Scope of this Privacy Statement

Nordblade, a prominent IT infrastructure provider, places a strong emphasis on safeguarding your privacy. This Privacy Statement pertains to the collection of personal data by Nordblade through its official website and any other websites owned and operated by Nordblade, which feature a direct link to this Privacy Statement. It's important to note that for certain websites managed by Nordblade affiliates, the affiliate may serve as the data controller for information collected on those websites. Additionally, this Privacy Statement may not apply to open-source project websites sponsored by Nordblade, as these may have their own distinct privacy statements. In specific cases, this Privacy Statement is relevant when Nordblade provides digital communications, paper forms, or in-person interactions that include a link to this Privacy Statement.

Please be aware that co-branded websites, where Nordblade collaborates with business partners to present content jointly, may be governed by distinct privacy statements. For details on the privacy practices applicable to these websites, please consult the respective privacy statement.

Nordblade's commitments regarding personal data, including data held on behalf of customers using Nordblade's cloud services, are established within our customer agreements. These commitments are distinct from the provisions of this Privacy Statement.

In the context of this Privacy Statement, "personal data" encompasses any information related to, capable of being linked to, describing, or potentially identifiable as an individual (referred to as a 'data subject'). An identifiable individual is someone who can be directly or indirectly identified, particularly through identifiers such as a name, identification number, location data, online identifier, or one or more factors related to the physical, physiological, genetic, mental, economic, cultural, or social identity of that individual.

The Categories of Personal Data We Collect

In accordance with applicable law, the categories and types of personal data collected directly from you by Nordblade may encompass, but are not limited to:

1. Contact information, including identifiers: Information used for communication and identity verification, such as first and last name, job title, company name, email address, telephone number, and postal address.
2. Account and commercial information: Information linked to your account, including account number, username/user ID, password, payment details, purchase records, product or service usage data, participation in events, language preferences, credit and billing status, and support inquiries.
3. Professional or employment-related information: Information from job applications or inquiries, such as resumes, cover letters, age, education, professional history, and contact details.
4. Internet or similar network activity: Data collected during website visits, including IP address, browsing history, website interaction information, browser type and language, operating system, location, date, and time.
5. Location information: Details regarding your physical location, whether provided through postal address or inferred from your IP address during website visits.
6. Inferences: Derived information based on the personal data collected, such as topics of interest inferred from website visit patterns or product preferences inferred from purchase records.

Nordblade generally refrains from collecting sensitive personal data, which includes information about religious or philosophical beliefs, racial or ethnic origin, health or medical information (except for accommodating event requests), genetic or biometric data, bank account details (except for order processing), or similar sensitive personal data as defined by applicable law. If Nordblade has a legitimate need to collect sensitive personal data from you, we will seek your consent, as required by applicable law. For residents of California, please consult the California Supplemental Privacy Statement for disclosures related to sensitive personal information.

How We Collect Personal Data (Data Sources)

Nordblade gathers personal data directly from you and various other sources, as elaborated below. The personal data categories collected directly from you by Nordblade encompass all those identified in the "The Categories of Personal Data We Collect" section above. Nordblade collects personal data directly from you when you engage with us through our websites, including but not limited to when you:

• Create a user account (individual or corporate)
• Make online purchases or register products
• Request support
• Register for or participate in classes, exams, certifications, training sessions, webcasts, or other events
• Request information or materials (e.g., whitepapers)
• Participate in surveys or evaluations
• Engage in promotions, contests, or giveaways
• Apply for employment
• Submit questions or comments
• Contribute content or posts on our customer portal pages or other interactive webpages

Personal data collected online may also be combined with information provided offline through channels such as call centers, interviews, or participation in Nordblade events.

Additionally, Nordblade may collect information indirectly from you related to your website usage and email interactions through various technologies. This information falls into the categories of Internet or similar network activity and inferences. The purpose of collecting information in this manner is to analyze the effectiveness of our websites and email campaigns, personalize your experience, and enhance our interactions with you. For further details on the technologies employed for these purposes, please see the "Cookies and Other Technology" section below.

Nordblade may also supplement the personal data collected from you with additional information received from third parties, such as your employer, our customers, and our business partners in cases where you purchase Nordblade products or services through these partners. This supplementary information may pertain to account and commercial details as well as professional or employment-related information. The aim of this practice is to improve the overall accuracy and completeness of information and better tailor our interactions with you.

