Effective: 16 May 2018

  1. Definitions
  2. Policy Context
  3. Consent
  4. Information we collect
  5. How we use the information we collect
  6. Sharing and disclosure
  7. Accessing/Changing your information
  8. Data retention
  9. Cookies, Web Beacons, Local Storage and Similar Technologies
  10. Information Security
  11. Changes to the Privacy Policy
  12. Privacy Policy Inquiries




Consent – means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action,  signifies agreement to the processing of personal data relating to him or her. [GDPR Ch. 1 Art. 4]

Data controller – means the natural or legal person, public authority, agency or other body    which, alone or jointly with others, determines the purposes and means of the processing of personal data. [GDPR Ch. 1 Art. 4]

Data processor – means a natural or legal person, public authority, agency or other body, which processes personal data on behalf of the controller.[GDPR Ch. 1 Art. 4]

Data subject – is the person to whom personal data may be linked. [Personal Data Act (14 April 2000 No. 31)]

Personal data – means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. [GDPR Ch. 1 Art. 4]

Processing of personal data – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. [GDPR Ch. 1 Art. 4]

Sensitive personal data – means information relating to: racial or ethnic origin, or political opinions, philosophical or religious beliefs, the fact that a person has been suspected of, charged with, indicted for or convicted of a criminal act, health, sex life, trade-union membership.



Your privacy is important to us. Please take time to read this Privacy Policy carefully in order to understand the purpose for the collection of your personal data and the manner in which we process your personal data.

GoNorth AS (organisation nr. 913 102 835), registered at: Hamnegata 3, 9600 Hammerfest, is a sightseeing supplier. Services we provide include but are not limited to sightseeing tours and electric bicycle rental.

We process personal data for customers who use our services. We safeguard your privacy according to the Personal Data Act of 14 April 2000 Nr. 31.

GoNorth AS is the data controller of any ‘personal data’ collected. Our website can be found at: www.go-north.no

Note:    For a more detailed description of what constitutes ‘personal data’ please see ‘Section 1 – Definitions’. For the most up to date Privacy Policy please visit: www.go-north.no/privacy.



3.1       Your Consent

By providing your personal data to us, you give consent to the collection and use of this information in accordance with this Privacy Policy.

Note: Explicit consent is required only for the processing of sensitive personal data. For non-sensitive date, “unambiguous” consent suffices. Unambiguous meaning consent that is not open to more than one interpretation.

3.2       Consent for Minors

The age of consent in Norway is 16 years. As such, consent must be given by the holder of parental responsibility for the child (up to and including age 15) in order to collect and process the child’s personal data.



Our primary purpose for collecting your information is to provide you with services provided by GoNorth and to market Hammerfest as a destination.

There are three general categories of information we collect.

4.1       Information you give us

4.11     As part of the rental agreement, when you rent an electric bicycle from us we will retain a photocopy of your photo identification for the duration of the rental.

4.12     When you sign up for a sightseeing activity we may collect information necessary in order to provide the necessary services to you.

Note: If personal information of a child is required we will require the consent of the holder of parental responsibility for that child. This is in effect for children up to and including 15 years of age.

4.2       Photographs taken while using a GoNorth service

By signing up for any services provided by GoNorth AS, you agree that any photographs taken during such tours may be used by GoNorth AS and Hammerfest Turist AS for the purpose of destination marketing.

If you do not wish to have photos of you published on social media or used in promotional materials please let your tour guide know prior or during your sightseeing activity or e-bike rental or contact us and we will remove such materials from public view.

Contact information: post@go-north.no, GoNorth AS, Postboks 504, 9615 Hammerfest, or call +47 9018 2402.

4.3    Information collected via our website

Our website is: www.go-north.no

Please see ‘Section 9 – Cookies, Web Beacons and Similar Technologies’ in regards to what type of information is collected via our websites.



You agree that we may use your personal information for:

5.1       Communication with customers

We may communicate with you by phone, email or post in order to provide services to you. If you have a preferential way to communicate with us, please let us know. You can contact us at: post@go-north.no, GoNorth AS, Postboks 504, 9615 Hammerfest, or by calling +47 9018 2402.

