Home

Privacy Policy

Last updated: March 2026

1. Introduction

The Three Fifty (“the Club,” “we,” “our”) is committed to protecting the privacy of our members and visitors. This policy explains how we collect, use, and safeguard your personal data in accordance with the Norwegian Personal Data Act and the General Data Protection Regulation (GDPR).

2. Data We Collect

We may collect the following types of personal data:

  • Name, email address, and phone number
  • Membership tier and account information
  • Payment and billing details (processed by Stripe)
  • Order and booking history
  • Wine preferences and dietary restrictions you provide
  • Application information for Black membership
  • Usage data and cookies from our website

3. How We Use Your Data

We use your personal data to:

  • Create and manage your membership account
  • Process payments and wine orders
  • Manage bookings and event registrations
  • Send transactional emails (confirmations, receipts)
  • Personalise your experience and recommendations
  • Review Black membership applications
  • Improve our services and member experience

4. Legal Basis for Processing

We process your data based on: (a) your consent, (b) the necessity of performing our contract with you (your membership), (c) our legitimate business interests, and (d) compliance with legal obligations.

5. Data Sharing

We do not sell your personal data. We share data only with trusted third-party providers necessary to operate our services:

  • Stripe (payment processing)
  • Supabase (authentication and data storage)
  • Resend or Postmark (transactional email delivery)
  • Vercel (website hosting)
  • Mixpanel (product analytics, only after analytics consent)

Each provider is contractually obligated to protect your data and use it only for the purposes we specify.

6. Data Retention

We retain your personal data for as long as your membership is active and for a reasonable period thereafter for legal and accounting purposes. Payment records are retained as required by Norwegian law. You may request deletion of your account data at any time.

7. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Restrict or object to certain processing
  • Receive your data in a portable format
  • Withdraw consent at any time

To exercise any of these rights, please contact us at the address below.

8. Cookies

Our website uses essential cookies required for authentication and session management. We do not use third-party advertising cookies. Analytics tracking is optional and is only enabled after you accept analytics consent. If accepted, we use Mixpanel to understand site usage, membership flows, bookings, and wine-order activity.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. All data in transit is encrypted using TLS. Payment information is handled entirely by Stripe and never stored on our servers.

10. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated to members via email. The latest version will always be available on this page.

Contact

For privacy-related inquiries, contact us at privacy@thethreefifty.com.

You may also lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) if you believe your rights have been violated.

We use analytics to understand how members use The Three Fifty.