Privacy and Cookie Policy (“Policy”) 

Last updated: 22 July 2021 

Background 

The EU General Data Protection Regulation (EU GDPR), which came into force in 2018, is a change for many companies, including NODA Intelligent Systems AB. We do not only see it as a legal requirement but an opportunity for us to review internal processes and implement appropriate technical and organisational measures that strengthen our business. 

In the process of reaching compliance with the EU GDPR, we have been able to both increase operational efficiency and improve customer value. 

Data Controller 

NODA Intelligent Systems AB (“NODA”, “we”, “us”, “our”) is a data controller of personal data (“Data”). At NODA, we take your privacy very seriously and ensure that all applicable data privacy regulations are observed. In this section, you can learn about how we process your Data when you use www.noda.se (“Site”), or products and services offered by NODA (“Solutions”). 

This Policy does not apply to third-party applications, websites, products, services, or platforms that may be accessed through links that we provide to you. These third parties are owned and operated independently from us and have their own separate privacy and data-collection practices. Any personal data that you provide to these third parties will be governed by the third party’s own privacy policy. We cannot accept liability for the actions or policies of these independent third parties, and we are not responsible for the content or privacy practices of such sites. 

About NODA 

With its background in data science, NODA was founded in 2005. The headquarters is situated at NetPort Science Park in Karlshamn, Sweden, with additional offices in Malmö, and partners in Belgium, Germany, Poland, France, and the UK. NODA has a long history of AI-based innovation in district heating and cooling and has been a core technology partner in numerous international research projects. By providing the energy sector with its know-how, NODA is at the forefront of designing the new sustainable energy landscape. 

NODA has been awarded numerous prizes and awards for its innovative and groundbreaking products and services. 

Currently, NODA offers three primary Solutions: NODA Heat Network; NODA Building; and NODA Knowledge. More information can be found at www.noda.se. 

Categories of Personal Data 

Depending on your interaction with NODA, we may process different categories of your Data. 

Of clients of our Solutions, the categories of Data that we may process include: 

  • Contact name 
  • Work postal address 
  • Work email address 
  • Work telephone number 
  • Payment information 

Of end-users of our Solutions, the categories of Data that we may process include: 

  • Location (IP address, subsequently anonymised) 
  • Name 
  • Postal address 
  • Email address 
  • Telephone number 

Additionally, when submitting feedback or error forms, you may be asked to provide your name, contact information, feedback or error message, and the identification number of the product in question. 

This Data is collected when you register or use our Solutions or Site, submit feedback or booking forms, from public records, and through direct correspondence between NODA and yourself. 

Furthermore, when photographing or blueprinting space in preparation of product installation, NODA takes special care to avoid confidential and/or personal areas.  

Purpose 

NODA processes your Data in order to be able to provide to you in completion our Solutions in accordance with your wishes, to improve and expand our Solutions, for aggregated research purposes, to communicate with you, to screen for potential risk or fraud, and, when in line with the preferences that you have indicated, to provide you with advertisement or promotional material. 

NODA’s sensors do not directly collect personal information, instead only measuring temperature and related metrics within a space. Although this data could theoretically be associated with a tenant of the space, the risk to privacy is very low; using our methods, the data is considered to have been acceptably pseudonymised for compliance with applicable privacy legislation and is often subsequently aggregated. Only aggregated data is used for further research purposes. 

Data Retention 

Unless required by law, Data is retained for up to 24 months after your last interaction with NODA, after which it is erased or anonymised. Interaction with NODA includes, for example, using our Site or Solutions, or opening marketing communications from us. 

Employment Applications 

For both published vacancies and open applications, our recruitment process may involve the processing of the following categories of Data of our applicants: name; postal address; e-mail address; telephone number; government-issued identification; references and CVs. This Data is retained for up to 24 months after the application date, or for as long as we have a legitimate business need for it. This Data is collected from public records, third-party recommendations and referrals, and through direct correspondence between NODA and yourself.  

Third Parties and Countries 

NODA may share your Data with affiliated companies with which NODA has partnered in order to provide to you a greater set of services, and with trusted third-party service providers as necessary for them to perform services on our behalf, such as: 

  • Cloud data storage 
  • Processing payments 
  • Product development 
  • Product installation 
  • Cybersecurity 
  • Market research 
  • Serving advertisements and conducting surveys 
  • Communicating with you, such as by way of email or survey delivery 
  • Legal consultancy 
  • Customer relationship management, including social media 
  • Support and related services 

As often as is appropriate and practical, third parties are only provided with anonymised data (through which individuals cannot be identified) and are obligated not to disclose or use the information for any purposes other than those listed above. 

When NODA transfers Data outside of the EU, we check that the third country meets the requirements of applicable data privacy legislation and make the necessary contractual arrangements to ensure third-party compliance. NODA does not sell your personal data. 

For a full list of our third parties, please send your request to info@noda.se. 

Cookies 

cookie is a small text file that the website or application that you are visiting requests to save on your device. They are widely used in order to make websites and applications work, or work more efficiently, as well as provide information to the owners of the site or app. 

NODA uses essential and functional cookies, allowing you to effectively navigate and use our Site and Solutions, including setting language preferences and saving login information. 

Your consent is needed in order for NODA to collect functional cookies; you can at any time revoke your consent by adjusting your browser’s cookie settings or contacting us at info@noda.se. Only cookies that are required for the overall function of our Site and Solutions cannot be disabled. Every 12 months, we will ask for you to reaffirm your consent to our cookie collection. 

PTS, Sweden’s supervisory authority in the field, provides additional information about cookies on its website, pts.se. 

For information on how to manage your browser’s cookie settings, follow these links: 

Cybersecurity 

NODA protects your Data using technical and organisational security measures. In order to prevent unauthorised access and ensure data accuracy, we have implemented strict guidelines for the organisation regarding the processing of personal data. 

All user-account passwords are hashed and salted, and user-based access to NODA’s systems is conducted using HTTPS. Maintenance access to NODA’s systems employs SSH bastion connectivity, and staff devices are protected with appropriate firewalls. 

Your Rights 

Under the EU General Data Protection Regulation (EU GDPR), you have the right to transparency in how your Data is processed. This means that you can at any time: 

  • Request an extract of what Data we process about you, 
  • Request that we correct any Data that is incorrect, 
  • Request that we erase your Data, 
  • Request that we limit how your Data is used, 
  • Object to the processing of your Data that we deem legitimate, 
  • Request to have your Data transferred from NODA’s system to another body, i.e. data portability, and 
  • Revoke previously granted consent to any of our personal data processes. 

If you would like to request any of the above, please contact us at info@noda.se. 

You are entitled to contact Sweden’s data protection authority, Integritetsskyddsmyndigheten (IMY), to file a complaint if you are dissatisfied with how NODA processes your Data. 

More information about the EU GDPR can be found at imy.se and ec.europa.eu. 

Changes to NODA’s Privacy Policy 

NODA may periodically update this Policy in order to accurately reflect changes to operations, or for regulatory reasons. When this happens, we will inform you by reasonable correspondence – for example, by email and on our Site. 

Contact Information 

If you have questions about how NODA processes your personal data, or the contents of this Policy, you can at any time email info@noda.se.