Privacy Policy

Last updated: May 25, 2026

Effective from: May 17, 2026

Version 1.0

1. Introduction

ClearNord AS respects your privacy and is committed to protecting personal data.

This privacy policy explains what personal data we collect, why we collect it, how we use it, who we share it with, how long we retain it, and what rights you have.

ClearNord processes personal data in two different roles:

  • As the person responsible for treatment: When we determine the purpose and means of processing personal data. This applies to website visitors, individuals who contact us, individuals who book meetings, business contacts, suppliers, contractors, and customer representatives.

  • As a data processor: When we process personal data on behalf of a client. This can happen when a client sends us documents or information for translation, linguistic compliance review, AI governance consulting, or related services. In these cases, the client remains the data controller, and ClearNord acts as a data processor.

This statement primarily describes our activities as a data controller. Our activities as a data processor are summarized in point 11.

2. Who We Are

ClearNord AS

Business Address: Karl Johans gate 25, 0159 Oslo, Norway

Organization number: 936 547 435

Data Protection Contact Person: privacy@clearnord.no

General contact: support@clearnord.no

ClearNord AS is the data controller for the processing described in this statement, unless otherwise stated.

3. What personal data we collect

We only collect personal data that is necessary for the purposes described in this statement.

Website visitors

When you visit clearnord.no, we may process:

  • IP address

  • Network type and device information

  • Visited pages

  • Referrer URL

  • Time and date of visit

  • Cookie Consent Choice

  • Basic security logs for the website

We use Matomo for website analytics and Complianz for cookie consent management. More information is available in our Cookie Policy.

Contact forms, email, and meeting bookings

When you contact us or book a meeting, we may process:

  • Name

  • Email address

  • Organization

  • Role or title

  • Telephone number, if provided

  • Message content

  • Date, time, and time zone of the meeting

  • Information you provide in the booking form

We use Cal.eu for meeting booking. Meetings are held through Microsoft Teams. We use Microsoft 365 services for email, meetings, documents, collaboration, and internal operations.

Business contacts and potential customers

We can process:

  • Name

  • Work email address

  • Work phone number, if provided or publicly available

  • Employer and role

  • LinkedIn or public professional profile, if relevant

  • Notes from meetings or conversations

  • Communication History

This information may come directly from you, official professional sources, referrals, events, or general business communications.

Customers and customer contacts

For customers and customer representatives, we can process:

  • Name

  • Work email address

  • Work phone number

  • Role or title

  • Organization details

  • Contract and Project Information

  • Invoice details

  • Communication History

  • Service Delivery History

Personal data found in customer documents is handled in our capacity as a data processor, as described in section 11.

Suppliers and contractors

For suppliers, contractors, proofreaders, consultants, and service providers, we can process:

  • Name

  • Contact Information

  • Role or company

  • Contract information

  • Invoice and payment information

  • Communication History

Job seekers

If we recruit employees or contractors, we may process application-related information such as CVs, applications, contact details, references, interview notes, and related recruitment documents. We may provide a separate privacy statement for applicants in connection with recruitment.

4. Why we use personal data

We process personal data for the following purposes:

  • Operating, securing, and improving our website

  • Responding to inquiries

  • To schedule meetings

  • To deliver services to customers

  • Customer relationship management

  • To prepare contracts, offers, and invoices

  • Managing suppliers and contractors

  • Fulfilling accounting, tax, legal, and regulatory obligations

  • To safeguard our rights and defend against legal claims

  • Managing cookie consents and preferences

  • Understanding basic website use through privacy-neutral analysis

We do not sell personal information.

We do not share personal data with advertising networks.

We do not use customer data to train AI models for general resale.

5. Legal basis for processing

We process personal data on the basis of the following provisions in the General Data Protection Regulation (GDPR):

  • Agreement or Pre-contractual Measures When we respond to inquiries, prepare quotes, deliver services, manage meetings, or collaborate with suppliers and contractors.

  • Legal obligation When we need to store accounting documentation, respond to legal orders, or comply with tax and regulatory requirements.