On occasion, we may collect contact information through alternative sources, such as list vendors. When doing so, we ensure that the information was legally obtained by the third party and that we have the right to acquire and use it.

How We Use (Process) Your Personal Data

Nordblade may employ the personal data we gather about you for the following purposes:

1. Identify and Authenticate You: We utilize your personal data to verify your identity when accessing our services and ensure the security of your information, including the creation of an associated account.
2. Fulfill Your Requests: When you request products, services, callbacks, newsletter subscriptions, or specific marketing materials, we use the personal data you provide to respond to your requests. We may also contact you for customer satisfaction surveys or market research, obtaining your consent as required by applicable law before sending marketing messages.
3. Provide Information About Our Offerings: Nordblade may use your personal data to inform you about product and service offerings, as well as events we believe may interest you. Additionally, we use this data to respond to your requests for information, including newsletter registrations and specific queries.
4. Provide Support and Customer Service: Your personal data assists us in delivering support for products or services you've acquired from us and addressing other inquiries. While providing technical support, we may occasionally access data you've provided to us or data on your systems. Please note that such data is governed by the applicable agreement between you and Nordblade.
5. Process Your Job Application: When you apply for a position at Nordblade, we use your provided personal data to evaluate your application, consider you for future roles, and perform human resources functions in accordance with applicable law. Your data may be disclosed to internal HR professionals and relevant business functions participating in the application and interview process.
6. Enhance the Website Experience: When you use our websites or interact with our emails, we utilize your personal data to improve and customize your website experience. This includes delivering relevant content and product and service offerings, as well as optimizing our websites based on your interests and interactions. This data also aids in our efforts to improve website functionality and user experience.

If you are located in the People’s Republic of China (PRC, excluding Hong Kong, Macau, and Taiwan), please note that Nordblade may collect and process the information necessary for entering into or performing a contract without requiring your express consent. Your provision of information to Nordblade in such cases is considered implied consent.

We will not utilize your personal data in a manner inconsistent with the original purpose of its collection unless we provide you with additional notice and obtain your consent.

Nordblade retains your personal data for the duration necessary to fulfill the purposes for which it was processed or for other valid reasons, such as compliance with legal and regulatory obligations, dispute resolution, agreement enforcement, and the establishment, exercise, or defense of legal claims.

How We Disclose Your Personal Data

Nordblade discloses personal data for various business purposes, as follows:

• Business Partners and Service Providers: Nordblade may disclose personal data to business partners and service providers to support our operations, including order fulfillment, request follow-ups, support provision, and sales, marketing, and communication initiatives. These entities include distributors, resellers, payment processors, financial service providers, shipping companies, postal or government authorities, market intelligence and consulting service providers, and information technology service providers. Contracts with these partners and providers require them to maintain confidentiality and security of the data received from Nordblade and restrict its use to the intended purpose.
• Legal and Law Enforcement Obligations: Nordblade may disclose personal data as required by law or legal processes, including responding to authorized requests from law enforcement or public authorities (such as for national security or law enforcement needs), enforcing or safeguarding Nordblade's rights, or preventing physical harm or financial loss in accordance with applicable law. Such disclosures may occur in categories like contact information, account and commercial details, professional or employment-related information, internet or similar network activity, location information, and inferences.
• Business Transactions: In the context of business transactions involving all or part of Nordblade, such as mergers, acquisitions, consolidations, or divestitures, Nordblade may disclose personal data. Such transactions may involve disclosure to prospective or actual buyers or sellers. Nordblade follows practices to ensure appropriate protection of information in these transactions and will inform you of the recipient's name and contact information for any inquiries regarding the use of your personal data.
• Affiliates and Subsidiaries: Nordblade may disclose personal data to its affiliates and subsidiaries, including its parent company, Crident (Corporation), Inc. "Crident", for the business purposes described earlier. Data may also be transferred to countries where Nordblade and Crident conduct business in alignment with the "Data transfers and Data Privacy Frameworks" section of this Privacy Statement.

