Nordic Ops

Privacy Policy

Your privacy matters to us. This policy explains how Nordic Ops collects, uses, and protects your personal information in compliance with GDPR and CCPA.

Last updated: April 22, 2026

Privacy at a Glance

  • We collect only what we need to provide our services
  • We never sell your personal data to third parties
  • You can request access, correction, or deletion of your data anytime
  • We use industry-standard security measures to protect your information
  • We comply with GDPR (EU) and CCPA (California) regulations

Data Controller

Nordic Operations LLC is the data controller responsible for your personal information.

Company

Nordic Operations LLC

Location

Wyoming, United States

Privacy Contact

privacy@nordicops.ai

Data Protection Officer

dpo@nordicops.ai

Data We Collect

We collect different types of information depending on how you interact with our services. Here's a detailed breakdown:

Account Information

Data Points

  • Email address
  • Name (if provided)
  • Account preferences

Purpose

Account creation, authentication, and communication

Retention Period

Until account deletion + 30 days

Legal Basis (GDPR)

Contract performance

Payment Information

Data Points

  • Payment method details
  • Billing address
  • Transaction history

Purpose

Process purchases and prevent fraud

Retention Period

7 years (legal requirement)

Legal Basis (GDPR)

Contract performance, Legal obligation

Usage Data

Data Points

  • Pages visited
  • Features used
  • Report generations
  • Session duration

Purpose

Improve services and user experience

Retention Period

24 months

Legal Basis (GDPR)

Legitimate interest

Technical Data

Data Points

  • IP address
  • Browser type
  • Device information
  • Operating system

Purpose

Security, troubleshooting, and analytics

Retention Period

12 months

Legal Basis (GDPR)

Legitimate interest

Communication Data

Data Points

  • Support inquiries
  • Email correspondence
  • Feedback submissions

Purpose

Customer support and service improvement

Retention Period

3 years

Legal Basis (GDPR)

Contract performance, Legitimate interest

How We Use Your Data

Service Delivery

  • Process your purchases and manage your account
  • Generate and deliver reports you've purchased
  • Provide customer support and respond to inquiries
  • Send transactional emails (receipts, confirmations)

Improvement & Security

  • Analyze usage patterns to improve our services
  • Detect and prevent fraud and security threats
  • Debug and fix technical issues
  • Comply with legal obligations

Your Privacy Rights

Depending on your location, you have specific rights regarding your personal data under GDPR (EU/EEA/UK) and CCPA (California).

RightDescriptionGDPRCCPA
Right to AccessRequest a copy of all personal data we hold about you
Right to RectificationRequest correction of inaccurate or incomplete personal data
Right to ErasureRequest deletion of your personal data ('Right to be Forgotten')
Right to Restrict ProcessingRequest limitation on how we use your data
Right to Data PortabilityReceive your data in a structured, machine-readable format
Right to ObjectObject to processing based on legitimate interests or direct marketing
Right to Opt-Out of SaleOpt out of the 'sale' of personal information (we do not sell data)
Right to Non-DiscriminationNot be discriminated against for exercising your privacy rights

How to Exercise Your Rights

To exercise any of these rights, contact us using one of the methods below. We will respond within 30 days (GDPR) or 45 days (CCPA).

privacy@nordicops.aiContact Form

Third-Party Services

We work with trusted third-party service providers to operate our platform. These providers have their own privacy policies.

Stripe

Privacy Policy →

Purpose

Payment processing

Data Shared

Payment details, billing address, transaction data

Supabase

Privacy Policy →

Purpose

Database and authentication

Data Shared

Account data, usage data

Vercel/Netlify

Privacy Policy →

Purpose

Website hosting

Data Shared

Technical data, IP address

Google Analytics

Privacy Policy →

Purpose

Website analytics (if consented)

Data Shared

Usage data, technical data

Data Security

We implement industry-standard security measures to protect your personal information:

Encryption in Transit

All data transmitted using TLS 1.3 encryption

Encryption at Rest

Sensitive data encrypted using AES-256

Access Controls

Role-based access with multi-factor authentication

Regular Audits

Periodic security assessments and penetration testing

PCI Compliance

Payment data handled by PCI DSS compliant provider (Stripe)

Incident Response

24-hour breach notification as required by GDPR

International Data Transfers

Nordic Operations LLC is based in the United States. If you are accessing our services from the European Union, European Economic Area, United Kingdom, or other regions with data protection laws, please note that your data may be transferred to and processed in the United States.

We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements with all sub-processors
  • Technical and organizational measures to ensure data protection

Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@nordicops.ai and we will delete the information.

Do Not Sell My Personal Information (CCPA)

We Do Not Sell Your Data

Nordic Ops does not sell, rent, or trade your personal information to third parties for monetary or other valuable consideration. This applies to all users, regardless of location. As such, there is no need to opt out of the "sale" of personal information because we do not engage in such practices.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will notify you by email (if you have an account) and update the "Last updated" date at the top of this policy. We encourage you to review this policy periodically.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General Privacy Inquiries

privacy@nordicops.ai

Data Protection Officer

dpo@nordicops.ai

Right to Lodge a Complaint

If you are located in the EU/EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local Data Protection Authority (DPA). A list of EU DPAs can be found at the European Data Protection Board website.

Related Policies

Terms of Service|Cookie Policy|Refund Policy|Compliance