Privacy Policy

1. Responsible Party

The responsible party for data processing on this website is:

noord GmbH
Bergheimer Straße 147
69115 Heidelberg
Germany

Phone: +49 6221 4162300
E-Mail: hello@noord.co

2. What we do with your data

Server Log Files

When you visit our website, our provider automatically collects technical information transmitted by your browser: browser type and version, operating system, referrer URL, hostname, time of request, and IP address. Processing takes place to ensure trouble-free operation and security (Art. 6 (1) (f) GDPR). This data is not merged with other data sources. It is retained only briefly and not used for any other purpose.

Web Analytics

We use Umami, a privacy-friendly analytics tool that we self-host on our own infrastructure at analytics.noord.co. Umami sets no cookies and stores no information on your device. IP addresses are processed in anonymized form, and no user profiles are created.

We collect only aggregated statistics: page views, browser and device type, country of origin, and clicks on specific buttons. When the contact form is submitted, the topic category and team size are additionally recorded as anonymous statistics; personal entries (name, email, message) are not. No data is shared with third parties. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in aggregate reach measurement). Because Umami stores nothing on your device, consent under § 25 TTDSG is not required.

Contact Form

When you write to us via the contact form, we process the data you provide (in particular name, email address, company, topic, and message) in order to respond to your inquiry. The legal basis is Art. 6 (1) (b) GDPR (pre-contractual measures) or Art. 6 (1) (f) GDPR (legitimate interest in handling your inquiry).

Technically, this is how it works: our website is operated in the EU region Frankfurt. To send the confirmation to you and the notification to us, we use an email service provider with EU region Ireland. Your message is then handled personally by Daniel Andres.

Processors and Data Transfers

We work with an infrastructure provider hosted in the EU and an email service provider hosted in the EU. Operational processing of your data takes place in the EU. Because the underlying companies are based in the USA, administrative data (e.g. account and billing information) may, by design, be transferred to the USA. Such transfers are based on the EU Standard Contractual Clauses.

A complete list of our processors is available on request at hello@noord.co.

Storage Duration

We store your inquiry until it has been handled or you request deletion. Statutory retention obligations remain unaffected.

3. Your Rights

You have the right at any time to:

• obtain information about your stored data (Art. 15 GDPR),
• request correction of inaccurate data (Art. 16 GDPR),
• request deletion of your data (Art. 17 GDPR),
• request restriction of processing (Art. 18 GDPR),
• obtain your data in a portable format (Art. 20 GDPR),
• object to processing (Art. 21 GDPR),
• lodge a complaint with a supervisory authority (Art. 77 GDPR).

If you have given consent to data processing, you can revoke it at any time with effect for the future. The lawfulness of processing carried out up to the revocation remains unaffected.

To exercise your rights or for questions about data processing, please contact us at hello@noord.co.