Integrity policy

Welcome to Nordkap’s page about our processing of personal data This page will help you make a well-informed decision about your relationship with us.

What is GDPR?

EU’s new General Data Protection Regulation (GDPR) comes into effect on 25 May 2018. This regulation poses stricter requirements for the processing of personal data. The GDPR replaces the Swedish Personal Data Act (PUL), and it affects all companies that collect, process, store and distribute data that can be connected in one way or another to an individual, both structured and unstructured data (such as e-mail).

The difference between the Swedish Personal Data Act and the GDPR can be briefly described as being that companies no longer have the right to own personal data, but rather the data now, and the companies must show what they are using the personal data for.

The data protection regulation applies only to natural persons, no legal entities, whose data is processed within the EU. However the new regulation also applies to legal entities outside the EU who do business in the EU.


Personal data about you that we process

The personal data about you that we process as personal data are your login information, name, title, e-mail address, company address, your company’s IP address, your telephone number and any personal data in messages that you have chosen to send to us. Information on what cookies are and how we use cookies is described on our cookie policy page on our website.


Purposes and legal grounds for processing of your personal data

We process your personal data for the following purposes, with the support of agreements or a balancing of interests.

For Nordkap to be able to fulfil its agreements with its customers and partners for access to our services; to notify you about current and important system-related events, such as that our service desk will contact you with questions if they have any.


Where we obtain your data

We process your personal data that you share with us when:

  • you order the service
  • you use
  • you receive login information and become a user of the service
  • you sign up for one of our classes or events
  • you have a question and/or contact us
  • you visit our website and accept cookies
  • you contact us via e-mail
  • you use one of our web widgets
  • you sign up for a newsletter
  • you follow us on social media
  • you submit your data in a form on our website
  • you have initiated a process to be our customer/partner/supplier
  • you have begun a recruitment process with us

Who may gain access to your personal data?

We do not share your personal data with any third parties unless this is necessary to deliver our services and fulfil our agreements. You personal data may be shared with parties that process personal data on our behalf, known as “processors”. These processors do not have the right to use the data for any purpose other than performing their assignment to manage the systems below on our behalf.

The company Hubspot Inc operates and supports Nordkap’s CRM system, where your data are stored.

The company Microsoft manages Nordkap’s IT environment by supplying, maintaining, operating and supporting the company’s IT structure.

The company Oneflow operates and supports Nordkap’s contract system where logs of any reviews and signing of agreements are stored.

The company Zendesk Inc (Privacy shield) operates and supports Nordkap’s service system, where inquiries you may have about Nordkap are stored.

The company Google Inc (Privacy shield), which supplies, operates and supports the company’s e-mail programme as well as analysis of website data. For outstanding access to information about your IP address, also see our Cookie policy.


Transfer of personal data to third countries.

We, our suppliers and our partners only process your personal data within the EU/EEA as a rule.


How long do we retain your personal data?

We never process your personal data for a period longer than allowed according to applicable law, regulation, practice or official decision. Initially we process personal data that we process in order to fulfil our agreement with your employer while this is necessary for us to administer the contractual relationship, exercise our rights and fulfil our obligations to you. However we may save your personal data for a longer period in order to comply with legal requirements or because we have the right to do so according to a balancing of interests.


Your rights

In accordance with applicable data protection legislation, you have the right to receive information on which personal data about you we process. Under certain circumstances you also have the right to request correction, erasure or limitation of your personal data, or to object to our processing.

If you have any complaints concerning our processing of your personal data, you have the right to lodge a complaint with the Swedish Data Protection Authority or another supervisory authority that supervises processing of personal data by companies.


Contact us

If you wish to exercise your rights according to the above, or you otherwise wish to contact us due to our processing of your personal data, please contact us by e-mail at or by telephone at +46 (8) 649 55 50.