Privacy Policy and GDPR Data Processor Agreement
This Privacy Policy and GDPR Data Processor Agreement describes the practices and policies of Nordic Backup (“the Data Processor”) regarding the collection and protection of Personal Data supplied by users or collected by us from users of Nordic Backup websites and the Nordic Backup services (“the Service”).
Nordic Backup has, and always will, take your privacy and the protection of your data very seriously. Our privacy policy has always been about protecting you, which has made it very easy for us to comply with the new General Data Protection Regulation (GDPR) (EU) 2016/679.
This Privacy Policy also acts as the GDPR Data Processor Agreement between you (“the Data Owner”) and Nordic Backup for as long you are a customer or partner of Nordic Backup. Nordic Backup is required to comply with privacy protection laws of the country where you the Data Owner, reside.
Nordic Backup defines “Personal Data” as any data from which it is practical to directly determine the identity of an individual.
By registering to use the Service, you agree (1) to comply with the terms and conditions of this Privacy Policy and (2) Nordic Backup may collect, process and use your Personal Data as described in this Privacy.
Personal Data will only be stored and processed by Nordic Backup in the country where it was collected.
To protect your account information, please keep your password secure at all times.
Information Nordic Backup Collects about you
Personal Data
Once you register with Nordic Backup and signed in to the Service, you are not anonymous to Nordic Backup. When registering with Nordic Backup, you provide your Personal Data, which may include your full name, company name, company tax id, phone number, your title, address, city, state, country, zip code, a user name, one or more email addresses, and a password.
All information collected by Nordic Backup is used for internal purposes of providing the Service, providing support to you, and to improve services. Using aggregated non-identifying information supplied by users allows Nordic Backup to understand its user base and to improve services.
When backing data up with the Service, you send us the data you have selected for backup including relevant file system information containing names of files and directories. Nordic Backup also records your IP address for security purposes when you submit information.
Even though the backup data you are backing up with the Service are strongly encrypted with your private encryption key and Nordic Backup has no access to the unencrypted backup data, the backup data is also considered Personal Data and protected under this agreement.
How Nordic Backup Uses Your Information
Personal Data
Nordic Backup will only use the least Personal Data required to deliver the Service to you. Nordic Backup will never sell or market the email addresses or other collected personal information of registered Users to third parties.
Nordic Backup will not and can not view the files that you backup using the Service. Nordic Backup may view your file system information such as file names, file extensions, file sizes, directory/folder names, directory/folder structure, and drive layout, but never your file contents, to provide technical support to you.
You acknowledge and agree that Nordic Backup may occasionally send you administrative communications regarding your account or the Service via email.
Cookies and Passive Data Collection
Nordic Backup uses cookies, IP addresses, and URL information to improve and further develop the Service, and to provide enhanced or geographically differentiated features and service levels to Users, where available.
Nordic Backup uses cookies to save screen names, and session identifiers on your browser and hard drive, and may use them to provide tailored products and services to you, as they become available. IP Addresses also help us diagnose network congestion, problems with our servers, and otherwise assist in the administration and delivery of the Service to you.
Nordic Backup automatically receives and records information in our server logs from your browser, including your IP address, cookie information, and the page you request. You should be aware that other websites visited before entering the Nordic Backup websites might place Personal Data within a User’s URL during a visit to their website, and Nordic Backup has no control over such websites. Accordingly, some of this information may be logged by Nordic Backup.
Links to Third Party Sites
Nordic Backup websites may contain links to other sites that are not under our control. These websites have their own policies regarding privacy. You should review those policies before visiting the websites. We have no responsibility for linked websites, and we provide these links solely for the convenience and information of our visitors.
Confidentiality/non-disclosure
Nordic Backup Service Providers / Data Processors
Nordic Backup is a complete service provider who takes your privacy very serious. Nordic Backup does not and never will exchange nor disclose any Personal Data to any third party Service Provider or Data Processor. All data collection, storage, and processing are done by Nordic Backup alone.
Nordic Backup ensures that all personal data and backup data are kept confidential and only accessible to the relevant employees and systems required to deliver the Service to you, and after termination of your account/agreement with Nordic Backup.
Legal Requirements
Nordic Backup does not disclose Personal Data, including the data you back up with the Service, unless disclosure is necessary to comply with an enforceable government request, such as a warrant.
Change of Ownership
In the event of a change in Nordic Backup ownership, or a direct merger or acquisition with another entity, we reserve the right to transfer all of Nordic Backup User information, including Personal Data, to a separate entity. We will use commercially reasonable efforts to notify you (by posting on our website or an email to the email address you provide when you register) of any change in ownership, merger or acquisition of Nordic Backup’s assets by a third party, and you may choose to modify any of your registration information at that time.
Data breach / loss
Nordic Backup uses industry standard security measures to protect against the loss, misuse and alteration of the information under our control. We make good faith efforts to store the information collected by Nordic Backup in a secure operating environment that is not available to the public.
While we take reasonable steps to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from obtaining this information. In the event we discover a breach of your data we will notify you immediately, no later than within 24 hours of the discovery.
Audit
Upon your request, Nordic Backup is required to provide you with the necessary information for you to oversee that Nordic Backup has established the required technical and organizational security measures to protect your Personal Data.
This is done by an independent audit. Every year Nordic Backup undergoes an audit by an independent auditor to ensure we are compliance with this Privacy Policy and GDPR Data Processor Agreement and the European General Data Protection Regulation (GDPR). The audit will be posted on the Nordic Backup website as soon it is available.
Updating or Removing User Information
You may, at any time, choose to correct or update the information you have submitted to Nordic Backup by updating your account the Nordic Backup website.
You may opt to remove all your Personal Data and backup data from all Nordic Backup systems by logging into your account on the Nordic Backup website, selecting “Settings”, and “Delete Account”.
If you cancel your account, your Personal Data and backup data will be retained in Nordic Backups archive for 30 days in case you regret your cancellation. After 30 days your Personal Data and backup data will be permanently deleted from our servers and will not be recoverable. You may opt to waive the 30 day retention and have all your personal and backup data deleted immediately by contacting Nordic Backup Tech Support.
Disputes and Privacy Complaints
If you have a dispute or complaint about privacy on a Nordic Backup website or Service, we kindly ask that you first attempt to resolve the issue directly with Nordic Backup Support by Email or by phone.
All disputes arising out of this Agreement will be subject to the exclusive jurisdiction of the state and federal courts serving Seminole County, Florida.
Revisions to this Policy
Nordic Backup reserves the right in our sole discretion to revise, amend, or modify this policy and our other policies and agreements at any time and in any manner. Notice of any revision, amendment, or modification of this policy will be posted on Nordic Backup websites, and a User’s continued use of the Service will signify agreement to such changes.
Registration or Use of The Service Signifies your Agreement to The Privacy Policy
September 2018 – US English Privacy Policy v1.3