Privacy Policy

Data Controller

Cookies and tracking mechanisms

Cookies are small text files that are downloaded and stored on your device when you visit our website. We use the following types of cookies:

• Necessary cookies: These are essential for the website to function, and are processed based on legitimate interest (GDPR Article 6(1)(f)).
• Preference, statistics and functional cookies: These help us customize and improve the user experience, but require active and explicit consent (GDPR Article 6(1)(a)).

We use cookies and similar technologies that we have implemented and configured in our own technical infrastructure to ensure website functionality, performance and optimization of the user experience. These cookies are managed directly by our systems and may include:

• Session management to maintain user authentication and preferences
• Analytics cookies to understand how visitors interact with our website
• Functional cookies to remember user settings and preferences
• Performance cookies to optimize loading and functionality

For detailed information about the specific cookies we use, their purposes and storage periods, please contact us via the information in this privacy policy. You can manage your cookie preferences through your browser settings or through any consent tools we offer on the website.

Email inquiries

When you contact us via email (for example through the addresses provided on the website), we will process the information you send to respond to your inquiry and possibly carry out or prepare a contractual relationship.

• Data collected: Name, email address, phone number and any other information you provide.
• Purpose: Processing your inquiry, customer follow-up and fulfillment of contractual obligations.
• Legal basis: GDPR Article 6(1)(b) (performance of contract, if the inquiry is related to a contractual relationship) or 6(1)(f) (legitimate interest in maintaining communication).
• Retention periods: Information is retained for as long as necessary to fulfill the stated purposes or in accordance with applicable legal requirements.

Website log files and security logs

We maintain server-stored log files to ensure the operation and security of our website and services. These logs differ from cookies and are generated automatically by our systems:

• Content: Log files may contain IP addresses, browser type, timestamps, pages visited, referral information and other technical information necessary for system operation and security monitoring.
• Purpose: Security monitoring, troubleshooting, performance optimization, fraud prevention and ensuring service availability.
• Legal basis: Processing is based on our legitimate interest (GDPR Article 6(1)(f)) in maintaining secure and reliable services.
• Retention period: Log files are stored for a maximum of 3 months for necessary security and operational purposes, after which they are automatically deleted.
• Server location: Our infrastructure is hosted on secure servers within the EU/EEA to ensure compliance with GDPR and other applicable data protection standards. We use reliable hosting providers bound by data processing agreements in accordance with GDPR requirements.

These log files are essential for:

• Detecting and preventing security threats and unauthorized access attempts
• Monitoring system performance and identifying technical issues
• Ensuring compliance with our terms
• Fulfilling legal obligations for security and data protection

Log file data is processed automatically and is not used for marketing purposes. Access to log files is limited to authorized technical personnel who need this information for legitimate operational and security purposes.

Third-party data processing

Certain services we use may involve processing of your data by third-party providers. We ensure that all such providers are bound by data processing agreements in accordance with GDPR requirements:

• Hosting and infrastructure providers: Our services are hosted on secure servers within the EU/EEA using reliable third-party hosting providers. These providers are subject to strict security measures and contractual guarantees to ensure GDPR compliance and data protection standards.
• Email communication: Our email communication may be processed via third-party email service providers. We ensure that these providers meet GDPR requirements, and any data transfers are secured in accordance with applicable regulations.
• Analytics and performance monitoring: We may use third-party services for website analytics and performance monitoring. These services are configured to respect user privacy and comply with data protection requirements.

All third-party processors are carefully selected and contractually obligated to:

• Only process data for the specific purposes we authorize
• Implement appropriate technical and organizational security measures
• Comply with GDPR and other applicable data protection laws
• Provide adequate safeguards for any data transfers outside the EU/EEA

You have the right to request information about our third-party processors and the security measures in place to protect your data.

Security and storage

We implement technical and organizational measures to protect your personal data against unauthorized access, alteration or loss. Data is stored for a limited period necessary for the purposes for which it was collected, or in accordance with statutory requirements.

Your rights

You have the right to:

• Access the information we hold about you.
• Have incorrect information corrected.
• Request that we delete your personal data (with the exception of data we are legally required to retain).
• Request restriction of processing of your data.
• Object to the processing of your data, particularly regarding direct marketing.
• Request data portability, meaning you can receive your data in a structured, machine-readable format.
• Withdraw consent where processing is based on consent, without affecting the lawfulness of processing before the withdrawal.

For questions or to exercise your rights, please contact us at stefan@nordicai.net. You also have the right to file a complaint with the Norwegian Data Protection Authority if you believe your rights are not being upheld.

Changes to this policy

We reserve the right to change this policy as needed. Significant changes will be published on this page with an updated date, and if necessary, you will be notified directly.

Contact us

If you have questions about this privacy policy or our data processing practices, please get in touch: