Privacy Policy

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. For detailed information on data protection, please refer to the privacy policy set out below this text.

Data collection on this website

Who is responsible for data collection on this website? Data processing on this website is carried out by the website operator. You can find their contact details in the section "Information on the controller" in this privacy policy.

How do we collect your data? Your data is collected, on the one hand, by you providing it to us. This may be data you enter into the contact or inquiry form. Other data is collected automatically or after your consent when you visit the website via our IT systems. This is primarily technical data (e.g. internet browser, operating system or time of the page request).

What do we use your data for? Some of the data is collected to ensure the website is provided without errors. Other data may — subject to your consent — be used to analyse your user behaviour anonymously.

What rights do you have regarding your data? You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent, you can revoke it at any time with effect for the future. You also have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

Analytics tools

When you visit this website, your browsing behaviour may be analysed statistically — only if you consent — using Google Analytics. No analysis takes place without your consent. Detailed information can be found below in this privacy policy. You can revoke your consent at any time via the cookie settings.

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. This privacy policy explains what data we collect and what we use it for, as well as how and for what purpose this happens. We point out that data transmission over the internet (e.g. communication by email) can have security gaps. Complete protection of data against access by third parties is not possible.

Information on the controller

The controller responsible for data processing on this website is:

Nordic Business
Stefan Brandenburg
Carrer Martín Ros García, 18A, 61
07181 Torrenova, Calvià (Illes Balears)
Spanien

Tel.: +34 613 479 933
E-Mail: kontakt [at] nordic-business [dot] de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Storage period

Unless a more specific storage period is stated within this privacy policy, your personal data will remain with us until the purpose for processing no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing it (e.g. retention periods under tax or commercial law); in the latter case, deletion takes place once these reasons no longer apply.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right at any time to object to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on these provisions. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims (objection under Art. 21(1) GDPR).

If your personal data is processed for direct advertising purposes, you have the right to object at any time to the processing of personal data concerning you for such advertising (objection under Art. 21(2) GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, place of work or the place of the alleged violation. This right exists without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, such as inquiries you send to us as the site operator, this site uses SSL/TLS encryption. You can recognise an encrypted connection by the fact that the browser address bar changes from "http://" to "https://" and by the lock symbol in your browser bar. When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correction or deletion of this data. For this and other questions regarding personal data, you can contact us at any time.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. The right to restriction of processing exists in the following cases:

• If you contest the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of processing.
• If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
• If we no longer need your personal data but you need it to exercise, defend or assert legal claims, you have the right to request restriction of processing instead of deletion.
• If you have lodged an objection under Art. 21(1) GDPR, a balance must be struck between your interests and ours. As long as it has not been determined whose interests prevail, you have the right to request the restriction of processing.

Objection to advertising emails

We hereby object to the use of contact data published within the scope of the imprint obligation for sending advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam emails.

Cookies

Our website uses technically necessary cookies and — subject to your consent — cookies for statistical purposes. Cookies are small text files and do no harm to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted at the end of your visit.

Technically necessary cookies are stored on the basis of Art. 6(1)(f) GDPR or Section 25(2) TTDSG, as the website operator has a legitimate interest in the technically error-free provision of its services. Where consent has been requested (e.g. for statistics cookies), processing takes place exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TTDSG; consent can be revoked at any time.

Consent via the cookie selection

This website uses its own, locally operated cookie selection to obtain your consent to the storage of certain cookies and to document this in a data protection-compliant manner. Your selection is stored exclusively locally in your browser (localStorage entry "nb_cookie_consent") and is not transmitted to an external service. On your first visit, you decide whether statistics cookies may be set in addition to the necessary ones. You can change or revoke your selection at any time.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type and version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

This data is not merged with other data sources. The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website — for this, the server log files must be recorded.

Project inquiry (inquiry assistant)

Via the inquiry assistant, you can submit structured information about a planned project (e.g. service area, salutation, name, company, location, email, phone, budget range, desired timeframe, preferred contact method and your message).

To process and internally manage your inquiry, this information is stored in a database. We also record technical and organisational metadata: the time of the inquiry, a pseudonymised (hashed) IP address, browser and device details (user agent), the origin/entry page (referrer, landing page) and — where present — campaign parameters (e.g. UTM source, medium, campaign). From this, an internal priority/quality value (lead score) is calculated, used solely for the efficient handling and organisation of your inquiry.

If you have consented to statistics cookies, pseudonymous analytics identifiers may additionally be stored for attribution. This does not happen without your consent.

In addition, the data is transmitted to us via encrypted email. It is not passed on to third parties; technical service providers (hosting, email delivery) acting as processors bound by our instructions are excepted.

