Last updated: June 5, 2019
1. Information We collect and how we use it
Information You provide to us
When You register an Account, You register Your name and your e-mail. Except from such Account information, You shall not submit to Us, use the Service to collect, or otherwise use the Service so that We receive, information that directly or indirectly identifies any natural person.
The personal data You submit when registering Your Account will be used only to administer the customer relationship, such allowing you to place orders, register devices, sending invoices and providing Service notices. Unless you notify us that you do not want such information, we will also use your information to send you electronic marketing relating to the Service.
When You sign up to receive Our newsletter, You register Your e-mail address. We will use the e-mail address to send newsletters as requested. You may withdraw Your consent at any time.
We need to process the above information in order to provide the Service as requested by You.
Information We register when the Service is provided
A list of data we collect can be found at https://northern.tech/legal/data.
This information is necessary to for Us to be able to provide the Service.
The information is also used (i) to better understand how our users access and use the Service, (ii) to better respond to users' preferences and wishes, (iii) to improve the Service as a whole, and (iv) for statistical and analytical purposes. Our processing of Your data for these purposes is based on Us having a legitimate interest in the processing. The legitimate interest We pursue is the fact that We need to continuously update and improve the Service to stay competitive and to provide the best possible user experience.
Processing of personal data based on Your consent
We will not process Your personal data for any other purpose unless you have consented to such processing by way of a declaration that you consent to such processing.
2. How we share your personal information
We only share your personal information with others if it is necessary to perform the service or we should be bound to such sharing by law, regulation or legal process.
Any sharing in addition to such sharing as mentioned in this paragraph requires your consent. This does not prevent us from using processors to process personal information on our behalf (subject to a data processing agreement). Some of our processors are located outside the EU/EEA. The processing of personal data by such processors is safeguarded by entry into of the EU's standard contractual clauses for transfer of personal data to third countries. Processors located in the USA may alternatively be Privacy Shield certified.
3. Data retention
Your personal data will not be retained by Us for a period which is longer than necessary for the purpose for which the data was collected. This means that We will delete Your data when they are no longer required in order for Us to provide the Service or we otherwise need the data, for example for invoicing or bookkeeping purposes.
4. Access, correction and deletion of personal data
You have the right to access the personal data we have registered about You. The information You have registered is visible on your Account. If any of the information We have registered about You is incorrect, We encourage You to make changes to Your Account. There, You may also delete Your personal information unless the information is necessary for Us to provide the Service. You may also withdraw any consents you have given at any time.
6. Information Security
We have implemented organizational and technical procedures and measures that will ensure that your personal information is not compromised, not unintentionally changed, and available when required.
7. Changes to the Privacy Statement
We will occasionally update this privacy statement to reflect any changes to the service. In such cases, a changed privacy statement will be published on https://mender.io
In case of major changes, we will notify You directly in the appropriate manner, either via the Service or by email.
8. Controller and contact information
Northern.tech AS, organization number 892 847 282, Gaustadalléen 21, 0349 Oslo, Norway, is the controller.
We can be contacted by mail: firstname.lastname@example.org
You are entitled to lodge a complaint with the Norwegian Data Inspectorate if You believe we violate Your privacy rights, but You should always contact Us first so that we can try to resolve the issue first.
EU/US Privacy Shield
Northern.tech has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU. Finally, as a last resort and in limited situations, EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
In cases of onward transfer of personal information to third parties of data of EU individuals received pursuant to the EU-U.S. Privacy Shield, Northern.tech remains liable.