Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal data in compliance with GDPR and Swedish law.

Last Updated: January 2025 | Version 1.0

Introduction

Nordic Oculus ("we", "our", or "us") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. This policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and relevant Swedish data protection laws.

1. Data Controller Information

Nordic Oculus is the data controller for the processing of personal data described in this Privacy Policy.

Company Details:

Nordic Oculus

Organization Number: Pending registration

Email: info@nordicoculus.com

2. Types of Personal Data We Collect

We collect and process the following categories of personal data:

Contact Information:

  • Name and surname
  • Email address
  • Phone number
  • Company name and position

Communication Data:

  • Messages sent through our contact forms
  • Email correspondence
  • Meeting notes and project requirements

Technical Data:

  • IP address
  • Browser type and version
  • Time zone setting and location
  • Operating system and platform
  • Cookie data and similar technologies

3. Legal Basis for Processing (GDPR Article 6)

We process your personal data based on the following legal grounds:

Consent (Article 6.1.a):

When you submit forms on our website or subscribe to our newsletter, you provide explicit consent for us to process your data for these specific purposes.

Contract Performance (Article 6.1.b):

We process data necessary to provide our AI consulting services, prepare proposals, and fulfill our contractual obligations to you.

Legitimate Interests (Article 6.1.f):

We may process data for our legitimate business interests, such as improving our services, preventing fraud, and ensuring network security, provided these interests do not override your rights and freedoms.

Legal Obligations (Article 6.1.c):

We process data when required by Swedish law, such as for tax and accounting purposes.

4. Purpose of Data Processing

We process your personal data for the following purposes:

  • To respond to your inquiries and provide customer support
  • To deliver our AI consulting and development services
  • To send project updates and relevant communications
  • To improve our website and services based on user feedback
  • To comply with legal and regulatory requirements
  • To protect against fraud and ensure security
  • To analyze website usage and optimize user experience
  • To send marketing communications (with your consent)

5. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy:

Client Data:

Active client data is retained for the duration of our business relationship and for 7 years thereafter in accordance with Swedish accounting law (Bokföringslagen).

Inquiry Data:

Contact form submissions and inquiries are retained for up to 2 years unless they result in a business relationship.

Marketing Data:

Marketing preferences and newsletter subscriptions are retained until you withdraw your consent.

Technical Data:

Website analytics and technical logs are retained for 26 months.

6. Your Rights as a Data Subject

Under GDPR and Swedish data protection law, you have the following rights:

Right to Access (Article 15):

You can request a copy of your personal data we process.

Right to Rectification (Article 16):

You can request correction of inaccurate or incomplete personal data.

Right to Erasure (Article 17):

You can request deletion of your personal data under certain circumstances.

Right to Restriction (Article 18):

You can request that we limit the processing of your personal data.

Right to Data Portability (Article 20):

You can request your data in a structured, commonly used, and machine-readable format.

Right to Object (Article 21):

You can object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent:

Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at info@nordicoculus.com.

7. Data Transfers and Security

Data Location:

Your personal data is primarily stored and processed within the European Economic Area (EEA). Any transfers outside the EEA are conducted with appropriate safeguards in accordance with GDPR Chapter V.

Security Measures:

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication systems
  • Employee training on data protection
  • Incident response procedures

Third-Party Processors:

We carefully select third-party service providers and ensure they provide sufficient guarantees regarding data protection through data processing agreements.

8. Cookies and Similar Technologies

Our website uses cookies and similar technologies to enhance your experience and analyze usage patterns.

Essential Cookies:

Required for the website to function properly. These cannot be disabled.

Analytics Cookies:

Help us understand how visitors interact with our website. We use privacy-friendly analytics that don't track individual users.

Marketing Cookies:

Used to deliver relevant advertisements and track campaign effectiveness. Only set with your consent.

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may impact website functionality.

9. Filing Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the supervisory authority:

Integritetsskyddsmyndigheten (IMY)

The Swedish Authority for Privacy Protection

Box 8114

104 20 Stockholm

Email: imy@imy.se

Website: www.imy.se

We encourage you to contact us first at info@nordicoculus.com so we can address your concerns directly.

10. Contact Us

For any questions about this Privacy Policy or how we handle your personal data, please contact us:

Data Protection Contact:

Nordic Oculus

Attn: Data Protection

Email: info@nordicoculus.com

We aim to respond to all data protection inquiries within 30 days.

11. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. When we make significant changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify you via email if you are a registered user or client
  • We may display a prominent notice on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

Version History:

Version 1.0 - Initial publication (January 2025)

Your Privacy Matters

We are committed to protecting your personal data and being transparent about our data practices. If you have any questions or concerns, please don't hesitate to contact us.

Contact UsEmail Data Protection