Privacy Policy
1. Introduction
Nordes Oy ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard information when you use our website www.nordes.fi. We are dedicated to being transparent and ensuring that your personal data is processed lawfully and responsibly in accordance with the EU General Data Protection Regulation (GDPR).
2. Data Controller
Nordes Oy
Business ID (Y-tunnus): 3156521-5
Sörnäistenkatu 1
00580 Helsinki, Finland
Email: mail@nordes.fi
3. Information We Collect
We may collect and process the following types of personal data:
Information you provide directly:
Name, company, position, phone number, and email address (e.g., via contact forms, event registrations, or newsletter subscriptions).
Automatically collected information:
IP address, browser type, operating system, device type, time spent on site, pages visited, and referring website.
Cookies and analytics data:
We use cookies and tracking technologies (such as Google Analytics) to improve functionality and measure website performance.
4. How We Use Your Information
We process your personal data for the following purposes:
- To respond to your inquiries and provide requested services.
- To send you newsletters, updates, or event invitations (only if you have opted in).
- To maintain and improve our website's functionality and security.
- To comply with legal or regulatory requirements.
5. Legal Bases for Processing
We process your personal data under the following lawful bases:
Consent
When you give explicit permission (e.g., subscribing to newsletters).
Legitimate Interest
When we improve our website or respond to business inquiries.
Legal Obligation
When data retention is required by law.
6. Cookies
Our website uses cookies to provide the best user experience. These may include:
You can manage or disable cookies through your browser settings.
7. Data Sharing
We do not sell your personal data.
We may share data only with:
- Trusted service providers (e.g., IT hosting, analytics, or communication tools).
- Public authorities when legally required.
- Our group companies and partners, but only in compliance with GDPR safeguards.
8. International Transfers
If your personal data is transferred outside the EU/EEA (for example, to service providers), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs).
9. Data Retention
We store your personal data only for as long as necessary:
10. Data Security
We apply appropriate technical and organizational measures to protect your personal data, including:
Technical Measures
- • Secure servers and encrypted communications (SSL/TLS)
- • Regular updates and monitoring of IT systems
Organizational Measures
- • Access restrictions and staff confidentiality agreements
- • Regular security training and assessments
11. Your Rights
Under GDPR, you have the following rights regarding your personal data:
Right of access
Request a copy of your personal data
Right to rectification
Correct inaccurate or incomplete data
Right to erasure
Request deletion ("right to be forgotten")
Right to restrict processing
Limit how we use your data
Right to object
Object to processing based on legitimate interests
Right to data portability
Receive data in a structured, machine-readable format
Right to withdraw consent
Withdraw consent at any time (for consent-based processing)
To exercise your rights, please contact us at mail@nordes.fi
If you are not satisfied with our response, you may file a complaint with the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto) in Finland.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated "Last updated" date.
13. Contact
For questions or concerns about this Privacy Policy, please contact:
Last updated: September 15, 2025