  • Legitimate interest When we operate and secure our website, manage business contacts, communicate with organizations, maintain documentation, and protect our legal interests.

  • Consent This is required, for example, for non-essential cookies, certain analytics settings, or direct marketing where consent is required.

You can withdraw your consent at any time if the processing is based on consent.

6. Analytics and Cookies

ClearNord uses Matomo Cloud for website analytics and Complianz for cookie consent management.

Matomo is configured in cookieless mode, and IP anonymization is enabled. We use Matomo to understand basic website usage, such as page visits and traffic patterns. We do not use analytics for advertising, behavioral profiling, or cross-site tracking.

Complianz is used to manage consent for cookies and related information. Consent documentation is stored locally on our website.

Details about cookies, analytics configuration, consent, and how to change your choices can be found in our Cookie Policy.

7. Service Providers

We use trusted service providers to operate our website and business.

These include:

SupplierPurposeNotes
Microsoft 365Email, Microsoft Teams meetings, SharePoint, Microsoft Lists, Microsoft Forms, Power Automate, OneDrive, document management, collaboration, and internal operationsOur Microsoft tenant is configured with Norway as the data region
Cal.euMeeting bookingUsed for scheduling only. Meetings are held in Microsoft Teams
Matomo CloudWebsite analysisConfigured in cookie-less mode with IP anonymization enabled
ComplianzCookie Consent ManagementConsent documentation is stored locally on our website
HostingerWebsite hosting and technical infrastructure, based in the EUUsed to operate clearnord.no
Accounting, legal, and consulting servicesBusiness management, legal assessment, bookkeeping, and professional adviceUsed where necessary for business operations

 

Where required, these vendors are bound by agreements that restrict how they can process personal data.

We do not sell personal data. We do not share personal data with advertising networks. We do not use customer data to train AI models for general resale.

8. International data transfers

ClearNord's standard approach is to use services based in or configured for the EU/EEA where practically possible.

Our Microsoft 365 tenant is configured with Norway as the data region. Cal.eu is used for meeting booking, and Microsoft Teams is used for the actual meeting execution. Matomo Cloud is used for analysis in a cookie-less mode with IP anonymization enabled. Complianz consent documentation is stored locally on our website.

Some service providers may be part of international groups or involve user support, technical access, or processing from locations outside the EEA. If personal data is transferred outside the EEA, we will use appropriate safeguards in accordance with Chapter V of the GDPR, such as adequacy decisions, EU Standard Contractual Clauses, the EU-U.S. Data Privacy Framework where applicable, or other lawful transfer mechanisms.

9. Data Security

We use technical and organizational measures designed to protect personal data.

This includes:

  • Access control

  • The principle of least privilege

  • Multi-factor authentication where supported

  • Encryption in transit

  • A Microsoft 365 tenant configured with Norway as the data region

  • Microsoft Teams for meetings

  • SharePoint, Microsoft Lists, Microsoft Forms, Power Automate, Outlook, and OneDrive for controlled operational workflows

  • Controlled document management

  • Internal access restrictions

  • Evaluation of Service Providers

  • Backup and restore procedures

  • Incident Management Procedures

If we become aware of a personal data security breach that is likely to result in a risk to the rights and freedoms of individuals, we will handle the incident in accordance with the requirements of the GDPR, including notification to the Norwegian Data Protection Authority and the affected individuals where required.

10. How long we store personal data

We store personal data only as long as it is necessary for the purposes described in this statement, unless a longer retention period is required by law.

Typical storage periods include:

  • Website security logs: Up to 90 days

  • Cookie Consent Documentation Up to 2 years

  • Inquiries and meeting documentation: Up to 2 years from last contact

  • Business contacts: Up to 3 years from last meaningful contact, unless you object to the processing earlier

  • Customer contracts and accounting documentation: According to the requirements of Norwegian accounting and bookkeeping legislation

  • Supplier and contractor documentation: As long as it is necessary for contractual, accounting, and legal purposes

  • Recruitment Documentation: Normally up to 6 months after the hiring process has concluded, unless you consent to longer retention

The customer's project data is handled in accordance with the relevant contract and data processing agreement.

