Privacy Policy

This privacy policy explains how Norsk Musikkforlag collects and uses personal information through this website and the services connected to it.

1. Data controller

Norsk Musikkforlag is a brand operated by Vigmostad & Bjørke AS, which is the data controller responsible for the processing of personal information collected through the services described in this policy. The Managing Director of Vigmostad & Bjørke AS is responsible for the company's processing of personal data. It is important to us that you, as a user, can trust that your data is stored and handled in a secure and professional manner.

2. What information we collect

We collect personal information that you provide to us when:

Submitting a licensing application through our online form for print and graphic licences. The form prepares a structured email draft in your own email client, which you then send to lisens@norskmusikkforlag.no. The submitted information typically includes your name, organisation, contact details, and information about the works and intended use.
Submitting a self-publishing application through our online form. This form works the same way — it opens your email client with a pre-filled draft, which is then sent to post@norskmusikkforlag.no. The submitted information includes your name, email address, and details about the work you wish to publish.
Contacting us by email at any of the addresses listed on our Contact page.
Signing up for our newsletter through the subscription form on our website, where we collect your email address and your selected interest categories.
Browsing our website, where cookies and analytics tools may collect technical and usage information (see section 4).

We do not operate user accounts, online ordering, or payment processing through this website. Our online sheet music shop is operated separately at notebutikken.no, which has its own privacy policy.

3. Legal basis for processing

The processing of your personal information is based on the following legal grounds under the General Data Protection Regulation (GDPR):

Article 6(1)(b) — processing necessary to take steps at your request prior to entering into a contract, such as handling licensing or publishing applications you submit to us.
Article 6(1)(f) — legitimate interest. Our legitimate interest is to respond to enquiries and maintain communication with customers and partners, which we consider necessary and proportionate to operate as a music publisher, and we do not consider this processing to override your rights and freedoms..
Article 6(1)(a) — consent, where you have explicitly given consent (for example, to non-essential cookies).
Article 6(1)(c) — compliance with a legal obligation, such as scanning email for malware to ensure information security under GDPR Articles 5(1)(f) and 32.

4. How we collect personal information

Application forms

When you submit a licensing or self-publishing application, the form on our website prepares a structured email in your own email client. The data is transmitted from your device through your email provider to our inbox at Norsk Musikkforlag, where it is stored in our standard email system. We do not receive or store the form data through any server-side processing on our website.

Email correspondence

When you contact us by email, we use that information to respond to your enquiry. We ask that you do not send sensitive personal information (such as health information or national identification numbers) by unencrypted email. We scan all incoming and outgoing email for viruses and malware to ensure the integrity, confidentiality and availability of our systems.

Newsletter

You can sign up for our newsletter through a form on our website. We collect your email address and your selected interest categories, which let us tailor the content you receive to the topics you care about. The newsletter is operated jointly with our webshop notebutikken.no, and subscriptions are managed on a single shared list. This means that if you subscribe through either website, you are added to the same list — but the interest categories you select determine which newsletters and content you actually receive. You can update your interest selections or unsubscribe at any time.

The processing is based on your explicit consent under GDPR Article 6(1)(a). You can unsubscribe at any time by clicking the unsubscribe link included in every newsletter we send, or by contacting us directly. When you unsubscribe, we delete your subscription details, though a minimal record of the unsubscribe request may be retained to ensure your preference is honoured going forward.

This website uses cookies — small text files stored on your device when you visit. Cookies on this site fall into the following categories:

Strictly necessary cookies (no consent required)
These cookies are essential for the website to function correctly and cannot be disabled.

crumb — set by our website platform (Squarespace) to protect against cross-site request forgery. Retention: session only (deleted when you close your browser).
ss_marketingCookiesAllowed and ss_performanceCookiesAllowed — set by the cookie consent banner to remember your cookie choices, so we don't re-prompt you on every visit. Retention: approximately 12 months.

Analytics cookies (consent required)
These cookies help us understand how visitors interact with our website. They are only set if you have given consent through our cookie banner.

ss_cvr — Squarespace Analytics visitor record. Assigns an anonymous identifier so we can distinguish visits and measure traffic patterns. Retention: approximately 13 months.
ss_cvt — Squarespace Analytics session token. Used to track visit sessions for analytics purposes. Retention: 30 minutes (refreshed on each page view).

