Last updated: 01.04.2026

This Privacy Policy describes how Piaf (“we”, “us”, or “our”) collects, uses, and protects your information when you visit our website(s):

  • https://piaf.no
  • https://piafequestrian.com (redirects to piaf.no)

This policy is designed to comply with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Norwegian data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

Piaf

Email: [Insert Email Address]

Website: https://piaf.no

2. Information We Collect

a) Personal Information

We may collect:

  • Name
  • Email address
  • Phone number
  • Billing and shipping address
  • Order details
  • Account information (if applicable)
b) Technical Data
  • IP address
  • Browser type and version
  • Device type
  • Time zone and location (approximate)
  • Pages visited and interactions
c) Transaction Data
  • Purchase history
  • Payment status
  • Order fulfillment details
d) Cookies and Tracking Technologies

We use cookies and similar technologies via the Complianz cookie consent system.

3. How We Use Your Information

We process personal data for the following purposes:

  • To process and fulfill orders (WooCommerce)
  • To handle payments securely (Stripe, Klarna, PayPal where applicable)
  • To provide customer support
  • To manage user accounts
  • To improve website functionality and user experience
  • To comply with legal obligations (e.g., bookkeeping requirements)
  • To prevent fraud and ensure security

4. Legal Basis for Processing (GDPR)

We rely on the following legal bases:

  • Contract (Art. 6(1)(b)) – to process orders and provide services
  • Legal obligation (Art. 6(1)(c)) – accounting and regulatory compliance
  • Legitimate interests (Art. 6(1)(f)) – website improvement, fraud prevention
  • Consent (Art. 6(1)(a)) – cookies and marketing where applicable

Where consent is required, you may withdraw it at any time.

5. Payment Processing

Payments are processed via third-party providers including:

  • Stripe
  • Klarna
  • PayPal (if enabled)

These providers act as independent data controllers for payment data. They process your personal data in accordance with their own privacy policies.

We do not store full payment card details on our servers.

6. Analytics (Google Analytics 4)

We may use Google Analytics 4 (GA4) provided by Google Ireland Ltd. to analyze website traffic and user behavior.

Google Analytics collects information such as:

  • Pages visited
  • Time spent on pages
  • Device and browser information
  • Approximate geographic location

We have configured Google Analytics to be privacy-friendly, including:

  • IP anonymization enabled (your IP address is shortened before processing)
  • Data sharing with Google disabled where possible
  • Data retention settings minimized

Google acts as a data processor on our behalf.

Data may be transferred outside the EEA. In such cases, we rely on:

  • EU Standard Contractual Clauses (SCCs)

Google Analytics is only activated with your consent via our cookie banner (Complianz).

You can withdraw your consent at any time through the cookie settings on our website.

For more information, see Google’s Privacy Policy: https://policies.google.com/privacy

7. Sharing of Personal Data

We may share your data with:

  • Payment providers (Stripe, Klarna, PayPal)
  • Shipping and logistics partners
  • Hosting providers and IT service providers
  • Analytics providers (if enabled, e.g., Google Analytics)

All processors are subject to Data Processing Agreements (DPAs) where required.

8. International Transfers

Some of our service providers may process data outside the EEA.

Where applicable, we ensure appropriate safeguards are in place, such as:

  • EU Standard Contractual Clauses (SCCs)
  • Transfers to countries with adequacy decisions

9. Data Retention

We retain personal data only as long as necessary for:

  • Order fulfillment and customer service
  • Legal obligations (e.g., accounting laws requiring retention up to 5 years)
  • Dispute resolution and enforcement of agreements

10. Your Rights Under GDPR

You have the right to:

  • Access your personal data (Art. 15)
  • Rectify inaccurate data (Art. 16)
  • Erase data (“right to be forgotten”, Art. 17)
  • Restrict processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing (Art. 21)
  • Withdraw consent (Art. 7)

You also have the right to lodge a complaint with your local data protection authority (in Norway: Datatilsynet).

11. Cookies and Consent (Complianz)

We use the Complianz cookie consent platform to manage cookies and user consent.

Cookies are categorized as:

  • Functional cookies – necessary for website operation (no consent required)
  • Analytics cookies – used only with consent
  • Marketing cookies – used only with explicit consent

When you visit our site, you are presented with a cookie banner allowing you to:

  • Accept all cookies
  • Reject non-essential cookies
  • Customize your preferences

You can change or withdraw your consent at any time via the cookie settings on our website.

12. Data Security

We implement appropriate technical and organizational measures, including:

  • SSL encryption
  • Secure payment processing
  • Access control and authentication measures

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

14. Children’s Privacy

Our services are not directed at children under 13, and we do not knowingly collect personal data from children.

15. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted on this page with a revised date.

16. Contact Information

For questions or requests regarding your personal data:

Piaf

Email: hi@piaf.no

Website: https://piaf.no

End of Privacy Policy

Shopping Cart
Scroll to Top