose to opt in.

6) Children’s privacy

Our website and products are not directed to children under 13. We do not knowingly collect personal data from children under 13. If we learn that we have collected personal data from a child under 13, we will delete it. Parents or guardians can contact us if they believe a child has provided personal data.