PRIVACY
POLICY
Privacy notice regarding the processing of personal data
Last updated: June 12, 2023
Nordensa Football SRL, registered with the Trade Registry Office next to the Cluj Court under no. J12/6438/2022, fiscal code 47032637, Paris St. no. 102, Cluj-Napoca (referred to as either “Nordensa”, “Controller”, “We”, “Us” or “Our” in this Privacy notice regarding the processing of personal data) acts as controller for processing your personal data. The processing of personal data shall be done in accordance with the Regulation (EU) 2016/679 on the protection of natural persons regarding the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”), as well as any other legal provisions applicable with respect to the protection of personal data.
Nordensa is the controller of personal data it collects from and about users through the Nordensa Platform and/or by any other interactions we may have with you, like those relating to the provision of Our services or during marketing activities.
This Privacy notice regarding the processing of personal data (“Privacy notice“) describes in detail how We process the personal data of the Nordensa Platform users and the rights they have in connection with this processing.
This Privacy notice applies to all users, regardless whether they are an unregistered user, Registered User or Backer, individuals and representatives of legal entities alike (“Users“). Additionally, to the extent that the User represents a legal entity that will act through the Nordensa Platform, Nordensa will process the personal data of the individuals acting on behalf of those.
Interpretation and Definitions
All terms and concepts included herein in capital letters and not defined elsewhere shall have the same meaning as provided in the Nordensa Terms and Conditions.
Defined terms shall have the same meaning regardless of whether they appear in singular or in plural.
Processing of personal data
Types of Data Collected
While using Our Services, we will collect the following types of personal data:
● Identification data: name, surname, country of residence, data included in your identification documents (passport/national ID number, citizenship)
● Contact information: e-mail address
● Bank information: IBAN number, credit/debit card details
● Signature and photography
● Any information that may represent personal data included in the interactions with the Nordensa Platform
● Usage Data:
o When accessing the web version of the Nordensa Platform: the device’s Internet Protocol address (e.g. IP address), browser type, browser version, accessed pages of the Nordensa Platform, the time and date of the visit on the Nordensa Platform, the time spent on those pages, unique device identifiers and other diagnostic data.
o When accessing the Nordensa Platform via a mobile device: the type of mobile device, mobile device unique ID, the IP address of the mobile device, mobile operating system, the type of mobile Internet browser used, unique device identifiers and other diagnostic data.
o Data regarding Users’ interaction with the Nordensa Platform: likes, comments, information contained in the user profile.
We will collect personal data either directly from the Users (in the case of identification data, contact information or bank information) or automatically through technical means (in the case of usage data).
2. Purposes and legal basis for the processing of personal data
Name and e-mail address
Purpose: Managing your registration as a Registered User and to provide access to the functionalities of the Service (account creation)
Legal Basis: Performance of a contract concluded with you regarding the provision of our Services (as per the Terms and Conditions), pursuant to Article 6 para. (1) lit. b) of GDPR.
Data included in the User profile, interactions with the Nordensa Platform and information about those
Purpose: Providing the functionalities of the Nordensa Platform to Registered Users
Legal Basis: Performance of a contract concluded with you regarding the provision of our Services (as per the Terms and Conditions), pursuant to Article 6 para. (1) lit. b) of GDPR.
Name, surname, country of residence, bank information
Purposes:
● Providing Services through concluding a JV Agreement with the Users
● Identifying payments made by Users for validation purposes
● Administration of our Services
● Delivering the Nordensa Platform content, campaigns and interaction with Users
Legal basis: Performance of a contract concluded with you regarding the provision of our Services (as per the Terms and Conditions), pursuant to Article 6 para. (1) lit. b) of GDPR
Data included in identification documents including the photography
Purpose:
● Verifying the identify of Users prior to concluding a JV Agreement with the Users
Legal basis:
● Legitimate interest of Nordensa to ensure security of its business relationships, pursuant to article to Article 6 para. (1) lit. f) of GDPR
Contact information
Purposes:
● Managing the relationship with Users, including managing User requests and complaints and responding to those.
● Contacting Users by email or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products, or contracted services, including the security updates, when necessary or reasonable for their implementation.
● Providing users with news, special offers, and general information about other goods, services, and events which we offer that are similar to those that already purchased or enquired about, only when Users opted in to receive such information
Legal basis:
● Conclusion and performance of a contract regarding the provision of our Services pursuant to Article 6 para. (1) lit. b) of GDPR
● Legitimate interest of Nordensa to improve or modify the services offered and to manage its business pursuant to Article 6 para. (1) lit. f) of GDPR
Usage Data
Purposes:
● Delivering the Nordensa Platform content, campaigns, and interaction with Users
Legal basis:
● Performance of a contract concluded with you regarding the provision of our Services (as per the Terms and Conditions), pursuant to Article 6 para. (1) lit. b) of GDPR
Sharing personal data
1. Recipients of personal data
We will share your personal data with a limited number of third parties, in the following situations:
●Service Providers: payment processors, marketing providers, IT service providers, e-signature providers, e-mailing service providers, other providers of professional services (accountants, lawyers, consultants, auditors, professional advisors, etc).
