Last Revision: 8 Jan 2023

Nordblade is committed to protecting the privacy of all of our users and customers. This privacy policy applies to all of the services offered by Nordblade and its affiliates and explains how we collect, use, and share information about you when you use our services.

3. There are several purposes for which the company may use personal information and data, including:

(i). Enforcing contractual binding and protecting the interests of both parties, enforcing any agreements made, obtaining consent for this privacy policy and other related agreements, and complying with applicable laws.

(ii). Identifying and verifying customers on the website, including when they log in or sign up for the site or services, and ensuring the functionality and security of the website and services.

(iii). Publicizing reviews of the services on the website, which may include the customer's name and requires separate written consent beyond that provided in this privacy policy.

(iv). Managing customer accounts, including maintaining and updating account functionality.

(v). Contacting customers or responding to inquiries made through their account information. This may include using the provided information to contact customers in the event of updates or changes to the company's services.

(vi). Fulfilling, managing, and tracking orders for the company's services. The company uses collected information to assign services and send orders to the correct customers.

(vii). Providing customer support assistance, including through the company's ticket and live chat systems, which require customer information to identify and assist customers with their issues as quickly as possible.

(viii). Sending and receiving feedback and responses to marketing materials such as marketing emails, which customers may opt out of by using the "unsubscribe" button in the emails.

4. Overall, the company uses customer data for a variety of purposes, including to provide and improve its services, communicate with customers, and protect the security and integrity of its website and services. The company takes steps to ensure that the personal information it collects and uses is handled in a manner that is consistent with applicable laws and regulations and respects the privacy rights of its customers.

5. The company may collect and share personal information and data for a variety of reasons, including to comply with legal requirements, ensure the functionality and security of its services, and protect its legitimate interests. When transferring personal information and data to authorized parties, the company relies on the European Commission's Standard Contractual Clauses to ensure that the information is handled in a manner that is compliant with applicable laws and regulations.

6. The company may collect and share personal information based on the following legal bases:

(i). Your consent: The data is processed based on the customer's consent, which may be obtained through the formation of a commercial relationship governed by this privacy policy or other explicit consent provided by the customer.

(ii). Legal requirement: If required by law, the company may share personal information with authorized organizations.

(iii). Mergers and acquisitions: If the company enters into or negotiates a merger, large investment, partial sale, or acquisition that involves the transfer or change in management control of its services, it may share personal information with the relevant party in order to continue providing the services.

(iv). Best interests: If it is in the company's best interests and compliant with the terms of the relationship, the company may share personal information in order to investigate fraudulent or illegal activities or to pursue litigation.

(v). Third-party vendors and contractors: The company may share personal information with third-party vendors, network operators, and contracted consultants or employees in order to provide the services and features offered by the company. This may include sharing analytical data, service logs, and diagnostic information with vendors and network operators. Third parties that receive personal information are bound by confidentiality and non-disclosure agreements and may be considered "joint controllers" under the General Data Protection Regulation (GDPR), such as Article 26.

7. In addition to the circumstances outlined above, the company may also collect and share personal information and data with third parties for a variety of other purposes. For example, the company may share personal information with third parties to improve its services, provide customer support, or conduct market research. The company may also share personal information with third parties in order to comply with legal obligations, such as responding to subpoenas or court orders.

8. The company takes steps to ensure that any third parties with whom it shares personal information are bound by appropriate confidentiality and data protection obligations and that the information is only used for the purposes for which it was shared. The company also maintains records of the personal information it shares with third parties, including the types of information shared, the purpose of the sharing, and the duration of the sharing.

9. It is important to note that the company may be required to share personal information with third parties in order to provide its services or comply with legal obligations. In such cases, the company will take steps to ensure that the personal information is handled in a manner that is consistent with the requirements of applicable laws and regulations.

10. We use cookies and similar technologies, such as pixels and web beacons, to collect information about your use of our services. Cookies are small text files that are stored on your device when you visit a website. We use cookies to help us understand how users interact with our services, to personalize your experience, and to improve the performance of our services. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our services.

11. There are a number of third parties that the company may share information and data with, including payment processors, performance monitors, sales and marketing teams, authentication services, accountants and financial services, analytics tools, and other third party services not explicitly mentioned. These third parties may be involved in various aspects of the company's operations, such as processing payments, monitoring the performance of the company's website, promoting and marketing the company's products and services, verifying the identity of users, providing accounting and financial services, and analyzing data to improve the company's operations. The company takes steps to ensure that these third parties handle personal information in a responsible and secure manner, in accordance with applicable laws and regulations.

12. The company operates servers in several locations including the United Kingdom, Germany, Canada, and the United States. If you access the company's website from a location outside of these countries, it is important to be aware that your information may be transferred to, stored, and processed by the company in its facilities and by third parties with whom it may share your personal information (as described in the section titled "WILL YOUR INFORMATION BE SHARED WITH ANYONE?") in any of these countries or other countries. This means that your information may be subject to different laws and regulations regarding data protection, privacy, and security depending on the location where it is processed. The company takes steps to ensure that your information is protected and handled in accordance with applicable laws and regulations, regardless of where it is processed.

