Entitas
NOEN
← Back to home

Privacy Policy

Last updated: May 2026  ·  Entitas AS, org. no. 937 433 654

Entitas AS takes privacy seriously. This policy explains what information we collect, why we collect it, and what rights you have.

1. Data Controller

Entitas AS (org. no. 937 433 654), Møllevannsveien 22, 4616 Kristiansand, Norway, is the data controller. Contact: hei@entitas.no

2. What Information Do We Collect?

When you place an order

  • Name and email address
  • Company name and registration number
  • Selected service and duration
  • Payment information (processed by Stripe/Vipps — we do not store card data)

Automatically collected

  • IP address (security and fraud prevention)
  • Browser and device information
  • Visit statistics via Plausible (consent-based only)

3. Purpose and Legal Basis

PurposeLegal basis
Delivering LEI registration and renewalPerformance of contract (GDPR art. 6(1)(b))
Sending invoices and receiptsLegal obligation (GDPR art. 6(1)(c))
Sending LEI expiry remindersLegitimate interest (GDPR art. 6(1)(f))
Customer support and communicationPerformance of contract (GDPR art. 6(1)(b))
Analysing website usageConsent (GDPR art. 6(1)(a))
Fulfilling accounting requirementsLegal obligation (GDPR art. 6(1)(c))

4. Sharing with Third Parties

  • RapidLEI (Ubisecure Oy) — to issue and maintain LEI records, we share relevant registration information with RapidLEI, including the entity’s reference data, applicant contact information and authorisation documentation where required, for validation purposes.
  • GLEIF and the Global LEI Index — Certain entity reference data submitted during the LEI registration process is intended to become publicly available through the Global LEI Index operated under the GLEIF framework. This may include: legal entity name, organisation number, registered address, country of registration, legal form, LEI status and renewal status. Personal contact details, authorisation documents and payment information are not published.
  • Payment processor (Stripe/Vipps) — processes payment transactions. We do not store card details.
  • Norwegian Register of Business Enterprises (Brønnøysundregistrene) — public API used to retrieve and verify company information. No personal data is transferred.

We do not sell personal data and do not share data for marketing purposes without consent.

5. Retention Periods

CategoryRetention period
Customer data (agreement and order history)5 years after last transaction
Invoices and accounting data5 years (statutory requirement)
Email correspondence3 years
Analytics dataUntil consent is withdrawn

6. Your Rights

Under the GDPR you have the right to access, rectification, erasure, restriction, data portability, objection and to withdraw consent. Send your request to hei@entitas.no. We respond within 30 days.

You may also lodge a complaint with the Norwegian Data Protection Authority: datatilsynet.no

7. Cookies

The website uses only strictly necessary cookies by default. Analytics cookies are activated only after your consent via the cookie banner.

8. Security

We use HTTPS encryption for all communication. Access to personal data is restricted to authorised personnel, in accordance with GDPR art. 32.

9. Changes to This Policy

We may update this policy for material changes. The date at the top indicates the latest revision. For material changes, existing customers will be notified by email.

Contact us

Entitas AS
Møllevannsveien 22, 4616 Kristiansand, Norway
Email: hei@entitas.no
Org. no.: 937 433 654

© 2026 Entitas AS · Org.nr. 937 433 654 · Personvern · Brukervilkår · Privacy · Terms

Entitas AS is a Registration Agent (RA) operating under the GLEIF framework on behalf of RapidLEI (Ubisecure Oy), a GLEIF-accredited Local Operating Unit.