Privacy Policy for Nordics Co AS
Last updated: September 23, 2025
1. Introduction
Nordics Co AS, Org. No. 932 343 487, is responsible for the processing of personal data that we collect and process. We are committed to protecting your privacy and processing your personal data in accordance with applicable laws, including the General Data Protection Regulation (GDPR).
2. Personal Data We Collect
Contact Information
Type of data: Name, address, email, phone number
Purpose: Customer service, service delivery, marketing, product development
Legal basis: Consent, contract, legal obligation, legitimate interest
Storage period: Until the purpose is fulfilled or no longer relevant
Payment Information
Purpose: We process payment data through our payment service provider Stripe to enable secure card payments.
Legal basis: Contract fulfillment
Storage period: According to statutory retention periods
3. Collection and Use of Personal Data
Website
Personal data is collected through our website via registrations, contact forms, and orders.
Customer Service
Data is collected when you contact our customer service for support or information.
4. Cookies
Necessary Cookies
Purpose: Ensuring website functionality
Legal basis: Legitimate interest
Storage period: Variable, depending on session or permanent
Functional Cookies
Purpose: Improving user experience and personalization
Legal basis: Consent
Storage period: Variable, depending on usage
Performance Cookies
Purpose: Analysis of website performance
Legal basis: Consent
Storage period: Variable, depending on usage
Targeting Cookies
Purpose: Personalized advertising
Legal basis: Consent
Storage period: Variable, depending on usage
5. Sharing Personal Data with Third Parties
IT Service Providers
Purpose: Operation and maintenance of IT systems
Safeguards: Data processing agreements
Payment Service Provider (Stripe)
Purpose: Processing card payments
Safeguards: PCI-DSS certification, data processing agreements
Marketing Companies
Purpose: Personalized marketing
Safeguards: Data processing agreements
Service Providers Outside the EEA
Purpose: Various purposes depending on the service
Safeguards: EU Standard Contractual Clauses, other approved transfer mechanisms
Accounting and Finance
Purpose: Legal retention requirements for accounting records under applicable law
Safeguards: Data processing agreements
6. Transfer of Personal Data Abroad
Countries approved by the EU Commission: Transfer in accordance with EU adequacy decisions.
7. Your Rights
Right: Right to access, rectification, and deletion, as well as to receive information
Description: Right to know what personal data we process about you, to have inaccurate or incomplete data corrected, to have data deleted under certain circumstances, and to receive information
Exercise: Contact us at hi@nordics.no
8. Security Measures
Nordics Co AS has implemented both technical and organizational security measures to protect your personal data from unauthorized access, use, or disclosure. Our security measures include firewalls, encryption, and access controls. These measures are regularly evaluated and updated to ensure the highest possible level of protection. Payment data is processed by our payment service provider Stripe, which is PCI-DSS certified.
9. Changes to the Privacy Policy
We reserve the right to update this privacy policy when necessary to reflect changes in our processing practices or to comply with new legal requirements. In case of significant changes, we will inform you via our website or directly by email. We recommend that you regularly check our website for updates. The date of the last revision will always be shown at the top of the policy.
10. Contact Information
For questions or inquiries regarding this privacy policy, please contact us at:
- Email: hi@nordics.no
- Phone:
- Mail: Nordics Co AS, Postboks 3052 Elisenberg, 0207 Oslo
11. Right to Complain
If you believe that we have not complied with your rights or applicable data protection laws, you have the right to file a complaint with the relevant supervisory authority. For more information, visit the website of your local data protection authority.