13. The company claims to comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the UK Data Protection Act 18 (DPA18) and therefore stores information for only as long as is necessary for the specific function or as required by law. In general, the company retains information from the time of sign-up until the account is terminated by the customer, if applicable. The company has implemented policies and procedures to ensure that it only stores information for the minimum amount of time required and that it is deleted or destroyed once it is no longer needed. This includes regularly reviewing the data it holds and determining whether it is still necessary to retain it or if it can be safely disposed of. The company is committed to complying with all relevant data protection laws and regulations and takes steps to ensure that it handles personal information in a responsible and secure manner.

14. The company has legally binding restrictions in place for employees and contractors to ensure that access and processing of the information is restricted and secure. The information is stored in encrypted databases located at any of the company's listed service locations. The company takes measures to ensure that the information is kept safe and secure at all times, including implementing strong encryption and storing the data in secure locations. The company also requires its employees and contractors to adhere to strict confidentiality agreements to protect the privacy of the information. These measures are in place to safeguard the information and ensure that it is only accessed and used in accordance with the company's policies and procedures.

15. Nordblade is committed to protecting the privacy of its customers. This includes respecting the privacy rights of customers based on their legal residence. Even if a customer's country of residence does not have data protection legislation, Nordblade promises to uphold their right to privacy.

16. Customers who are residents of the European Economic Area (EEA) are protected under the General Data Protection Regulation (GDPR). Chapter 3, Articles 12 through 23 of the GDPR outline the rights of EEA customers, also known as "data subjects," in relation to their personal information. These rights include:

(i). The right of access (Article 15): Customers have the right to obtain from Nordblade any information about their personal data that is being processed, as well as access to that data.

(ii). The right to rectification (Article 16): Customers have the right to request the correction of any inaccurate or incomplete personal information that Nordblade has about them.

(iii). The right to erasure (Article 17): Customers have the right to request that Nordblade delete their personal data, subject to certain restrictions. This right is also known as the "right to be forgotten.

(iv). The right to restriction of processing (Article 18): Customers have the right to request that Nordblade restrict the processing of their personal information in certain cases.

17. Customers who are residents of California in the United States are protected under the Californian Consumer Privacy Act (CCPA). The CCPA prohibits the sharing or selling of personal information of California residents without their consent.

18. Customers who are residents of the United Kingdom are protected under the Data Protection Act of 2018. This legislation is similar to the GDPR and applies to the processing of personal data of UK citizens. Customers can find more information about the Data Protection Act of 2018 on the UK government's website at https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted.

19. If customers have any questions or concerns about their privacy rights, they can contact Nordblade's Data Protection Officer at [email protected]. The Data Protection Officer is responsible for overseeing Nordblade's compliance with data protection laws and regulations and can assist customers with any issues they may have.

20. The Children’s Online Privacy Protection Act (COPPA) is a legislation enforced by the Federal Trade Commission of the United States that applies to any commercial entity that engages with U.S. citizens, regardless of where the business is located. Nordblade LTD, a business based in the United Kingdom, engages with U.S. resident customers and therefore must comply with COPPA. This means that Nordblade restricts purchases, does not collect or process data, and does not engage in any business-related activities with individuals under the age of 13.

21. Before a visitor to Nordblade's website (referred to as the "visitor") establishes a commercial relationship with the company, the visitor must agree to the company's Terms of Service and this privacy policy, which gives Nordblade the assumption by trust that the visitor is at least 13 years old. However, Nordblade reserves the right to intervene with the visitor's use of the site and prohibit access in cases where there is suspected violation of COPPA. The company may also erase any data that has been collected or processed in such cases.

22. Third parties may report any suspected violations of COPPA by visitors to Nordblade's compliance department or Data Protection Officer at [email protected]. or [email protected]. Adolescents between the ages of 13 and 17 must obtain the permission of a legal guardian to form a contractually binding relationship with the company. Please see Section 6-8 of the Terms of Service for more information.

23. The Data Protection Officer of Nordblade Ltd can be contacted at [email protected] for private and confidential conversations regarding data protection regulations. When making a request to the Data Protection Officer, the customer may be required to provide personally identifiable information such as passport details and proof of residence in order to confirm their identity. This information will only be used for the duration of the conversation and will not be stored or shared with any other parties.

24. To request the implementation of any data protection legislative articles, the customer should send an email to the Data Protection Officer at [email protected] from the same email address associated with their account, if available. If it is not possible to send the email from the associated account, the customer may send it from another email address or authorize a family member or agent to do so on their behalf. The email should include personally identifiable and verifiable information such as a passport or driver's license and a photo of the customer holding the form of identification.

25. The company reserves the right to make changes and updates to this privacy policy at any time, without prior notice, by publishing the revised version on its website. When the company makes changes to the policy, it will update the "Last Revision" line to reflect the date of the latest version. It is the responsibility of users to review the privacy policy regularly to stay informed about the company's collection, use, and sharing of personal information and data. The company encourages users to check the "Last Revision" date on the policy to ensure they are aware of any updates that may have been made. By continuing to use the company's services after any changes have been made to the privacy policy, users signify their acceptance of the revised policy.