At NORDVAS AB, we are committed to protecting your privacy and handling your personal data in an open and transparent manner. This Privacy Policy explains how we collect, use, and protect your personal information when you visit nordvas.com or interact with us as a B2B partner, in accordance with the General Data Protection Regulation (GDPR).
1. Data Controller Information
The entity responsible for the processing of your personal data is:
NORDVAS AB
Umeå, Västerbotten
Sweden
Email: contact@nordvas.com
2. What Personal Data We Collect
Since NORDVAS AB operates primarily in the B2B (Business-to-Business) sector, we collect minimal personal data, strictly related to establishing or maintaining a professional relationship. The data we may collect includes:
- Contact Information: Your name, professional email address, corporate role, and phone number when you fill out our "Request a Sample" or contact forms.
- Company Information: Details regarding your hotel, property, or enterprise, including estimated order volumes.
- Technical & Usage Data: Your IP address, browser type, device information, and interactions with our website (collected via cookies and analytics tools, subject to your consent).
3. How We Use Your Data
We process your personal data for the following purposes and legal bases:
- To respond to your inquiries: Providing sample kits, answering questions, or discussing bespoke branding options. (Legal basis: Pre-contractual steps or legitimate interest).
- To improve our website: Analyzing user behavior to optimize our site layout and performance. (Legal basis: Your explicit consent via our cookie banner).
- To fulfill legal obligations: Keeping business correspondence and invoices in compliance with Swedish accounting and tax laws. (Legal basis: Legal obligation).
4. Third-Party Services & Data Sharing
We do not sell your personal data to third parties. We may share your data with trusted service providers who assist us in operating our website and conducting our business:
- Web3Forms: We utilize Web3Forms to securely process the contact forms on our website. Data submitted through our forms is temporarily processed by their servers strictly to deliver the message to our email inbox.
- Google Analytics: With your prior consent, we use Google Analytics to analyze website traffic. We have enabled IP anonymization to ensure your data cannot be traced back to your specific location.
- Cookiebot: We use Cookiebot to manage your consent preferences securely.
5. Cookies and Tracking
Our website uses cookies to function securely and to provide us with anonymous analytics. When you first visit our site, you are presented with a Cookie Consent banner. Non-essential cookies (such as those used by Google Analytics) are strictly blocked until you explicitly click "Accept". You may revoke your consent at any time by clearing your browser cookies.
6. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes for which it was collected. B2B contact inquiries that do not result in a business relationship are deleted within 12 months. Data related to active partnerships or invoices will be retained for up to 7 years in accordance with Swedish bookkeeping laws (Bokföringslagen).
7. Your GDPR Rights
Under the GDPR, you possess the following rights regarding your personal data:
- Right to Access: You may request a copy of the personal data we hold about you.
- Right to Rectification: You may request that we correct any inaccurate or incomplete data.
- Right to Erasure (Right to be Forgotten): You may request the deletion of your personal data, provided there are no superseding legal obligations for us to retain it.
- Right to Restrict Processing: You may request that we limit how we process your data.
- Right to Data Portability: You may request to receive your data in a structured, machine-readable format.
To exercise any of these rights, please contact us at contact@nordvas.com.
8. Complaints
If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten - IMY) or your local supervisory authority.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect operational or legal changes. The "Last Updated" date at the top of this page will reflect the most recent revisions. We encourage you to review this policy periodically.