11. Customer Documents and the Role of the Data Processor

When ClearNord processes customer documents or project information on behalf of a customer, the customer is normally the data controller and ClearNord is the data processor.

This may include documents sent to us for:

  • AI Governance Consulting

  • Implementation Planning for Responsible AI

  • Review of linguistic compliance

  • Pilot projects for translation workflow

  • Human quality-assured translation

  • Terminology or quality review

  • Related consulting services

In this role:

  • Do we only act according to the customer's documented instructions

  • Are we only using the data to deliver the agreed-upon service

  • Are we not using customer data to train AI models

  • Are we limiting access to people who need it for the mission?

  • Are we using Microsoft 365 services for controlled document management, including Microsoft Forms, SharePoint, Microsoft Lists, Power Automate, Outlook, Teams, and OneDrive where appropriate?

  • Is our Microsoft tenant configured with Norway as the data region

  • Do we delete or return customer data in accordance with the contract and the data processing agreement?

  • Do we assist the customer in answering inquiries from registered users when required?

The detailed terms and conditions are set out in the data processing agreement signed with the customer before processing commences.

If your personal data appears in documents sent to ClearNord by a customer, you should normally contact that customer to exercise your rights. We will assist the customer as needed.

12. How we use AI

ClearNord specializes in AI-powered translation, language workflows, and management consulting. We take a cautious approach when personal data is involved.

Our principles are:

  • We do not use public consumer AI tools to process customer documents containing personal data. Any exceptions will require customer written instructions, a legal assessment, documented security measures, and appropriate contractual terms.

  • We do not allow customer data to be used for AI model training.

  • We use human quality assurance for translations and language-related deliverables where quality, context, tone, legal meaning, or risk associated with public communication is of importance.

  • We do not make decisions based solely on automated processing, which have legal or similarly significant effects on individuals.

  • Given that AI processing can pose a high risk to individuals, we are considering whether a Data Protection Impact Assessment (DPIA) is necessary.

Our AI tools, infrastructure, and sub-processors may change as ClearNord evolves. We will update this statement and our customer agreements as needed.

13. Your Rights

You have rights under the GDPR and the Norwegian Personal Data Act.

Depending on the situation, you may be entitled to:

  • Request access to your personal data

  • Correction of incomplete or incorrect information

  • Cancel delete

  • Limit treatment

  • Objecting to processing based on legitimate interests

  • Withdraw consent

  • Data portability

  • Object to direct marketing

  • Do not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you

To exercise your rights, contact us at:

privacy@clearnord.no

We normally reply within one month. If a request is complex, we may extend the response period in accordance with GDPR.

We may ask you to confirm your identity before we answer your request.

14. Complainant

If you believe we have not handled your personal data correctly, you can contact us at:

privacy@clearnord.no

You also have the right to complain to the Norwegian Data Protection Authority.

15. Data Protection Contact Point

ClearNord has not appointed a formal Data Protection Officer (DPO) at this time. Based on our current size, services, and processing activities, we assess that a formal appointment of a Data Protection Officer is not mandatory at present.

We consider this on an ongoing basis as our services, customers, and processing activities evolve, especially if we start processing sensitive personal data or special categories of personal data on a larger scale.

Privacy issues are handled by:

Adam Taha, General Manager

privacy@clearnord.no

16. Barn

Our website and services are not directed at children. We do not knowingly collect personal information from children through our website or our contact forms.

If you believe a child has provided personal data to us, please contact us at privacy@clearnord.no.

17. Changes to this statement

We may update this privacy policy when our services, tools, suppliers, or legal obligations change.

The latest version will always be available at clearnord.no. The «Last updated» date shows when the declaration was last changed.

In the event of significant changes that affect customers or ongoing services, we will provide notice where required.

18. Contact

ClearNord AS

Karl Johans gate 25

0159 Oslo

Norway

Organization number: 936 547 435

Data Protection Contact Person: privacy@clearnord.no

General contact: support@clearnord.no

Regulatory authority The Data Inspectorate

Website datatilsynet.no