OHOby Ovanap
NOSubmit a problem

Privacy policy

Last updated 10 June 2026

This page explains what personal data we collect when you use ovanap sites, why we collect it, and what rights you have. We collect only what we need to answer your request — nothing is sold, and nothing is used for advertising.

Who is responsible

Monine AS (org. no. 926 029 215) is the data controller. Ovanap is our brand name. Questions about your data: hello@ovanap.no.

What we collect, and why

  • Contact forms ("Submit a problem" and "Request a website"): your name, email, and optionally phone, company, a description, links, file attachments and a voice recording. We use this to review and answer your request. It is stored in our internal request system and is only visible to our team.
  • Free website check: the web address you enter and, if you order the full report, your email and optionally your name. The address is analysed technically (including Google PageSpeed), we take screenshots of the public site and have them reviewed by an AI service, and the finished report is emailed to you. We keep your email and the checked address to track the one-free-report-per-6-months limit.
  • Paid extended report (199 NOK, when available): payment is handled entirely by Stripe. We store your email, the checked address and the payment status — we never see or store your card number.
  • Security logs: our rate-limiting and abuse protection logs your IP address when requests are blocked or fail. These logs are deleted within 90 days.

Cookies

The public pages set only strictly necessary technical cookies (security tokens used to protect forms and logins). We use no marketing, advertising or analytics cookies — which is why you see no cookie banner.

To understand how the pages are used, we record anonymous events (e.g. that a check was started or a report opened) in our own database — no third-party tools, and nothing that identifies you. If you arrive from an ad, the campaign parameters (utm) are kept temporarily in your browser’s sessionStorage for this tab, so an eventual inquiry can be attributed to the right campaign. This is functional storage, not a cookie, and disappears when the tab closes.

Who processes data for us

We use a small number of service providers (data processors) to deliver the services. We never sell personal data.

  • Hetzner (Germany/EU) — server hosting; all our data is stored in the EU.
  • Google PageSpeed Insights — technical measurement of the web address you check (the address only, no personal data).
  • Anthropic and DeepSeek — AI analysis of website screenshots and drafting of the report text for the website check.
  • Resend — sending the emails we send you (verification links and reports).
  • Stripe — card payment for the paid report, when enabled.

How long we keep it

  • Form submissions: as long as needed to handle and follow up your request.
  • Website-check reports: the generated report is cached for 7 days; the email/address record for the free-report limit covers the rolling 6-month window.
  • IP addresses in security logs: deleted within 90 days.

Your rights

Under the GDPR you can ask for access to, correction of, or deletion of your personal data, ask us to limit processing, or object to it. Email hello@ovanap.no and we will handle it. You can also complain to Datatilsynet (the Norwegian Data Protection Authority).

Legal basis: answering your request (GDPR art. 6(1)(b)), your consent for the report email (art. 6(1)(a) — you can withdraw it at any time), and our legitimate interest in keeping the service secure (art. 6(1)(f)).

Privacy policy | Ovanap