Version 2026-07-07. This policy covers the data handled when you donate. It is separate from the site's general Privacy Policy.
The data controller for donation data is Kjern, a Norwegian sole proprietorship (enkeltpersonforetak) that runs Messages Never Seen. Contact: contact@messagesneverseen.com.
When you donate, we handle:
Card details go directly to Stripe and never reach our servers. Stripe processes them under its own privacy policy at stripe.com/privacy.
If you donate, we set a cookie and a local storage entry on your browser with the email and display name you used, so the form is pre-filled next time. They exist only on your device, are not used for tracking, and you can clear them in your browser at any time.
Transaction records (amount, currency, time, payment reference) are kept for at least five years because Norwegian bookkeeping law requires it. Your listing on the supporters page stays until you ask to be removed. If you ask us to delete your data, we delete or anonymise everything that is not covered by the legal retention duty.
Stripe, to process the payment. The Norwegian tax authorities, to the extent reporting duties require it. Nobody else. We never sell or rent donor data.
Under the GDPR you can ask for access, correction, deletion, restriction, or a copy of your data, and you can withdraw consent to the supporters listing at any time. Email contact@messagesneverseen.com and we will handle it. You also have the right to complain to the Norwegian Data Protection Authority (Datatilsynet).
If this policy changes in a way that matters, the version date at the top changes. The version you agreed to is recorded with your donation.