Privacy Notice
Last updated: 22/05/2026
1. Who we are
AddonNordic ApS ("we", "us"), a private limited company registered in Denmark, provides the Nordic Data API. We are the data controller for personal data we collect from you when you use our website, sign up for an account and use the API.
- Legal name: AddonNordic ApS
- CVR: 46495985
- Registered address: Solvangen 15, 9210 Aalborg SØ, Denmark
- Contact: contact@addonnordic.dk
2. Personal data we collect
- Account data — email, password hash, company name, contact person.
- Billing data — handled by Paddle (see below); we receive customer ID, plan, status and country.
- API usage data — API key identifier, request counts, timestamps, and endpoint called; used for quota enforcement and abuse prevention.
- Support data — the contents of emails you send us.
- Technical data — IP address, user agent and basic log information when you visit the site or call the API.
3. Why we use it (legal basis)
- Provide the Service and your account — performance of a contract.
- Bill you and prevent fraud — legitimate interests and legal obligation.
- Secure the Service and enforce quotas — legitimate interests.
- Reply to support — performance of a contract / legitimate interests.
- Comply with legal obligations (e.g. accounting).
4. Sharing
We share personal data only with:
- Paddle — our Merchant of Record. Paddle handles the sale, payment processing, tax compliance, invoicing and subscription management. See Paddle's privacy notice.
- Hosting and infrastructure providers processing data on our behalf under written agreements.
- Professional advisers (legal, accounting) where necessary.
- Authorities where required by law.
5. International transfers
Some of our processors are located outside the EEA. Where this is the case, transfers are protected by EU Standard Contractual Clauses or an applicable adequacy decision.
6. Retention
We keep account and usage data for as long as your account is active and for up to 24 months afterwards for security, audit and dispute purposes. Billing records are kept for the period required by tax law (typically 5 years). We delete or anonymise data when it is no longer needed.
7. Your rights
You have the right to access, rectify, erase, restrict or object to processing of your personal data, the right to data portability, the right to withdraw consent, and the right to lodge a complaint with your local data protection authority (in Denmark, Datatilsynet). We aim to respond within one month.
8. Security
We apply appropriate technical and organisational measures — including encryption in transit, access controls and least-privilege database policies — to protect your data.
9. Cookies
We use only strictly necessary cookies to keep you signed in and to run the checkout. We do not use third-party advertising or tracking cookies.
10. Contact
For privacy questions or to exercise your rights, email contact@addonnordic.dk.