Last updated: December 1, 2025
1. Data Controller / Data Owner
NORDS OYUN YAZILIM VE PAZARLAMA ANONIM SIRKETI
For GDPR: Data Protection Officer (if applicable) can be reached at info@nords.ai.
2. Categories of Personal Data Collected
- Identity data
- Contact data
- Account credentials
- Usage data
- Technical logs and device information
- Commercial and interaction data related to Nords AI services
- No special category data is intentionally collected
3. Methods of Collection
- Direct submission through registration or forms
- Automated collection through service usage
- Business correspondence and support requests
4. Purposes of Processing and Legal Bases
- 4.1 Contract performance: account creation, service delivery, authentication, customer support
- 4.2 Legitimate interest: service maintenance, security monitoring, fraud prevention, analytics
- 4.3 Legal obligation: record keeping, compliance with authorities
- 4.4 Consent: marketing communications when required
5. Use of Data
- Operating Nords AI services
- Maintaining user accounts
- Providing technical and administrative communication
- Improving product functionality and security
- Marketing only if user has consent or lawful interest exists
6. Data Sharing
Shared only with:
- Service providers under contractual safeguards
- Legal authorities when required
- Corporate transactions (merger or acquisition) with notice
Data is never sold. Under CCPA/CPRA: Nords AI does not "sell" or "share" personal information as defined by law.
7. International Data Transfers
If data is transferred outside Türkiye or the European Economic Area:
- Standard Contractual Clauses (GDPR) and equivalent safeguards are applied
- Cross-border transfers follow KVKK Board rules
8. Retention Policy
- Data is retained only for the duration necessary for processing purposes
- If no lawful need remains, data is deleted or anonymized
- Backups are isolated and deleted on cycle completion
9. Rights Under GDPR
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction
- Right to data portability
- Right to object
- Right not to be subject to automated decision-making
Complaints may be submitted to the relevant EU supervisory authority.
10. Rights Under KVKK
- Right to learn if data is processed
- Right to request information
- Right to learn processing purpose
- Right to know third parties receiving data
- Right to request correction
- Right to request deletion or anonymization
- Right to object to profiling
Applications made to: info@nords.ai
11. Rights Under California Law (CCPA/CPRA)
Consumers have the right to:
- Access categories and specific pieces of personal information
- Request deletion
- Request correction
- Opt out of sale or sharing (Nords AI does not sell or share)
- Limit use of sensitive personal information (Nords AI does not process sensitive categories)
Submit requests via info@nords.ai
12. Security Measures
Appropriate technical and organizational controls are applied including access controls, encryption in transit, audit logging and data minimization.
13. Children's Privacy
Services are not intended for individuals under 18. If minor data is detected it is deleted immediately.
14. Automated Decision Making
Nords AI does not perform automated decisions that produce legal or similar significant effects on users.
15. Updates to This Policy
Policy may be updated. "Last updated" date will be revised. Continued use of services constitutes acceptance of changes.
16. Contact
For any request related to this policy or your data rights: info@nords.ai