Privacy, written to be read.

HoffHolo is committed to protecting the privacy of everyone who visits our website or engages with us as a client. We process personal information responsibly, transparently, and only for the purposes described in this policy.

This policy applies to personal information collected through hoffholo.com and hoffholo.no. It is written to be read, not filed away — if anything is unclear, please reach out.

HoffHolo is a consultancy providing organisational change, leadership, and transformation services to leadership teams and organisations navigating complex strategic and operational challenges. Our work is based in Norway and delivered internationally.

For the purposes of the GDPR, HoffHolo acts as the data controller for personal information collected through this website.

When you contact us through our website, we may collect the following information:

• Your name
• Your email address
• Your company or organisation
• Your role or title
• The subject of your enquiry
• The message you submit through the contact form

We only collect personal information that you voluntarily provide. We do not collect data passively through tracking technologies at this time.

We process personal information in order to:

• Respond to your enquiry in a timely and relevant way
• Communicate with you regarding the services you have requested
• Evaluate whether HoffHolo is an appropriate partner for your challenge
• Improve our services where applicable, based on the nature of enquiries received

We do not use your personal information for marketing purposes without your explicit consent, and we do not sell your data under any circumstances.

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases:

• Legitimate interest — when you contact HoffHolo, we process your information to respond and assess how we may be able to assist.
• Consent — where we explicitly request consent for specific purposes (for example, marketing communications), you may withdraw consent at any time.

We take appropriate technical and organisational measures to protect personal information against unauthorised access, disclosure, alteration, and loss.

All data submitted through our website is transmitted over encrypted connections (HTTPS). Access to enquiries is restricted to those within HoffHolo who need it to respond.

HoffHolo does not currently rely on third-party processors for handling contact enquiries beyond the technical infrastructure required to operate the website and deliver email (for example, email delivery services such as Resend if implemented).

We reserve the right to introduce trusted third-party service providers in the future, such as CRM systems, analytics tools, or email marketing platforms. If this occurs, this Privacy Policy will be updated before such services are used in production.

If analytics tools are introduced, this policy will be updated to describe what is collected, for what purpose, and how users can opt out where applicable.

We retain personal information only for as long as reasonably necessary to:

• Respond to your enquiry and maintain relevant communication
• Maintain business records where required by law or professional standards
• Comply with legal obligations

After this period, personal data is securely deleted or anonymised.

You may also request deletion of your data at any time, subject to legal or contractual obligations.

If you are located in the European Economic Area or the United Kingdom, you have the following rights:

• Access — request a copy of your personal data
• Correction — request correction of inaccurate data
• Deletion — request deletion of your data where legally applicable
• Restriction — request limitation of processing
• Objection — object to processing based on legitimate interest
• Portability — request a structured, machine-readable copy of your data where applicable

To exercise your rights, contact us at gdpr@hoffholo.no. We will respond within legally required timeframes (typically within 30 days).

If you believe your rights have not been respected, you may lodge a complaint with your local data protection authority. In Norway, this is Datatilsynet.

For privacy-related requests, corrections, deletions, or questions about this policy:

gdpr@hoffholo.no

We will acknowledge and respond as quickly as reasonably possible and within legal timeframes.

We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or new services.

When material changes are made, the “Last updated” date at the top of this page will be updated accordingly.

We encourage you to review this policy periodically if you continue to interact with us. Continued use of the website after updates constitutes acceptance of the revised policy.