We will share your personal data with Service Providers to monitor and analyze the use of our Service; show advertisements; help support and maintain our Service; to contact Users; to effectively manage our business and comply with regulatory requirements.
● Affiliates: Our joint venture partners
● Tax, governmental, judicial, and supervisory authorities
We will share your personal data to respond to requests from authorities and comply with our legal obligations.
Nordensa will ensure in advance that third parties enjoy confidence in ensuring the protection of personal data and, where applicable, that providers act on the basis of the express instructions of the Controller addressed through the agreements for the processing of personal data.
2. Transfers of personal data to third countries
Depending on the service providers used in order to enable the functioning or the features of the Nordensa Platform, your personal data will be transferred to certain non-EU countries – more specifically, the United States of America and the United Kingdom. The transfer of your personal data to a third country is performed pursuant to implementing legally appropriate safeguards for the protection of your personal data (e.g. either based on an adequacy decision based on article 45 GDPR or based on standard data protection clauses based on article 46 GDPR). You can request details of those safeguards by contacting us at [email protected].
Retention periods
The Company will retain personal data only for as long as it is necessary to achieve the purposes set out in this Privacy notice.
Personal data processed based on the contractual relations that Users have with Nordensa will be stored for the entire contractual period, as well as for a subsequent period of 3 years, calculated from the termination of the contractual relationship, unless longer storage periods are required by mandatory legal provisions. We will retain your data for a period longer than 3 years in the event of a complaint or if we have grounds to believe that there is a risk of a dispute in the relationship with you.
The financial-accounting data will be processed for a period of 10 years, as provided by the financial-accounting legislation in force.
After the expiry of such retention periods, we either delete or anonymize your personal data.
User rights regarding the processing of their personal data
The Company undertakes to respect the confidentiality of your personal data and to guarantee you can exercise your rights.
According to the provisions of the GDPR, you have the following rights:
● The right of access to personal data: you may obtain a confirmation that your personal data are processed by us, information regarding such personal data, as well as a copy of the personal data that we hold about you.
● The right to rectify personal data: you may ask us to correct the incomplete or inaccurate personal data that we hold about you
● The right to restrict the processing of personal data – in situations expressly regulated by law (e.g. if the accuracy of personal data concerning the User is contested, for the period necessary to verify their accuracy, etc.) the User may obtain the restriction of the Controller’s processing of personal data. Restriction of processing means that the Controller will limit itself to storing personal data and will not perform other processing operations except with the user’s consent or in other cases expressly reviewed by law (mainly for the establishment, exercise or defense of a right in court or for the protection of the rights of another natural or legal person).
● The right to delete personal data (“the right to be forgotten“) – in situations expressly regulated by law (e.g. in case of withdrawal of consent if there is no other legal basis for data processing or if it is found that the personal data are no longer necessary for the purpose for which they were collected or processed, etc.), you can get that data deleted.
● The right to oppose the processing of personal data – the User may oppose at any time, for reasons related to your particular situation, the processing by the Controller of personal data in certain cases expressly provided for by law (in particular, if the processing is based on the legitimate interest of the Controller). Also, where the processing of personal data is for the purpose of direct marketing, the data subject has the right to object at any time to the processing for that purpose of personal data concerning him or her, including the creation of profiles.
● The right to portability of personal data – in situations expressly regulated by law (respectively, if the processing of personal data is carried out by the controller by automatic means and has as a legal basis either the performance of a contract or consent), the User may receive, in a structured, machine-readable format, the personal data that have been provided to the Operator and may request that those data be transmitted to another operator.
● The right to withdraw the given consent – The User may withdraw at any time his/her consent to the processing of personal data by the Controller. Withdrawal of consent will only have effect for the future, with processing carried out prior to withdrawal still remaining valid.
● Additional rights related to automated individual decision-making – Nordensa does not take automatic decisions as a result of the processing of personal data concerning Users.
Users may exercise their above-mentioned rights at any time by submitting a written request (together with your contact details) and sending it in electronic format by mail at [email protected]. Such exercise is free of charge unless your request is clearly unfounded, repetitive, or excessive, cases in which we may charge a reasonable fee or we may refuse to act on the request.
We will resolve requests for the exercise of rights without undue delay and in any case no later than one month after receipt of the request. This period may be extended by two months where necessary. We will notify the User of the delay in solving the request, providing information on the deadline for response.
Moreover, you have the right to file a complaint with the National Data Protection Authority (in Romania – Autoritatea Nationala pentru Supravegherea Prelucrarii Datelor cu Caracter Personal) regarding any potential non-compliances pertaining to the processing of your personal data on the Nordensa Nordensa Platform.
Use of cookies
In order for the Nordensa Platform to function properly and offer its users all its features it must use cookies and other similar technical mechanisms assimilated to cookies that attain the same purposes. All details on the cookies that we use within Nordensa is provided in the Cookies Policy.
Contact Us
If you have any questions about this Privacy Notice, you can contact us:
By email: [email protected]