Privacy Policy

Last updated: 15th January 2026

Introduction

CrimsonAtlasium AS ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website crimsonatlasium.world and use our services.

We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws. Our registered office is located at Thereses gate 14, 0139 Oslo, Norway (Registration Number: 298547631).

Data Collection

We collect information that you provide directly to us and information that is automatically collected when you use our website. The data we collect includes personal information that can identify you and non-personal information that cannot be used to identify you.

Information You Provide

  • Contact details (name, email address, phone number)
  • Company or organisation information
  • Communication preferences
  • Messages and inquiries sent through our contact forms
  • Information provided during consultations or service delivery

Automatically Collected Information

  • IP address and location data
  • Browser type and version
  • Operating system information
  • Pages visited and time spent on our website
  • Referral sources and exit pages
  • Device information and screen resolution

How We Use Your Information

We process your personal data for various purposes based on different legal grounds. Here's how we use your information and the legal basis for each use:

Service Delivery (Contract Performance)

  • Providing microlearning platform analysis and consultation services
  • Responding to your inquiries and communication
  • Delivering reports and recommendations
  • Processing payments and managing client relationships

Legitimate Business Interests

  • Improving our website functionality and user experience
  • Conducting market research and business development
  • Protecting against fraud and ensuring website security
  • Analysing website usage and performance

Consent-Based Processing

  • Sending marketing communications and newsletters
  • Using cookies for analytics and advertising purposes
  • Personalising content and advertisements

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

Our website uses different types of cookies:

  • Necessary cookies: Essential for website functionality and cannot be disabled
  • Analytics cookies: Help us understand how visitors interact with our website
  • Functional cookies: Remember your preferences and settings
  • Marketing cookies: Used to deliver personalised advertisements and measure campaign performance

For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

  • Service providers: With trusted third-party vendors who assist in operating our website and providing services
  • Legal compliance: When required by law or to protect our rights and safety
  • Business transfers: In connection with a merger, acquisition, or sale of assets
  • With your consent: When you explicitly agree to share information with specific third parties

All third-party service providers are contractually obligated to maintain the confidentiality and security of your personal information.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication procedures
  • Staff training on data protection and privacy
  • Secure data storage and backup systems

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law. Our typical retention periods are:

  • Client data: For the duration of our business relationship plus 7 years for accounting and legal purposes
  • Marketing data: Until you withdraw consent or we determine the data is no longer needed
  • Website analytics: Typically 26 months, in accordance with Google Analytics settings
  • Contact inquiries: For 3 years to maintain communication history

When personal data is no longer needed, we securely delete or anonymise it in accordance with our data retention policy.

Your Rights

Under the GDPR and other applicable data protection laws, you have several rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data in certain circumstances
  • Right to restrict processing: Request limitation of how we process your data
  • Right to data portability: Request transfer of your data in a structured format
  • Right to object: Object to processing based on legitimate interests or for marketing purposes
  • Right to withdraw consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us using the information provided in the "Contact Information" section below. We will respond to your request within one month, unless the request is complex or we receive multiple requests.

International Data Transfers

Your personal data may be transferred to and processed in countries other than Norway, including countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions recognising equivalent data protection standards
  • Certification schemes and codes of conduct

We ensure that any international transfers comply with applicable data protection laws and provide adequate protection for your personal data.

Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website with a new effective date
  • Sending email notifications to registered users for significant changes
  • Displaying prominent notices on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer

Email: privacy@crimsonatlasium.world

Phone: +47 21721257

Address: Thereses gate 14, 0139 Oslo, Norway

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) or your local supervisory authority.

Legal Basis Summary

For EU/EEA residents, we process your personal data based on the following legal grounds under the GDPR:

  • Article 6(1)(a) - Consent: For marketing communications and non-essential cookies
  • Article 6(1)(b) - Contract: For providing our services and fulfilling contractual obligations
  • Article 6(1)(c) - Legal obligation: For compliance with legal and regulatory requirements
  • Article 6(1)(f) - Legitimate interests: For website analytics, security, and business development

This Privacy Policy is governed by Norwegian law and complies with the General Data Protection Regulation (GDPR) and other applicable data protection legislation.