Privacy Policy & Terms of Service

C-MOMENTUM AS
Effective date: 01 Oct 2025

General information

Our Terms of Service & Privacy Policy outlines the rules for using our sites and our relationship with you. By using the website operated by C-MOMENTUM AS, you consent to our use of cookies and pixels in accordance with the terms of this policy.

Your safety and privacy is important to us. We comply with the General Data Protection Regulation (GDPR). This Policy will help you better understand how we collect and manage your data, why we do so, and your rights to control your data.

Data controller & privacy contact

C-MOMENTUM AS (Org. no. 990 342 466), Norway, is the controller of personal data processed in connection with this Site and our services. We have not appointed a separate Data Protection Officer (DPO). For privacy-related questions or GDPR requests, please contact:

Privacy contact: Leni Chr. Jebsen
Email: info [at] c-momentum [dot] no

The Policy governs all use of C-MOMENTUM AS website and all content, services, and products made available through our site. The website operated and owned by C-MOMENTUM AS is c-momentum.com, any landing pages we create, our online booking pages provided by Calendly, and our profiles and/or pages on Facebook, Instagram, LinkedIn, and TikTok, collectively referred to as the “Site.” Please note that third-party platforms such as Facebook, LinkedIn, Instagram and TikTok have their own privacy policies and terms which apply when you use their services.

Privacy Policy

The information we collect

Information you provide directly

We collect personally identifiable information from you in a variety of ways, including, but not limited to, opt-ins and online forms when you order products and services. We further collect information from you when you sign up for coaching, as well as in other instances where you volunteer information, including, but not limited to, when you place an order or subscribe to our newsletter. When registering as a client, you may be asked to provide personal information such as contact details, professional information, and other details relevant to our coaching services. We will not ask for your social security number or your credit card information. All billing information is gathered through our Site and handled by a third-party provider.

We may also collect email addresses through blog subscription features on our website.

Information from third-party forms and tools

We use Cognito Forms to create and manage our online forms, including client intake forms, coaching service sign-ups, and contracts. Information submitted through these forms is processed by Cognito Forms on our behalf in accordance with GDPR.

For team coaching services, we use Team Coaching International (TCI) platform to deliver team diagnostics. Information submitted through TCI assessments (including names, emails, company information, and assessment responses) is processed by TCI on our behalf in accordance with GDPR.

We only record coaching sessions when explicitly requested and consented to by the client. Session recordings are processed through Zoom in accordance with GDPR.

Information collected automatically

Through our web hosting company, ProISP, we also collect information that your browser sends whenever you visit our Site. This may include information such as your computer’s internet protocol (IP) address, browser type and version, the pages you visit on our sites, the time and date of your visit, time spent on different pages, and other statistics.

In addition, we use third-party services such as Google Analytics, Facebook Pixel, and MailPoet newsletter analytics to monitor and analyze digital behavior. These analytics services may collect data including IP addresses, device information, browsing behavior, page interactions, and email engagement metrics (opens, clicks, unsubscribes).

Scheduling via Calendly

When you book a session with us, we use Calendly to provide our online scheduling service. The information you submit on the booking page (e.g., name, email address, phone number, and any notes you choose to provide) is processed by Calendly on our behalf. Calendly also uses cookies and similar technologies on its booking pages.

International data transfers

Some of our service providers are located outside the European Economic Area (EEA), including in the United States. Data may be transferred to the United States and other countries under Standard Contractual Clauses (SCCs) and/or the EU–U.S. Data Privacy Framework, as detailed in our Processors & International Transfers section below.

Cookies

Google Analytics cookies are retained for up to 24 months.
Facebook Pixel cookies are typically retained for up to 90 days.
MailPoet tracking cookies are retained for up to 12 months.
Calendly cookies vary depending on your selections in their banner.

What we use your information for

Personalize your experience
Improve our Site and services
Improve customer service
Provide you with a service or product
Manage bookings and send service emails
Send newsletters and marketing
Comply with legal obligations
Ensure IT and payment security
Analyze anonymized client feedback and coaching outcomes to improve our services and methodology
Develop educational content and insights based on anonymous coaching data and industry trends
Use AI tools to identify patterns in anonymous feedback for service enhancement

We process your data based on contracts, your consent, legal requirements, or legitimate business interests (including anonymous data analysis for service improvement and educational content development), in accordance with Legal bases (Art. 6 GDPR).