The legal basis is Art. 6(1)(b) GDPR (implementation of pre-contractual measures), otherwise our legitimate interest in the effective handling, organisation and protection of inquiries (Art. 6(1)(f) GDPR) and, where applicable, your consent (Art. 6(1)(a) GDPR).

To protect against automated spam, we use measures without an external captcha (a hidden honeypot field and a time check). Your data remains with us until the purpose of storage no longer applies (e.g. after processing), you request deletion, or you revoke a given consent. Mandatory legal retention periods remain unaffected.

Voice input for form fields

On the inquiry page, certain free-text fields can optionally be filled in by microphone (voice input). Use is voluntary; the fields can always be filled in via the keyboard as well.

The feature is loaded exclusively after your explicit consent via the consent dialog (category “Special techniques”) and only if your browser supports it. Without consent, neither the microphone icon is shown nor is any related code loaded. The legal basis is your consent (Art. 6(1)(a) GDPR), which you can withdraw at any time via the cookie settings.

Technically, the browser's built-in Web Speech API is used. Depending on the browser and vendor, speech recognition is processed either locally on your device or server-side at the respective browser vendor (e.g. Google for Google Chrome); Nordic Business has no influence on this. Access to the microphone occurs only after an additional, active authorisation by your browser. Nordic Business does not store any audio data — only the recognised text is transferred into the form and submitted to us as part of your inquiry.

Inquiry by email or phone

If you contact us by email or phone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of handling your request. We do not pass on this data without your consent. The processing of this data is based on Art. 6(1)(b) GDPR, provided your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on your consent (Art. 6(1)(a) GDPR) and/or on our legitimate interests (Art. 6(1)(f) GDPR).

Website Analysis (free quick check)

On this website you can run a technical analysis of a website. The address you enter is sent to the Google PageSpeed Insights API and checked technically with Google Lighthouse (loading speed, search engine friendliness, accessibility and technical quality).

The analysis result is stored and assigned to a pseudonymous visitor identifier (visitor ID) kept locally in your browser (local storage). This allows several analyses to be linked to the same visit and – should you later submit a project inquiry – to be connected to it automatically.

Plain-text IP addresses are not stored permanently. IP and browser identifiers are stored only in pseudonymised form (hashing). Data is sent to Google only after your prior consent to the "Website analysis tool" category and your active start of the analysis (click). Without this consent no analysis is started; you can grant or withdraw it at any time in the cookie settings. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in clear pre-qualification and consultation) and your consent by actively starting the analysis (Art. 6(1)(a) GDPR).

Google Analytics

This website uses — only after your consent — functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables us to analyse the behaviour of website visitors. In doing so, we receive various usage data, such as page views, time on site, operating systems used and the origin of users. For this purpose, Google Analytics uses cookies and comparable recognition technologies. We have activated IP anonymisation, so that your IP address is shortened by Google within the EU/EEA before transmission. Advertising features (Google signals, ad personalisation) are deactivated.

The use of Google Analytics takes place exclusively on the basis of your consent (Art. 6(1)(a) GDPR and Section 25(1) TTDSG). The analytics script is only loaded after you have actively confirmed the "Statistics" category in the cookie selection. Before that, no transmission to Google takes place whatsoever. You can revoke your consent at any time with effect for the future by deactivating the statistics cookies in the cookie settings; the analytics cookies already set will be removed.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found at Google: https://policies.google.com/privacy and https://business.safety.google/adscontrollerterms/. We have concluded a data processing agreement with Google.

Fonts (locally hosted)

For the consistent display of fonts, this website uses exclusively fonts stored locally on our server. When the page is accessed, there is no connection to third-party servers (e.g. Google Fonts), and no personal data is transmitted to external providers.

Links to social networks

On this website you will find only simple links to our profiles on social networks (e.g. Facebook, Instagram) as well as a WhatsApp and email link. These are normal links, not embedded social media plugins. Data transmission to the respective providers only takes place when you actively click on one of these links and access the provider's page. The respective provider is responsible for the subsequent data processing.

Reach measurement of contact clicks (anonymous)

Clicks on this website's direct contact options (WhatsApp, phone, email) are recorded anonymously and without cookies, in order to measure the reach of these contact channels. Only the channel used (WhatsApp/phone/email), the page the click came from and the timestamp are stored — plus, if you previously ran a website analysis voluntarily, the associated pseudonymous visitor ID.

No personal data is processed in this: no name, no phone number, no email address, no message content and no IP address. The recording takes place exclusively on our own server (first-party); no transfer to third parties occurs. The legal basis is the legitimate interest in simple, privacy-friendly reach measurement (Art. 6(1)(f) GDPR).