We do not engage in the sale of personal data as commonly understood. However, under certain Data Protection Laws, a "sale" may encompass the disclosure of personal data to a third party in exchange for monetary or valuable consideration. When using Nordblade websites, authorized partners of Nordblade, such as advertising networks, data analytics providers, social networks, and advertising partners, may collect cookies and similar technology. They may employ this data, including information on your internet or similar network activity, for their own purposes, such as enhancing their services. Such activities may qualify as a "sale" under applicable Data Protection Laws. You can exercise choices to allow or prevent these uses; for details, see the "Cookies and Other Technology" section below. California residents can refer to the California Supplemental Privacy Statement for additional information.

Cookies and Other Technology

When you visit our websites, Nordblade may automatically collect information such as your IP address, browsing history, interactions with the website, browser type and language, operating system, location, date, and time—referred to as Internet or similar network activity in the categories outlined earlier. Additionally, we may employ cookies to gather data as you navigate our websites. Cookies are small pieces of data sent from a web server to your device, where they are stored. These cookies may be placed by Nordblade or authorized third parties. Our use of cookies encompasses both session-based and persistent cookies. Session-based cookies are active for a single session and disappear when you close your browser or turn off your device, while persistent cookies persist after browser closure or device shutdown.

Nordblade categorizes cookies on our websites into three groups:

• Required Cookies: These cookies are essential to enable basic website features to function properly. They aid in maintaining and improving website security and safety, authenticating account users, granting access to private accounts, enabling single-login access to different parts of our websites, managing website traffic, and remembering items in your shopping cart. Required cookies are not used for marketing purposes.
• Functional Cookies: Functional cookies facilitate the analysis of your website usage to evaluate and enhance our performance. Nordblade uses them to improve your web browsing experience, gain insight into your interests and preferences related to our websites, business, products, and services, and provide personalized content. Functional cookies may remember your language and site preferences, invite you to participate in surveys or evaluations, keep you logged in, assist with support services, retain login information, and pre-fill forms you've previously completed. Additionally, these cookies collect data on your website usage, including visited pages and error tracking. Their purpose is to help us enhance website functionality, understand user interests, and gauge website quality and the effectiveness of our online advertising.
• Advertising Cookies: Advertising cookies are employed to display more relevant ads to you. We may share this information with advertisers or use it to better understand your interests. For example, advertising cookies may facilitate data disclosure to advertisers to tailor ads to your preferences (e.g., targeted ads). We may also utilize remarketing technology for advertising on other websites you visit, wherein a third party may place or read an ad-serving cookie on your device to serve advertisements based on your technical information and activity on a Nordblade website.

If you prefer to avoid the storage of information through cookies, you can manage your cookie preferences using tools and options provided by your web browser or Nordblade. Browser configurations can be adjusted to reject cookies, prompt you for acceptance, or manage cookies on a per-site basis. Documentation for your browser typically contains instructions on enabling, disabling, or deleting cookies (usually found within the "Help," "Tools," or "Edit" sections). If a cookie manager is implemented on the website you're visiting, it will be displayed during your visit (e.g., click "Cookie Preferences" or a similar link at the bottom of the website). The cookie manager allows you to set your preferences and view a list of cookies used on the Nordblade website. It also provides information on specific cookies and their classifications (Required, Functional, or Advertising). Whether you utilize the cookie manager or manage cookies at the browser level, please be aware that Required cookies remain active and cannot be turned off. Additionally, choosing to reject cookies may reduce website performance and functionality.

Nordblade also employs web beacons, either alone or in conjunction with cookies, to compile information about website usage and interactions with emails from Nordblade (e.g., open rates and click-through rates). Web beacons are transparent electronic images capable of recognizing specific types of information on your device, such as cookies. They convey details like which website you visited associated with the web beacon and a description of that website. For instance, Nordblade may embed web beacons in marketing emails to monitor when you click on links leading to our websites. These web beacons support the operation and enhancement of our websites and email communications.

Your Rights and Choices

In accordance with the laws of certain countries, you may have certain rights and choices regarding the personal data we collect and maintain about you, and how we communicate with you.

