Privacy Policy

Last Updated: 21 May 2026

This Privacy Policy explains how M Tolley AS, trading as Cycle Norway (“Cycle Norway”, “we”, “us”, or “our”), collects, uses, stores, and protects your personal information when you use our website, memberships, digital services, products, and related platforms.

By accessing or using https://cyclenorway.com, you agree to this Privacy Policy.

1. COMPANY INFORMATION

M Tolley AS
Prinsens Gate 8
0152 Oslo
Norway

Email: [email protected]
Website: https://cyclenorway.com

2. WHAT INFORMATION WE COLLECT

We may collect and process the following categories of information:

A. Information You Provide Directly

When you create an account, purchase a membership, contact us, or use our services, we may collect:

Full name
Email address
Billing address
Country of residence
Username and password
Payment-related information
Messages or enquiries submitted to us
Information voluntarily submitted through forms, surveys, or support requests

B. Payment Information

Payments are processed securely through third-party payment providers. We do not store full credit card or debit card information on our servers.

Payment processors may collect:

Payment card details
Billing information
Transaction identifiers

These providers process your information according to their own privacy policies.

C. Automatically Collected Information

When you use the website, we may automatically collect technical and usage data including:

IP address
Browser type and version
Device information
Operating system
Time zone
Referring URLs
Pages visited
Time spent on pages
Click behaviour
Approximate geographic location
Error logs and diagnostics

D. Cookies and Tracking Technologies

We use cookies and similar technologies to improve website functionality, analyse traffic, remember user preferences, and improve security.

Cookies may include:

Essential website cookies
Login/session cookies
Analytics cookies
Performance cookies
Security-related cookies

You may disable cookies through your browser settings, although some features of the website may not function correctly.

3. HOW WE USE YOUR INFORMATION

We use personal information for the following purposes:

Providing memberships and digital services
Managing user accounts
Processing payments and subscriptions
Delivering customer support
Responding to enquiries
Improving website performance and usability
Sending service-related communications
Sending newsletters or marketing emails (where consent applies)
Preventing fraud, abuse, and unauthorised access
Maintaining website security
Meeting legal, tax, and accounting obligations
Analysing website traffic and user behaviour

4. LEGAL BASIS FOR PROCESSING (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or similar jurisdictions, we process personal data under one or more of the following legal bases:

Contractual necessity
Legal obligations
Legitimate business interests
User consent

You may withdraw consent at any time where processing relies on consent.

5. INTERNATIONAL USERS

Cycle Norway operates internationally and may provide services to users worldwide, including users located in the United States, European Union, United Kingdom, Canada, Australia, and other regions.

By using our services, you understand that your information may be transferred to and processed in Norway or other countries where our service providers operate.

We take reasonable steps to ensure personal information is protected in accordance with applicable privacy laws.

6. THIRD-PARTY SERVICES

We may use trusted third-party providers to operate parts of our business and website, including:

Payment processors
Membership platforms
Email marketing services
Website hosting providers
Analytics providers
Embedded video services
Mapping services
Spam and security services

These providers only receive information necessary to perform their services.

We are not responsible for the privacy practices of third-party websites or services linked from our website.

7. DATA RETENTION

We retain personal information only for as long as reasonably necessary to:

Provide our services
Maintain business records
Comply with legal obligations
Resolve disputes
Enforce agreements

Inactive accounts and unnecessary personal data may be periodically deleted or anonymised.

Certain accounting and transaction records may be retained longer where required by law.

8. DATA SECURITY

We implement reasonable technical and organisational measures to protect personal information against:

Unauthorised access
Loss
Misuse
Disclosure
Alteration
Destruction

However, no online platform or electronic transmission can be guaranteed to be completely secure, and users provide information at their own risk.

9. YOUR PRIVACY RIGHTS

Depending on your location and applicable law, you may have rights including:

Access to your personal data
Correction of inaccurate information
Deletion of personal information
Restriction of processing
Objection to processing
Data portability
Withdrawal of consent
Lodging a complaint with a supervisory authority

To exercise any privacy rights, contact:

[email protected]

We may request verification of identity before processing certain requests.

10. EMAILS AND MARKETING

If you subscribe to newsletters or marketing communications, you may unsubscribe at any time using the unsubscribe link included in emails or by contacting us directly.

We may still send important non-marketing communications relating to:

Accounts
Purchases
Memberships
Security
Website updates

11. CHILDREN’S PRIVACY

Cycle Norway is not intended for children under 18 years of age.

We do not knowingly collect personal information from children. If we become aware that personal information from a child has been collected, we will delete it within a reasonable timeframe.

12. CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including: