Privacy Policy for Norde
Effective Date: 27th Day of November 2024
This Privacy Policy outlines how Norde (“we,” “our,” or “us”), a joint product of Khay Digital Ltd (Mauritius) and Kartel Labs Ltd (UK), collects, processes, uses, and secures your information. By using our services, you agree to the terms of this Privacy Policy, which complies with the Mauritius Data Protection Act 2017, the General Data Protection Regulation (GDPR), and other relevant laws.
Scope and Application
This Privacy Policy governs the following:
- Main Site (https://norde.co): A platform for product information and support resources.
- Main App (https://hub.norde.co): The operational hub for account registration, payments, and access to business management tools.
Roles and Responsibilities
- Data Controller:
- Khay Digital Ltd (Mauritius): Oversees data collection and management for account-related services and operational tools.
- Kartel Labs Ltd (UK): Manages payment-related data processed through Stripe.
- Data Processor:
- Utilizes third-party services, including Stripe and floating servers, to handle and secure data.
Legal Basis for Processing
We process personal data under the following lawful grounds:
- Performance of Contract: To deliver our services as per your agreement with us.
- Legal Obligations: Compliance with applicable laws in Mauritius, the UK, and international jurisdictions.
- Legitimate Interests: Improving services, marketing, and ensuring data security.
- Consent: For marketing communications and non-essential cookies (with opt-out options).
Data Collection
- Personal Data: Names and email addresses for newsletters and support inquiries.
- Cookies: Google Analytics, Meta Pixel, and LinkedIn Pixel for performance and marketing. Users may manage preferences through the cookie consent form.
- User Information: Personal data such as name, email, and login credentials.
- Business Data: Company details provided during account setup.
- Payment Data: Handled securely via Stripe.
- Usage Data: Logs and activity metrics for service improvement.
Use of Collected Data
- To enable core services, including account creation, subscription management, and tool access.
- To enhance and customize user experiences.
- To ensure compliance with legal and regulatory obligations.
- To conduct marketing and analytics (based on user consent).
Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Monitor site performance and user interactions.
- Deliver tailored marketing through Google Analytics, Meta Pixel, and LinkedIn Pixel.
- Allow users to control preferences via the cookie consent form.
Data Retention
- Main Site: Data is retained for 60 days.
- Main App: Data is retained for active users and for 200 days post-cancellation to facilitate potential reactivation.
- Anonymization/Deletion: Data no longer required for business purposes is anonymized or securely deleted.
Data Security
We implement robust security measures, including:
- Encrypted transmission and storage of data.
- Two-factor authentication for user accounts.
- Distributed floating servers to protect against single-point failures and cyberattacks.
Cross-Border Data Transfers
Data may be transferred and processed on servers located in France, Germany, the UK, and the USA. Such transfers comply with relevant data protection laws to ensure your data remains secure.
User Rights
Users have the right to:
- Access: Request copies of data we hold.
- Rectify: Update incorrect or incomplete data.
- Erase:
- Main Site: Request removal of personal details used for newsletters.
- Main App: Delete account data directly through the platform.
- Object: Opt out of non-essential cookies and marketing.
- Portability: Request transfer of data to another service provider where applicable.
Requests can be submitted via support@norde.co.
Third-Party Processors
- Stripe: Handles secure payment processing.
- DigitalOcean: Provides additional encrypted cloud storage.
Dispute Resolution
Disputes arising under this Privacy Policy shall be governed by the laws of Mauritius. For users outside Mauritius, international dispute resolution mechanisms may apply.
Contact Information
Updates to This Policy
We may amend this Privacy Policy from time to time. Any updates will be posted on this page with the effective date noted. Continued use of our services constitutes your acceptance of the updated terms.