Where the EU General Data Protection Regulation 2016/679 (“GDPR”), the Brazilian General Data Protection Law (“LGPD”), the California Consumer Privacy Act of 2018 (“CCPA”) (as amended by the California Privacy Rights Act of 2020 (“CPRA”)), the Colorado Privacy Act (“CPA”), the Connecticut Public Act No. 22-25 (the Connecticut Data Privacy Act or “CTDPA”), the Personal Information Protection Law (“PIPL”) of the PRC, the Virginia Consumer Data Protection Act (“VCDPA”) or similar legal requirements apply to the processing of your personal data (collectively, “Data Protection Laws”), especially when you access the website from a country in the European Economic Area (“EEA”), Brazil, the PRC or as a consumer in a U.S. state or in a jurisdiction with similar legal protections, you have the following rights, subject to some limitations, against the respective Nordblade Company responsible for the website you are using:

• The right to request information about our use of your personal data (e.g., the pieces and categories of personal data we have; the categories of sources, purposes for collection, the third parties to whom we have disclosed personal data, and personal data we have disclosed).
• The right to review and access your personal data.
• The right to rectify (correct, update, or modify) the personal data we hold about you.
• The right to erase (e.g., delete), de-identify, anonymize, or block your personal data.
• The right to restrict our use of your personal data.
• The right to object to our use of, or certain types of disclosures of, your personal data.
• The right to request the transfer of your personal data we hold about you to a third party.
• The right to receive your personal data in a usable format and transmit it to a third party (also known as the right of data portability); and
• The right to lodge a complaint with your local data protection authority.

If you would like to exercise any of these rights, you may do so via our Personal Data Request Form. For U.S. consumers, you may also submit requests by emailing Nordblade. Where the applicable Data Protection Laws provide a right to appeal, and we inform you that we are unable to take action in response to your request to exercise your rights, you may appeal our decision within a reasonable period of time following our decision. To submit your appeal, please do so by selecting "Other" via our Personal Data Request Form or by emailing [email protected].

Where the applicable Data Protection Laws apply, you also have the right to withdraw any consent you have given to uses of your personal data. If you wish to withdraw consent that you have previously provided to us, you may do so via our Feedback Form. However, the withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

Where the applicable Data Protection Laws do not apply, Nordblade grants you the ability to access, modify, or update some of your personal data online at any time. You may log in and make changes to your information, such as your password, your contact information, your general preferences, and your personalization settings. If necessary, you may also contact us via our Feedback Form and describe the changes you want made to the information you have previously provided. However, note that changing or deleting information necessary for Nordblade to assist with support, services, and purchases may result in a delay or interruption in processing your requests.

You will be given an opportunity to tell us whether you would like to receive information, special offers, and promotional materials by email from Nordblade or our business partners when you create a nordblade.com account, when you register for a service, when you provide us with your personal data, or when we send you a marketing email. Where required by applicable law, we will obtain adequate consent to provide you with these marketing materials. You also have the ability to opt out of receiving marketing emails from Nordblade at any time without cost by clicking on the relevant link contained in our marketing emails or by contacting us via our Feedback Form. You can also exercise your rights and choices by contacting us as described below under “How to contact us.”

When you exercise your privacy rights, such as those conferred by the applicable Data Protection Laws, you have a right not to receive discriminatory treatment by Nordblade for the exercise of such privacy rights.

Verification

Before responding to a request for information about your personal data, we must verify the request. Verification is important to protect your information and to help confirm that we are responding to a valid request and providing the response to the correct individual. To verify the request we initially ask for at least two (2) or three (3) identifiers, such as name, email address, and location. If we have a need to request additional identifiers to reasonably verify your identity, we will contact you and request additional verification. The information we ask to verify your identity may depend on your relationship with us.

When you exercise your privacy rights under the applicable Data Protection Laws, you can designate an authorized agent or representative to make a request on your behalf by providing the authorized agent with written permission to do so and verifying your identity with us as part of the request, or by providing the authorized agent with Power of Attorney pursuant to applicable law (e.g., the California Probate code). We will ask the individual submitting the request to denote that they are an authorized agent or representative. When submitted by an authorized agent or representative, we ask the authorized agent or representative to provide name, email address, and a description of the relationship with the individual who is the subject of the request and to certify that the representative has permission to submit the request, and may request proof of the consumer’s written permission.

Security

Nordblade intends to protect your personal data. We have implemented appropriate physical, administrative, and technical safeguards to help us protect your personal data from unauthorized access, use, and disclosure. For example, we encrypt certain personal data such as payment information when we transmit such information over the Internet. We also require that our business partners and service providers protect such information from unauthorized access, use, and disclosure.

