Privacy Policy

1. Data Controller

Nordlate Oy
Helmipöllönkuja 15 A 5
90540 Oulu, Finland
Business ID: 3598078-2
Email: [email protected]

2. Scope

This policy covers the nordlate.com website.

3. Data We Collect

The nordlate.com website is a simple informational site. We collect minimal data:

• Analytics data: We use Google Analytics to understand how visitors use our website. This collects data such as pages visited, time on site, browser type, and approximate location. IP addresses are processed by Google for network routing and geolocation but are not stored in analytics reports.
• Contact information: If you email us, we store your email address and message content to respond to your inquiry.

4. Cookies

This website uses cookies set by Google Analytics to distinguish unique visitors and track session information. For details on the specific cookies used and their expiration, see Google's cookie documentation.

No cookies are used for advertising or tracking across other websites.

5. Legal Basis

We process personal data based on:

• Consent: Analytics cookies are set when you continue to use the website. You can opt out by disabling cookies in your browser settings or by using a browser extension such as Google Analytics Opt-out Browser Add-on.
• Legitimate interest: Responding to general contact inquiries.
• Pre-contractual measures: Handling inquiries related to engaging our services.

6. Data Retention

Analytics data is retained according to our Google Analytics configuration. Email correspondence is retained as long as necessary to handle your inquiry and for potential follow-up.

7. Data Sharing and International Transfers

We do not sell your personal data. We use the following third-party providers, which may process data outside the European Economic Area:

• Google Analytics (website analytics) — Google LLC is certified under the EU-US Data Privacy Framework.
• Cloudflare (hosting and content delivery) — Cloudflare Inc. is certified under the EU-US Data Privacy Framework.

These providers act as data processors under appropriate agreements, including Standard Contractual Clauses where applicable.

8. Your Rights

Under the GDPR, you have the right to:

• Access, correct, or delete your personal data
• Object to or restrict certain processing
• Data portability — receive your data in a structured, machine-readable format
• Withdraw consent at any time for consent-based processing (such as analytics), without affecting the lawfulness of processing carried out before withdrawal

To exercise these rights, contact us at [email protected].

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with a supervisory authority. In Finland, this is the Office of the Data Protection Ombudsman (tietosuoja.fi).

9. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. Updates will be posted on this page.