Privacy Policy

Privacy Policy statement


Leonlingua Spanish Academy (LSA) (org. no. 99 55 31445) is committed to processing personal data in a satisfactory and trustworthy manner in connection with you visiting and using our website:;; as well as our course platforms with their own URLs [hablaonline]

This Privacy Policy contains information you are entitled to when collecting information from our websites and general information about how we process personal data.

The purpose of this Privacy Policy is to inform you about your rights, as well as about our policies and procedures for processing the personal data we receive from you through your use of our websites.

The Privacy Policy is governed by Norwegian law and may be updated from time to time, partly as a result of changes in applicable data protection laws or because the services available on the websites are expanded or changed. We will notify you if this requires new consent from you.

Please read this statement carefully to get a clear understanding of how we collect, use, protect or otherwise process your personal data.


In order to make use of the services available on our website, it is necessary that you provide us with certain requested personal data. Unfortunately, if you do not wish to provide us with such necessary information, we cannot provide you with access to the requested service.

By using services on our websites, you confirm that you have read and that you understand and consent to the content of this Privacy Policy and to our processing of your personal data.

You can withdraw your consent at any time by contacting us. Please note, however, that this may result in us no longer being able to provide our services to you.

If children under the age of 16 have provided us with personal data, we will delete the information as soon as we become aware of the relationship. Guardians can contact us.

Data Controller

Elisabeth Hofstad and Leonlingua Spanish Academy are the data controllers for the processing of personal data in connection with our activities pursuant to the personal data legislation in force at any given time. Data controller means the person who determines the purpose of the processing of personal data and which aids to use. It is the data controller who has overall responsibility for the processing of your personal data.

What is personal data?

Personal data is meant information that can be linked to a natural person, such as information about name, place of residence, telephone number and e-mail address. Processing refers to any use of personal data, such as collection, registration, compilation, storage and disclosure.

What personal data do we process?

By using our services on our website, we may process your personal data, including but not limited to:

  1. Address
  2. Payment history, including date and time, amount charged, debit credit card information, and other related transaction details.
  3. Username
  4. E-mail address
  5. Company Name
  6. Information about your use of Our Websites, such as your search history, which subpages are visited
  7. Types
  8. Contact person information
  9. IP addresses
  10. Comments and activity log from our course portals (after logging in)
  11. Mail tracking
  12. Name
  13. Browser settings
  14. Operating system
  15. Password (encrypted for us)
  16. Telephone number
  17. Traffic data

This is how we collect the information:

We process personal data that you provide via forms on our website, for example:

  1. Contact form or registration for our newsletter
  2. Registration for a free course, webinar, etc.
  3. Download of e-book, guide, templates, etc.
  4. Purchase of courses, services or products on our website
  5. Comment fields

Purpose of the information collected:

We are committed to processing personal data in a way that allows you to feel confident that information about you is treated confidentially.

We process personal data necessary for you to make use of our services and use our websites.

We will process personal data that we receive directly from you or in technical ways (such as automatic registration via our servers) for the purposes described below and to provide, monitor and analyze the use of services and websites as well as carry out maintenance and improvements.

The purpose of our processing of your personal data is to serve your use of services and websites in the best possible way.

When you provide personal data in order to access our services and websites, we will process your personal data in order to:

  1. Provide access to our products and services
  2. Send out relevant information
  3. Managing customer service
  4. Offer you free tips, eBooks, guides, etc.m.
  5. Provide you with information about the most relevant products and services

We will not use your personal data for any purpose other than the stated one, unless there is express consent from you to use it for any other purpose.

Here's how the information is stored:

Information obtained through forms on our website. This is stored in our CRM system in WebinarJam, Simplero and Active Campaign, which are the systems we use to store customer data and automate marketing communications.

The information is stored until you request that it be deleted or that it has been inactive for 2 years, unless otherwise provided by law.

Information is deleted upon request by contacting us.

Here's how you can delete your personal data:

Information is deleted upon request by contacting our customer service centre on

+47 928 02 474 or

Disclosure of information to third parties?

Your personal data is not shared with third parties, but unless you wish to use payment offers from our subcontractors such as PayPal or Stripe. These subcontractors may process personal data on our behalf.

Should we disclose personal data to organizations that perform services on our behalf, we will require service providers to only use such personal data for the purpose of providing such services to us and we will obtain the warranties deemed required for the protection of your personal data for that purpose.

All third parties who receive personal data from us are obliged to comply with our standards for the processing of personal data or equivalent standards, as well as obligations arising from the applicable data protection legislation at any given time.

If required by law or there is a suspicion that an offence has been committed in connection with the use of our services, personal data we have stored about you may be disclosed to public authorities.

If personal data may be subject to transfer to another organisation in connection with the merger, financing, reorganisation or dissolution transaction of all or part of us, we will only do so if the parties involved have entered into an agreement in which the collection, use and sharing of the personal data is limited to the purposes relating to the transaction, including a provision on whether or not the transaction should proceed , and the personal data shall only be used by the parties involved to carry out and complete the transaction. If another company purchases us or our business or assets, that company will have access to the personal data collected by us and will assume the rights and obligations regarding your personal data as described in this Privacy Policy.

Third-party links

Occasionally, in our sole discretion, we may include or offer third party products or services on our websites. We may also have links on our websites to other websites that are not under our control. These links are provided for orientation only. These third-party websites have separate and independent privacy policies. We encourage you to read the privacy policy of each website you visit. We have no responsibility for the content and activities of these websites.


Protecting your personal data is important to us. Therefore, we do what we can to maintain and utilize reasonable measures for the physical and technical security of offices and information storage facilities, to prevent loss, misuse, unauthorized access, disclosure or modification of your personal data.

Your personal data is processed behind secured networks and is only available to a limited number of people who have special rights to such systems and who are required to treat the personal data confidentially. We make use of computer systems with limited access, located in facilities with physical security measures.

We evaluate our data collection, storage and processing practices, including physical security measures, to protect unauthorized access to our computer systems.

All payment transactions are processed through a gateway provider and are not stored or processed on our servers. In addition, any debit and credit card information you provide is encrypted via Secure Socket Layer (SSL) technology.

If an employee with us misuses your personal data, this will be considered a serious breach in which we will be able to take disciplinary action, including termination. If a person or organization misuses personal data they have received to assist with the provision of our services and websites, this will be considered a serious breach in which we may take appropriate measures, including the termination of agreements between us and the individual organization.

In the event of discrepancies regarding your personal data, we will notify you by e-mail within 4 business days.

Transfer of personal data abroad

Your personal data may be transferred within the European Economic Area and other countries that the European Commission has deemed to have adequate protection of personal data on the basis of Article 45 of Regulation (EU) 2016/679. Your consent to this Privacy Policy represents your consent to this transfer.

Your rights

You as a user of our websites have, with the restrictions imposed by the applicable data protection legislation at any given time, the right to access your personal data and you have the right to know how it is processed. You may also require correction, erasure and restrictions on the processing of personal data we store about you.

You may withdraw your consent at any time and all data about you will be deleted except as required under the Accounting Act if you are a paying customer.


If you would like to request access, rectification or erasure of personal data or if you have any questions or requests regarding this Privacy Policy, Our Processing or would like to complain about our processing, please contact us at:

Phone: +4792802474
Post: Ulvåsveien 12, 3138 Skallestad

You also have the right to lodge a complaint with the Norwegian Data Protection Authority regarding any matter relating to the processing of your personal data. Contact information there is available on