Privacy Policy

Privacy Policy

Last updated: June 2026 | Effective date: June 2026

1. Who We Are

Immortal Me+ is operated by Dr. Dori Naerbo, PhD, an independent clinical researcher and health educator based in Sirevåg, Norway. For the purposes of EU/EEA data protection law, Dr. Dori Naerbo is the data controller for personal data collected through this website.

Contact: info@immortalme.com | immortalme.com

2. Our Commitment to Your Privacy

We collect only the personal data we need to operate the platform and serve members. We do not sell your data. We do not share your data with third parties except where strictly necessary to deliver services you have signed up for, or as required by law. We comply fully with the General Data Protection Regulation (GDPR) and the Norwegian Personal Data Act (Personopplysningsloven).

This platform handles health-related information you voluntarily provide. Health data is a special category of personal data under GDPR Article 9 and receives the highest level of protection.

No online activity can be guaranteed to be 100% secure. While we strive to protect your information against unauthorized access or disclosure, we cannot ensure or warrant the security of any information you provide. We do not accept liability for unintentional disclosure.

3. What We Collect and Why

Account and Membership Data

When you create an account we collect your name, email address, and an encrypted password. This is necessary to provide you with access to member content and services. Legal basis: Contract performance (GDPR Art. 6(1)(b)).

Payment Data

Payments are processed by Stripe or Whop. We do not store your credit card or payment details. We retain transaction records (amount, date, product) for accounting purposes only. Legal basis: Contract performance and legal obligation (GDPR Art. 6(1)(b) and (c)).

Health and Wellness Information — Special Category Data

If you voluntarily complete health assessments, symptom screeners, or share health-related information during a consultation session, this constitutes special category data under GDPR Article 9. We process this data only with your explicit, specific, informed consent via a dedicated consent interaction before any assessment or consultation. This data is used solely to provide you with the educational service you have requested. It is never shared with third parties and never used for marketing.

Legal basis: Explicit consent (GDPR Art. 9(2)(a)). You may withdraw consent at any time by contacting info@immortalme.com.

Consultation Session Data

Notes from educational consultation sessions may be retained for up to 12 months to support continuity. These notes are accessible only to Dr. Naerbo and are not shared with any third party. Legal basis: Explicit consent and legitimate interest (GDPR Art. 9(2)(a) and Art. 6(1)(f)).

Communication Data

If you contact us by email or contact form, we retain the correspondence to respond to your inquiry. Legal basis: Legitimate interest (GDPR Art. 6(1)(f)).

Technical and Analytics Data

We may collect anonymised data about how the site is used (pages visited, session duration, device type) to improve the platform. This data does not identify you personally. Legal basis: Legitimate interest (GDPR Art. 6(1)(f)).

Cookies

We use essential cookies necessary for the site to function. Analytics or marketing cookies are only used with your prior consent. See our Cookie Policy for full details.

4. How We Share and Disclose Information

We do not sell, rent, trade, or share your personal data with advertisers or unrelated third parties. We share data only with the following service providers where strictly necessary, under data processing agreements that bind them to GDPR standards:

  • Stripe or Whop — payment processing
  • Email service provider — transactional emails only
  • WordPress hosting provider — website infrastructure

We do not share health or special category data with any third party under any circumstances. We also reserve the right to disclose information as needed to satisfy any law, regulation, or legal request, or to cooperate in any law enforcement investigation.

5. How Long We Keep Your Data

  • Account data: Active period plus 2 years after closure
  • Payment records: 5 years (Norwegian accounting law)
  • Health assessment data: Until you withdraw consent or request deletion
  • Consultation notes: Maximum 12 months from session date
  • Email correspondence: 2 years
  • Anonymised analytics: Up to 26 months

We retain your information for as long as necessary to fulfill the purposes described in this policy or as needed to comply with applicable legal obligations. When retention periods expire, data is securely deleted or permanently anonymised.

6. International Data Transfers

Some service providers operate outside the EEA. Where data is transferred internationally, we ensure appropriate safeguards are in place — including Standard Contractual Clauses approved by the European Commission. Special category health data is never transferred outside the EEA without your explicit consent.

7. Data Security

We implement appropriate technical and organisational security measures including encrypted password storage, HTTPS across the entire site, and restricted access to personal data. In the event of a personal data breach posing a risk to your rights and freedoms, we will notify Datatilsynet within 72 hours and notify you directly if the breach poses a high risk to you personally.

8. Your Rights Under GDPR

You have the following rights, exercisable at any time by contacting info@immortalme.com. We will respond within 30 days at no charge:

  • Right of access (Art. 15) — request a copy of your personal data
  • Right to rectification (Art. 16) — request correction of inaccurate data
  • Right to erasure (Art. 17) — request deletion of your data
  • Right to restriction (Art. 18) — request restricted processing
  • Right to data portability (Art. 20) — request your data in machine-readable format
  • Right to object (Art. 21) — object to processing based on legitimate interest
  • Right to withdraw consent (Art. 7(3)) — withdraw consent at any time
  • Right not to be subject to automated decision-making (Art. 22) — we do not use automated profiling that produces legal effects

You also have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) at datatilsynet.no | +47 22 39 69 00.

9. Children

This platform is not directed at individuals under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact info@immortalme.com and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. You should check this page periodically to ensure you are happy with any changes. We will notify active members of material changes by email at least 14 days before changes take effect. Continued use of the platform after the effective date constitutes acceptance of the revised policy.

11. Contact the Data Controller

Dr. Dori Naerbo, PhD
Immortal Me+
Sirevåg, Norway
Email: info@immortalme.com
Website: immortalme.com

Supervisory Authority: Norwegian Data Protection Authority (Datatilsynet)
datatilsynet.no | +47 22 39 69 00