Privacy Policy

1. Who we are

Nordensite ("we", "us", "our") sells business security camera kits, fleet dashcams, and GPS tracking kits to businesses within the European Union and EEA. We are the data controller for the personal data described in this policy.

Contact: contact@nordensite.com

2. Data we collect

We collect the following personal data when you use our website, place an order, or request a quote:

• Identity data: full name, company name
• Contact data: email address, phone number, shipping and billing address
• Payment data:processed securely by Stripe — we do not store card numbers on our servers
• Technical data: IP address, browser type, device information, pages visited
• Communication data: messages you send to us via email or our quote form

3. How we use your data

• To process and fulfil your orders
• To send order confirmations and shipping updates
• To respond to your enquiries and quote requests
• To comply with legal and tax obligations
• To protect the security and integrity of our website and services

Our legal bases for processing under the GDPR are: performance of a contract, legitimate interest, and compliance with legal obligations.

4. Third-party services

We share personal data only with the following service providers, solely for the purposes described above:

• Stripe— payment processing. Stripe acts as an independent controller for payment data. See Stripe's Privacy Policy.
• Resend— transactional email delivery (order confirmations, shipping notifications).
• Neon— database hosting. Your data is stored on servers within the EU.
• Vercel— website hosting and infrastructure.

We do not sell, rent, or trade your personal data to any third party for marketing purposes.

5. Cookies

We use only essential cookies that are strictly necessary for the website to function. We do not use analytics, advertising, or tracking cookies. For more details, please see our Cookie Policy.

6. Data retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Order data is retained for a minimum of 5 years to comply with tax and accounting regulations.

7. Your GDPR rights

Under the General Data Protection Regulation, you have the following rights regarding your personal data:

• Right of access— request a copy of the personal data we hold about you.
• Right to rectification— request correction of inaccurate or incomplete data.
• Right to erasure— request deletion of your personal data, subject to legal retention obligations.
• Right to data portability— receive your data in a structured, commonly used, machine-readable format.
• Right to object— object to processing based on legitimate interest.
• Right to restrict processing— request that we limit how we use your data in certain circumstances.

To exercise any of these rights, please email us at contact@nordensite.com. We will respond within 30 days.

You also have the right to lodge a complaint with your local data protection authority. In Norway, this is the Datatilsynet.

8. Data security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or destruction. All data is transmitted over encrypted HTTPS connections, and payment data is handled exclusively by Stripe in PCI-DSS compliant environments.

9. International transfers

Some of our service providers may process data outside the EU/EEA. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or reliance on adequacy decisions.

10. Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

11. Contact us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at contact@nordensite.com.