Privacy Policy for Nikah.no
Version 1.0, updated 18 February 2026
1. Who is the data controller
Qreklame AS with organisation number 931 350 048 and registered business address Bjerkejordet 6, 2040 Kløfta, Norway (hereinafter referred to as the “Supplier“, “we” or “us“) has developed the platform on the website Nikah.no (hereinafter referred to as the “Platform“), with offered services from the Supplier.
The Platform connects potential physical individuals visiting the Platform (hereinafter referred to as “User“) with other individuals for a life partner for marriage, primarily within the Muslim community.
If you have any questions regarding our processing or wish to exercise other rights as a data subject under the General Data Protection Regulation (hereinafter referred to as “GDPR“), please contact us by email [email protected] or by post to Qreklame AS Bjerkejordet 6, 2040 Kløfta.
2. Why we process your personal data
The Supplier processes personal data about you as a User so that you can use our services via the Platform. Your personal data is used to create and manage your user profile (user account as a User) on the Platform. In addition, your personal data is processed so that we can facilitate contact and dialogue between us and you as a User if you want support or a paid service from us.
Personal data is also processed to ensure matching between our Users so that you can receive matching and follow-up based on your information and use of the Platform.
Furthermore, personal data is used to implement the User Agreement for the Platform, provide support, and fulfil our legal obligations as a supplier of the Platform and the services offered, for example in relation to accounting regulations.
Our security and reporting functions also require the processing of personal data to prevent misuse and ensure the safe use of the Platform. All of this is done in accordance with the principle of data minimisation, and we implement technical and organisational measures to protect your data against unauthorised access and use.
3. Legal basis for processing
Data protection legislation in Norway and the EU requires a “legal basis” for collecting and processing personal data from residents of EU/EEA countries, cf. GDPR Article 6. Our legal basis for processing your personal data depends on the specific processing purposes and your use of the Platform as described below.
3.1 Agreement
The processing of personal data is necessary to fulfil the User Agreement between you as a User and us as the Supplier of the Platform and associated services, cf. GDPR Article 6(1)(b). This basis is used where processing is necessary to perform the services that your use of the Platform as a User entails. This includes establishing your profile as a User on the Platform, storing your contact information and following up on your use of the Platform’s communication solutions or functionality, including support you request from us.
3.2 Legal obligation
Certain processing of personal data is necessary to fulfil legal obligations incumbent on the Supplier under Norwegian law, cf. GDPR Art. 6(1)(c). This includes, for example, the obligation to store and report certain data to public authorities such as the Norwegian Tax Administration or other relevant supervisory and reporting bodies. If you purchase any service through the Platform, we are obliged to comply with Norwegian accounting legislation, including obligation for us to store certain data for 5 years.
3.3 Consent
If you have given us your consent to processing activity beyond agreement or legal obligation, we may use consent as legal basis according to GDPR Art. 6(1)(a). We use consent to send you our newsletter on e-mail. We use consent to use cookies for the purpose you have consented to beyond strictly “necessary” cookies (this may be “statistics”, “functionality” or “marketing” in our cookie tool on the Platform. You have the right to withdraw any consent, and we will cease processing such personal data unless we are obliged to continue use according to agreement or legal obligation.
3.4 Legitimate interest
In addition, it is necessary to process certain personal data about a User in order to ensure the security of the Platform, and here we use legitimate interest as the basis for processing, cf. GDPR Art. 6(1)(f). We have conducted a balancing test and concluded that our interest in offering a secure Platform with a low risk of identity theft and fraud outweighs the privacy disadvantage for the User. We have limited the processing to an appropriate level of security tailored to the Platform and the services offered.
4. Personal data we process about you
4.1 General information about what personal data we process
The Supplier collects, stores and shares only the personal data necessary for you to create a user account and use the services on the Platform. The Supplier collects and processes the following information about you when you create a user account on the Platform as a User:
- Name
- Email address
- Mobile number
- Postcode
- The Platform uses BankID verification systems to identify you and to retrieve your name, date of birth, country and personal identity number.
If you register on the Platform as a User, we will collect and process the following information about you:
- Name
- Mobile
- Postcode
- Religious orientation (that you share through your use of the Platform)
- Physical detalis
- Lifestyle habits
- Family background
The processing of this personal data is necessary to manage your user profile on the Platform, enable contact with us or between Users on the Platform, and facilitate chat and other services that can be ordered by users through the Platform. The information is also used to share contact information with relevant dealers so that you, as a Buyer, can receive targeted follow-up and offers.
Your personal identity number will not be shared with other Users or parties. The Platform will automatically during your registration process generate a unique username for you as the User, which is displayed on your profile. This allows Users to view each other’s profiles without knowing real identities.
Processing is only carried out for the aforementioned purposes, and the Supplier does not use the information for other purposes without specific consent or where there is another legal obligation to do so.
