Privacy Policy

1. Data Controller

Risan Solutions (Org.nr 937 137 273), a Norwegian sole proprietorship operating the Ghost Network brand, is the data controller for personal data processed through this website and associated services. Registered address: Valenvegen 49, 3802 Bø i Telemark, Norway. Contact: contact@ghostnetwork.no

2. What Data We Collect

• Account data: email address, display name, hashed password
• Session data: hashed IP address, hashed user agent (for security purposes)
• Contact form submissions: name, email, subject, message, and a hashed IP address (for spam prevention)
• Security event logs: IP address and user agent, recorded when security-relevant actions occur, for fraud prevention and system protection

3. Legal Basis

We process personal data based on:

• Contract performance (account management, service delivery)
• Legitimate interest (security, fraud prevention)
• Consent (marketing communications, where applicable)

4. Data Retention

Account data is retained for the lifetime of your account plus 30 days after deletion. Contact form submissions are retained for 12 months. Session data expires after 7 days. Security event logs are retained for up to 12 months for security and fraud investigation purposes.

5. Your Rights (GDPR)

Under the GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request erasure of your data
• Restrict or object to processing
• Data portability
• Lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet)

To exercise your rights, please contact us at contact@ghostnetwork.no.

6. Security

We implement industry-standard security measures including password hashing (bcrypt), secure session tokens transmitted over HTTPS, and regular security reviews.

7. Contact

For privacy-related inquiries, contact us at: contact@ghostnetwork.no