GDPR Compliance Policy

At Nordhaven, we are committed to protecting the privacy and personal data of our customers and website visitors. We process personal information in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection laws.

This GDPR Compliance Policy explains your rights regarding your personal data and how we ensure compliance with European data protection requirements.

Lawful Basis for Processing Personal Data

We collect and process personal data only when we have a lawful basis to do so. These lawful bases may include:

  • Your consent.
  • The performance of a contract between you and Nordhaven.
  • Compliance with legal obligations.
  • Legitimate business interests that do not override your privacy rights.

Personal Data We May Process

Depending on your interaction with our website, we may process:

  • Name and contact information.
  • Billing and shipping addresses.
  • Email address and telephone number.
  • Order and transaction details.
  • Customer service communications.
  • Website usage and technical information collected through cookies and similar technologies.

Your GDPR Rights

If you are located within the European Economic Area (EEA), you have the following rights:

  • Right of access to your personal data.
  • Right to rectification of inaccurate information.
  • Right to erasure ("Right to be Forgotten").
  • Right to restrict processing.
  • Right to data portability.
  • Right to object to processing.
  • Right to withdraw consent at any time where processing is based on consent.
  • Right to lodge a complaint with a competent data protection authority.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, tax, and regulatory requirements.

When personal data is no longer required, it will be securely deleted or anonymized.

International Data Transfers

Where personal data is transferred outside the European Economic Area, we implement appropriate safeguards to ensure that personal data remains protected in accordance with GDPR requirements.

Such safeguards may include Standard Contractual Clauses approved by the European Commission or transfers to countries recognized as providing an adequate level of data protection.

Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, misuse, or destruction.

These measures include secure data storage, restricted access controls, encrypted communications where appropriate, and regular security monitoring.

Cookies and Tracking Technologies

Our website may use cookies and similar technologies to improve functionality, analyze website performance, and enhance user experience.

Where required by law, users will be provided with the ability to manage or withdraw cookie consent.

Third-Party Service Providers

We may share personal data with trusted third-party service providers that assist us in operating our website, processing payments, delivering orders, preventing fraud, and providing customer support.

These service providers are required to process personal data only in accordance with our instructions and applicable data protection laws.

Exercising Your Rights

If you wish to exercise any of your GDPR rights or have questions regarding the processing of your personal data, please contact us using the information below:

Email: service@nordhaveno.com

Telephone: +1 (413) 212-2815

Address: 75 Cole Ave #0, Pittsfield, MA 01201, United States

We will respond to GDPR-related requests within the timeframe required by applicable law.

Policy Updates

We may update this GDPR Compliance Policy from time to time to reflect legal, technical, or operational changes. Any updates will be published on this page with immediate effect upon posting.