Social Media, Public Forums, and Links to Other Websites

Nordblade may provide social media features that enable you to share information with your social networks and interact with Nordblade on various social media websites. Your use of these features may result in the collection or sharing of information about you, depending on the feature. We encourage you to review the privacy policies and settings on the social media websites with which you interact to make sure you understand the information that may be collected, used, and shared by those websites.

Our websites may make chat rooms, forums, blogs, message boards, and/or news groups available to its users. Remember that your comments and posts become publicly available, and we urge you to exercise discretion when submitting such content.

Our websites may contain links to other websites. Nordblade does not control and is not responsible for the information collected by websites that can be reached through links from our websites. If you have questions about

Children's Online Privacy

Nordblade’s products and services are not directed to children, and Nordblade does not knowingly collect online personal data from children under the age of 16. If you are a parent or guardian of a minor under the age of 16 and believe that he or she has disclosed personal data to us, please contact us via our Feedback Form or as described below under “How to contact us.” Nordblade will ensure their personal data is properly processed and disposed of with the consent of their parent or guardian.

Data Transfers and Data Privacy Frameworks

Nordblade is a global organization, with legal entities, business processes, and technical systems that operate across borders. Nordblade may transfer your personal data to other Nordblade entities in the United States and elsewhere. The United States and other countries may not have the same data protection laws as the country from which you initially provided the information.

Where required by applicable law, we have put in place appropriate safeguards (such as standard contractual clauses approved by the European Commission) in accordance with applicable legal requirements to ensure that your data is adequately protected. When transferring your personal data internationally, Nordblade will protect your personal data as provided in this Privacy Statement and comply with applicable legal requirements as may be in effect from time to time. If you wish to obtain a copy of the relevant safeguards that are in place to protect the international transfer of your personal data, please contact us as described below under “How to contact us.”

If you are located in the European Economic Area (“EEA”), the United Kingdom, or Switzerland, Nordblade, Inc. have certified to the EU-U.S. and Swiss-U.S. Data Privacy Frameworks for the transfer of personal data from the EEA and Switzerland, as well as the UK Extension for the transfer of personal data from the United Kingdom, to the United States, as described further in our Data Privacy Framework Notice. To learn more about the EU-U.S. and Swiss-U.S. Data Privacy Frameworks and the UK Extension, please visit www.dataprivacyframework.gov/s/. To view our certification, please visit www.dataprivacyframework.gov/s/participant-search.

Changes to this Privacy Statement

Nordblade reserves the right to make corrections, changes, or amendments to this Privacy Statement at any time. The revised Privacy Statement will be posted on this website. A notice will be posted on our homepage for 30 days whenever this Privacy Statement is changed in a material way, and the date of last update will be indicated at the top of the Privacy Statement. If you do not refuse the changes in writing within that notice period and you continue to use our websites, we consider that you have read and understand the Privacy Statement as changed, including with respect to personal data provided to us prior to the changes in the Privacy Statement. We encourage you to periodically review this Privacy Statement for any changes or updates. If you would like information related to the previous version of this Privacy Statement and/or a copy of the previous version, please contact us as described below under “How to contact us.”

EEA Data Protection Authority

If you are a resident of the European Economic Area and wish to raise a concern about our use of your personal data, you may direct questions or complaints to the UK Data Protection Commissioner, which is Nordblade’s lead supervisory authority, at:

• UK Data Protection Commissioner
• Office of the Data Protection Commissioner
• [email protected]

Alternatively, you may contact your local supervisory authority.

How to contact us

We provided this information above in the “Your rights and choices” section, but remember that if you would like to exercise any of your privacy rights, you may do so via our Personal Data Request Form. For California consumers, you may also submit requests or access the information provided in this Privacy Statement in an alternative format by email Nordblade at [email protected]

If you have any questions about Nordblade’s privacy practices or use of your personal data, please feel free to contact us at [email protected], via our Feedback Form, or by mail at:

• Nordblade, LLC.
• Delaware
• United States

Nordblade Representative Contact Information in the European Economic Area:

• Nordblade Limited
• 21a Molesworth Street
• Cornwall
• United Kingdom

For a PDF version of the Privacy Statement, please click here.