Data analysis and confidentiality

We may analyze client feedback, coaching outcomes, and case studies to improve our services and develop educational content. All data used for analysis is fully anonymized with identifying information removed to protect client confidentiality.

We may use AI tools to help identify patterns and trends in this anonymous data. No individual clients can be identified from this analysis, and we maintain strict confidentiality standards in all our data processing.

Client confidentiality is fundamental to our coaching practice and is never compromised in our data analysis processes.

Security and how we protect your information

We use SSL, firewalls, antivirus, and role-based access controls. No method is 100% secure, but we apply appropriate technical and organisational measures.

All client data is stored with third-party cloud service providers and not on local devices. We rely on the security measures implemented by our service providers (Microsoft 365, Google Workspace, Cognito Forms, Calendly, and others listed in the Processors section) to protect your data.

Data breach procedures

In the unlikely event of a data breach that poses a risk to your personal data, we will: • Notify the Norwegian Data Protection Authority (Datatilsynet) within 72 hours • Inform affected clients without undue delay if there is a high risk to your rights and freedoms • Take immediate action to secure data and prevent further breaches • Work with our service providers to investigate and resolve the incident • Document the breach and our response actions

Since we use third-party cloud services for data storage, we monitor security notifications from our service providers and will act promptly if they report any security incidents affecting your data.

Processors & international transfers

Your personal data may be processed by:

Hosting: ProISP (Norway)
Scheduling: Calendly (USA, SCC/DPF)
Forms: Cognito Forms (USA, SCC/DPF)
Team diagnostics: Team Coaching International/TCI (USA, GDPR compliant)
Session recordings: Zoom (USA, GDPR compliant, only when requested by client)
Analytics/advertising: Google Analytics, Facebook Pixel
Email: Outlook, Microsoft 365
Newsletter and email: MailPoet
Cloud/communication: Google Workspace, WhatsApp
Accounting/invoicing: PowerOffice

Deletion of information

Coaching intake forms: deleted within 12 months (private) / 2 years (corporate) after end of contract.
Booking data (Calendly): deleted or anonymised no later than 12 months after last appointment unless required longer.
Newsletter/mailing list data: retained for 1 year after unsubscribe/withdrawal of consent.
Accounting/financial records: retained for 5 years in accordance with the Norwegian Bookkeeping Act.
Inactive email contacts (5 unopened consecutive campaigns): deleted after final reminder.

Your rights

You have the right to:

Access your personal data – Request a copy of the personal information we hold about you
Update or correct your information – Ask us to correct any inaccurate or incomplete personal data
Request deletion of your data – Ask us to delete your personal information (subject to legal retention requirements)
Restrict how we process your data – Ask us to temporarily stop using your information for anonymous data analysis or educational content development while continuing your coaching services
Object to certain processing – Object to us using your data for anonymous analysis, trend identification, or educational content development (coaching services will continue normally)
Receive your data in a portable format – Request a copy of your data in PDF format
Withdraw consent for newsletters and marketing communications – Unsubscribe from our marketing emails at any time
File a complaint – Lodge a complaint with the data protection authority if you’re unhappy with how we handle your data

Important limitations: Some data must be retained for contract fulfillment, legal compliance (including 5-year retention for accounting records under Norwegian law), or legitimate business interests, and cannot be deleted or restricted during these periods. Cookie preferences are managed through your browser settings and our cookie banner.

How to exercise your rights: Contact us using our contact form or email us at info [at] c-momentum [dot] no. Please specify which right you wish to exercise and provide identification for verification.

We will acknowledge receipt of your request within 3 business days and provide our full response within 1 month as required by GDPR.

If you’re not satisfied: You can file a complaint with the Norwegian Data Protection Authority (Datatilsynet) at https://www.datatilsynet.no

Terms of service

Intellectual property

All content is owned by C-MOMENTUM AS unless otherwise stated.

Disclaimer & limitation of liability

We are not liable for indirect, incidental, consequential or punitive damages arising from your use of the Site or our services.

Indemnification

You agree to hold C-MOMENTUM harmless from claims related to your use.

Changes to the policy

This Policy is effective as of 07 Oct 2025 and remains in effect until revised.
We may update it at any time. Material changes will be notified by email (if provided) or on the Site.

Payment

All sales are made directly with C-MOMENTUM, invoiced through PowerOffice, GDPR-compliant.
Disputes are handled under Norwegian law with Bergen District Court (Bergen tingrett) as venue.

Contact us

Email: info [at] c-momentum [dot] no
Privacy contact: Leni Chr. Jebsen