What language?
Sign in

Privacy Policy

Privacy Policy for Cases AS

Last updated: 03.05.2026

Cases AS is the data controller for personal data collected via this website.

We process personal data in an open and secure manner.

We comply with the General Data Protection Regulation (GDPR) and Norwegian privacy legislation.

Who is responsible?

Cases AS
Org.nr. 937 453 213
Jernbanetorget 4 A
0154 Oslo
hello@caseswine.com

You can contact us at hello@caseswine.com if you have questions about privacy.

What personal data do we process?

We may process the following information about you:

Contact details This may include name and email address.

We process this when you contact us or sign up for our newsletter.

Account details This may include email address and password.

The password is stored in encrypted form.

Payment details We process information necessary to complete purchases.

Card details are processed by Stripe.

Payments via Vipps are processed by Vipps.

We do not store card details.

Technical data This may include IP address, browser type, device information, and page views.

We use Google Analytics 4 for visitor statistics when you have given consent.

Video playback data We process technical data about video playback when you use video content on the website.

This is done through Mux.

Where do we obtain the information?

We obtain information directly from you.

This happens when you contact us, create an account, or purchase services.

We also automatically collect certain technical data.

This happens when you use our website.

Why do we process the information?

We process personal data for the following purposes:

To provide services to you We use information to deliver services you have ordered.

This also includes account, subscription, and payment.

The legal basis is GDPR Article 6(1)(b).

To operate and secure the website We use technical data to keep the website stable and secure.

We also use information to prevent misuse.

The legal basis is our legitimate interest.

This follows from GDPR Article 6(1)(f).

To send newsletters and marketing We send you newsletters and marketing if you have given consent.

You can withdraw your consent at any time.

The legal basis is GDPR Article 6(1)(a).

To use analytics cookies We use analytics cookies if you have given consent.

This helps us understand how the website is used.

The legal basis is GDPR Article 6(1)(a).

To fulfill statutory obligations We retain purchase documentation when required by law.

This applies in particular to accounting and bookkeeping rules.

The legal basis is GDPR Article 6(1)(c).

Are you required to provide the information?

You must provide necessary account and payment information to purchase and use our services.

If you do not provide such information, we cannot deliver the service.

It is voluntary to consent to newsletters.

It is also voluntary to consent to analytics cookies and other optional cookies.

Cookies and similar technologies

We use the following categories of cookies, pixels, and similar technologies:

Necessary cookies

These are required for the website to function properly and may be used for login, language selection, shopping cart, payment, and security tokens.

Necessary cookies cannot be disabled through our cookie settings. Examples include Supabase auth cookies, preferred_language, and Stripe cookies. Stripe cookies are used for the payment flow and fraud prevention.

Analytics cookies

We use Google Analytics 4 to understand how the website is used. This may include page views, traffic sources, and clicks on the website, and may also include specific actions on the website.

Examples are newsletter sign-ups and subscription sign-ups.

Analytics cookies are only activated if you give consent. You can withdraw your consent at any time.

Marketing cookies and pixels

We use marketing cookies and pixels if you give consent.

This applies to Meta Pixel and Google Ads technology. GA4 events may also be shared with Google Ads if you give consent. Marketing technology can measure visits, clicks, and actions. It can also be used for ad measurement and remarketing. Remarketing means that you may see ads after visiting the website.

We may also use data for lookalike audiences. Lookalike audiences are sometimes called mirror audiences. This means that ad platforms find people who resemble our visitors.

Marketing cookies are only activated if you give consent. You can withdraw your consent at any time.

Video

When playing video, Mux may set technical cookies.

These may be used for buffering and playback status. They may also be used to measure technical video quality. Some cookies may be necessary to display video. Other cookies are only used if you give consent.

Payment-related cookies

Stripe and Vipps may set necessary cookies during payment. These are used to complete and secure the payment. They are also used to prevent misuse and fraud.

How do you manage cookies?

When you visit the website for the first time, you will receive a consent banner.

There you can choose which categories you accept.

You can change your choices at any time.

You do this via "Cookie settings" in the footer.

You can also withdraw your consent there.

Third-party cookies

Some providers may set their own cookies. This applies in particular to Google, Meta, Mux, Stripe, and Vipps. Google may set cookies for analytics and advertising. Meta may set cookies and pixels for advertising. Mux may set cookies for video, analytics, and technical performance. Stripe and Vipps may set cookies for payment. We recommend that you read the providers' own privacy policies.

There you will find more information about their processing.

Whom do we share information with?

We use providers who process personal data on our behalf.

We use the following providers:

Vercel Inc. Vercel is used for hosting the website.

Supabase Inc. Supabase is used for database and user authentication.

Mux Inc. Mux is used for video hosting and video playback.

Google LLC Google Analytics 4 is used for visitor statistics and analytics. Google Ads may be used for ad measurement and marketing. GA4 events may be shared with Google Ads if you have given consent.

Meta Platforms Ireland Limited Meta Pixel is used for ad measurement and targeted marketing. This may apply to advertising on Facebook and Instagram. Meta Pixel is only used if you have given consent.

Stripe Inc. Stripe is used for card payments.

Vipps AS Vipps is used for payment via Vipps.

Some providers act as data processors for us, while others may be independent data controllers for parts of their processing. This applies in particular to payment services such as Stripe and Vipps, but also to Google and Meta. We enter into the necessary agreements with our providers.

Providers may only use information according to our instructions when they act as data processors.

Transfers outside the EEA

Some providers may process personal data outside the EEA.

This applies, among others, to Vercel, Supabase, Mux, Google, Meta, and Stripe, which process data in the United States. Transfers of data only take place when there is a valid transfer mechanism, including the EU-U.S. Data Privacy Framework and the EU Standard Contractual Clauses (SCC).

How long do we store the information?

We store personal data for as long as it is necessary to fulfill the purpose of the processing.

Purchase data is stored for five years in accordance with bookkeeping rules.

Information related to newsletters is deleted when you unsubscribe.

Account information is stored for as long as you have an active account.

Inquiries are stored for as long as it is necessary to follow up on the matter.

We may store information longer if required by law.

Your rights

You have several rights under privacy legislation.

You can request access to the information we hold about you.

You can ask us to correct inaccurate information.

You can ask us to delete information about you.

You can ask us to restrict the processing of your information.

You can request to receive information in a machine-readable format.

This is called data portability.

You can object to processing based on legitimate interest.

You can withdraw consent at any time.

Withdrawal does not affect processing that has already been lawfully carried out.

You can unsubscribe from newsletters via the link in the email.

You can withdraw cookie consent in the cookie settings.

Contact us at hello@caseswine.com if you wish to exercise your rights.

Complaint to the Norwegian Data Protection Authority

You can lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) if you believe we are in breach of privacy rules.

You will find more information at datatilsynet.no.

We appreciate it if you contact us first.

That way, we can try to resolve the matter in a good way.

Changes to this policy

We may update this privacy policy.

The latest version will always be available on the website.

In the event of significant changes, we will notify you.

Notification may be given by email or as a message on the website.

Suggested consent texts