Marketing cookies (consent required)
We do not currently use marketing or advertising tracking cookies on this website. If this changes in the future, this policy will be updated and consent will be requested through our cookie banner.

Managing your cookie preferences
When you first visit our site, you will see a cookie banner provided by Squarespace with three options: "Accept all", "Manage cookies" (to choose specific categories), or "Decline all" (which prevents all non-essential cookies from being set). You can review and update your choices at any time through the "Cookie Preferences" widget that remains accessible on every page. You can also delete cookies directly through your browser settings — see your browser's help pages for instructions.

Website analytics

We may use analytics tools to compile aggregated, anonymised statistics about how the website is used. This helps us improve the user experience and develop the site further. Data is aggregated and, where possible, anonymised or pseudonymised, and is not used for any purpose other than analysis.

5. Service providers and partners

To deliver this website and its services, we use the following types of service providers, all of whom act as data processors on our behalf under signed data processing agreements:

Website hosting and platform — Squarespace Inc. (USA) hosts our website. Our Data Processing Agreement (DPA) with Squarespace is incorporated into our Terms of Service with them. Some data may be transferred to the United States under appropriate transfer safeguards, including the EU-US Data Privacy Framework and Standard Contractual Clauses.
Email and office services — used for handling email correspondence and storing communications received through our forms.
Newsletter delivery — Mailchimp (operated by Intuit Inc., USA) is used to send newsletters and to manage subscriptions and unsubscriptions. Our Data Processing Agreement (DPA) with Mailchimp is incorporated into our account agreement with them. Any transfers of personal data to the United States are made under appropriate transfer safeguards, including the EU-US Data Privacy Framework and Standard Contractual Clauses.
Other partners — additional providers may be used for specific services such as analytics, security, and document handling.

A current list of data processors can be requested from us at the contact address in section 10.

6. Data retention and deletion

We retain personal information only for as long as necessary to fulfil the purpose for which it was collected.

Licensing and publishing applications are retained for as long as needed to handle the application and any resulting agreement, plus any statutory retention periods that apply. Where bookkeeping records are involved, Norwegian bookkeeping law requires retention for 5 years.
Email correspondence is retained for as long as necessary to handle the enquiry, plus a reasonable period for follow-up.
Newsletter subscription data is retained for as long as you remain subscribed. When you unsubscribe, we delete your subscription details, though a minimal record of the unsubscribe request may be retained to ensure your preference is honoured.

You may request deletion of personal information that we are not legally required to retain. To do so, send a request to slettmeg@forlagshuset.no.

7. Your rights

Under GDPR, you have the following rights regarding your personal information:

Access — you can request a copy of the personal information we hold about you.
Correction — you can request that we correct inaccurate or incomplete information.
Deletion — you can request that we delete personal information, subject to our legal retention obligations.
Restriction — you can request that we limit the processing of your information in certain circumstances.
Portability — you can request a structured, machine-readable copy of information you have provided to us.
Objection — you can object to processing based on legitimate interest.
Withdrawal of consent — where processing is based on consent, you can withdraw that consent at any time.

To exercise any of these rights, contact us at personvern@forlagshuset.no.

You also have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) if you believe our processing of your personal data does not comply with applicable law.

8. Information security

Your personal data is protected through:

Encrypted connections (HTTPS) for all traffic on this website.
Secure data centres operated by our service providers, with access controls in place.
Data processing agreements with all service providers that handle personal data on our behalf.

We do not make automated decisions based on personal data.

To protect our online resources, we reserve the right to implement security measures, including geo-blocking against countries and regions we consider to pose a significant security risk.

9. Updates to this policy

We may update this privacy policy from time to time to reflect changes to our website or our practices. An updated version will be published on this site no later than one week before the changes take effect.

This version was last updated on 07.05.2026.

10. Contact

For privacy-related enquiries, you can reach us at:

General privacy enquiries:personvern@forlagshuset.no
Data deletion requests:slettmeg@forlagshuset.no
Postal address: Vigmostad & Bjørke AS, Kanalveien 51, 5068 BERGEN, NORWAY.