It is voluntary to register as a User, and it is voluntary to provide information about yourself called special categories of personal data. Each User is deemed to have given us their explicit consent to share special categories of personal data about themselves upon creation of their User and subsequently upon use, e.g. if the User chooses to share their own health information or their own information about ethnicity or religion when creating a user account or otherwise using the Platform. We consider such sharing of personal data via the Platform to fulfil the exception of explicit consent in Article 9(2) of the GDPR. It is also voluntary for you as the User to publish your user profile on SoMe, utilise the Wali Support option or a specific payment service as offered via the Platform.
4.2 Storage and deletion of personal data
Personal data is stored securely on servers in Helsinki, Finland, with the necessary technical and organisational measures in place to protect data from unauthorised access, alteration or deletion. We have entered into data processing agreements with all external suppliers to ensure that the level of security and processing complies with the GDPR.
Your information is only stored for as long as is necessary to fulfil the purpose or other legal basis. When the purpose no longer requires storage, or if you request deletion or exercise your right to object under GDPR Art. 21, the information will be deleted as soon as possible, unless it must be stored longer by law. We aim to have deletion routines that are as short as possible.
5. Sharing of personal data and third parties
The Supplier does not share your information with unauthorised parties.
Subcontractors who handle IT operations, storage and security for the Supplier platform may also have access to certain personal data when providing their services on a case-by-case basis. For example, personal data may be shared with IT suppliers who have developed the Platform or provide support services as our subcontractor, and we have data processing agreements with such subcontractors that prevent them from processing personal data for their own purposes. If any subcontractor is used outside countries approved by as secure third countries, we enter into Standard Contractual Clauses for international transfers with such third party that also include additional technical measures agreed upon before they may access personal data regarding any Users.
Your personal data is stored securely on the Platform on a dedicated server which is provided by Hetzner as our data processor: Hetzner Online GmbH with address Industriestraße 25, 91710 Gunzenhausen, Germany (“Hetzner”) is our data processor that stores all data from the Platform including data generated from Users of the Platform at secure servers in Hetzner’s data centre located in Helsinki, Finland. We have entered into a Data Processing Agreement with Hetzner that fulfils the requirements of GDPR article 28, states that all of our data will only be processed within the EU and with description of the information security including Technical and Organizational Measures.
The Supplier has entered into a standard BankID Services Agreement with Idura: Idura ApS from Denmark is the reseller regarding use of BankID from the bank DnB in Norway, MitId In Denmark and FTN I Finland that is used on the Platform nikah.no when you as a User is creating your profile and is asked to verify yourself (the bank DnB is deemed a controller according to GDPR and the Supplier will not share any personal data regarding its Users to Idura ApS).
The Supplier has entered into a standard Services Agreement with Signicat: Signicat AS from Trondheim, Norway, acts as the processor according to Data Processing Agreement for the products Package with the method Signicat Starter (Authentication), Certificate with the method Swedish BankID Certificate – Other and Authentication with the method Authentication, and explaining that Swedish BankID use Swedish BankID Banks owned by Finansiell ID-Teknik BID AB (each bank is deemed a controller according to GDPR).
If the suppliers are changed, or if it becomes necessary to transfer data to countries outside the EU/EEA, this privacy policy will be updated.
Our web page Cookie statement explains third party cookies.
6. Your rights
You have rights as a data subject under the GDPR to your own personal data that we process via the Platform. An overview of these rights is provided below. Please contact us if you wish to exercise your rights. We will respond to your request as soon as possible and within one month.
Information and access: You have the right to request information about how we process your personal data and to obtain a copy of this personal data.
Rectification: You have the right to request the correction of inaccurate personal data about you and to have any incomplete personal data about you completed.
Objection: You have the right to object to the processing of your personal data under certain conditions. You may also object to being subject to any individual decisions of a legal nature that are exclusively automated.
Erasure: You have the right to request the erasure of your personal data under certain conditions.
Restriction: You have the right to ask us to restrict our processing of your personal data so that we no longer process this information until the restriction is lifted.
Portability: You have the right to receive your personal data in a structured, commonly used and machine-readable format, and to have this information transferred to another business under certain circumstances.
Complaint: You have the right to complain about our processing of your personal data to the Information Commissioner’s Office. We encourage you to raise any objections to our processing of personal data with us first, so that we can clarify any misunderstandings.
Please note that these privacy rights are subject to restrictions under the law. You can also read about your rights in the Norwegian Data Protection Authority’s guidance on the rights of data subjects and the Norwegian Data Protection Authority’s contact details at the web site www.datatilsynet.no.
If you have any questions about this privacy policy, your personal data, or believe that we are processing your personal data unlawfully, please contact us by sending an email to [email protected]. If you believe that the information and assistance you receive from us is insufficient, you have the right to lodge a complaint with the Norwegian Data Protection Authority.
We update our privacy policy as necessary. Major changes will be notified directly, otherwise updated policies are always available on the Platform’s website Nikah.no.