5.2       Destination Marketing

Information collected from you may be used to promote Hammerfest as a destination using various methods. This includes:

  • Posts on various social media including but not limited to Facebook.
  • Promotional print materials.
  • Promotional videos.



GoNorth AS will never sell your personal information. However, we may need to disclose your information if required by law or if we have your permission to do so.

Photos may have been taken during tours you participated in. These may be used for marketing purposes to promote Hammerfest as a destination. Such photos may be posted on social media, including but not limited to Facebook or be used on other promotional materials and may be shared with third parties who promote and sell our sightseeing activities and electric bike rental.



7.1       Right of Access

You have the right to request a copy of all the information we hold about you. The request should be in writing and include a name, address and a description of the information requested.

You can contact us at: post@go-north.no or at GoNorth AS, Postboks 504, 9615 Hammerfest.

7.2       Changes to your Information

Keeping your information up to date is important. If your personal information changes or if you wish to delete the personal information we hold about you please contact us at: post@go-north.no, GoNorth AS, Postboks 504, 9615 Hammerfest or by calling +47 9018 2402.



8.1       We only retain your personal data for so long as is necessary for the purposes for which it was collected.

8.2       Photocopies taken of your photo identification for the purpose of electric bike rental will be destroyed once the rental period has expired and the bike has been returned to us in appropriate condition.

8.3       Photos taken during sightseeing activities or e-bike rentals will be retained until they are deemed no longer necessary for the purpose of destination marketing.

8.4       Social media content will remain accessible for an indefinite period of time. You may contact us at any time to remove photos you are featured in from social media websites. You can contact us at: post@go-north.no, GoNorth AS, Postboks 504, 9615 Hammerfest or by calling +47 9018 2402.



When you access our website, www.go-north.no, we may use cookies and other such technologies (collectively called “Cookies”). These collect information about how our site is used and are solely used for statistical purposes or for the functionality of the website.

You are able to block most types of Cookies if your browser permits. However, be aware that declining some types of Cookies may interfere with the functioning of our websites. We are not responsible for the types of cookies, web beacons etc. used on third-party websites listed on our websites. Please refer to the individual site’s privacy policy.



GoNorth AS is committed to handling personal information in accordance with the Personal Data Act of 14 April 2000 Nr. 31.

We take appropriate measures to ensure that your information is stored securely, is accurate and up to date as much as possible, and is kept only for so long as is necessary for the purposes for which it was collected.

All data is only stored on servers located in Norway.

How do we protect your personal information?

  • We only authorise access to personal information to employees who require access to it in order to meet their job responsibilities.
  • We use computer safeguards such as firewalls and data encryption to keep your information secure.



Revisions to this Privacy Policy may be made at any time and the most up to date Privacy Policy will be posted on our website at: www.go-north.no/privacy.

If we make changes that we deem to be important we will provide notice by appropriate means in order to provide you the opportunity to review the changes before they go into effect. If you object to these changes you may request the deletion of your information. If you continue to use our services, after having the opportunity to review the changes, it will constitute your consent to the updated Privacy Policy.



For questions or concerns related to our Privacy Policy, we encourage you to contact us at: post@go-north.no or GoNorth AS, Postboks 504, 9615 Hammerfest.

If we could not resolve your questions or concerns you may also lodge a complaint with your local supervisory authority. A list of National Data Protection Authorities is available at: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

For detailed information on the Personal Data Act of 14 April 2000 Nr. 31 and the General Data Protection Regulation (GDPR) visit:


The Personal Data Act

https://www.datatilsynet.no/en/regulations-and-tools/regulations-and-decisions/norwegian-privacy-law/personal-data-act (English)

https://lovdata.no/dokument/NL/lov/2000-04-14-31 (Norwegian)


The General Data Protection Regulation (GDPR)

http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG (English) (Norwegian version not available)


Version 1 Effective: 16 May 2018