This Privacy Policy explains how Nordast Marinen OÜ (“Nordast,” “we,” “us”) collects, uses, and protects personal data submitted through the contact forms and email addresses on nordast.com, in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and Estonian data protection law.
Data controller:
Nordast Marinen OÜ
Valge tn 13, Kesklinna linnaosa, Tallinn, Harju maakond, 11415, Estonia
Estonian Business Registry code: 12058074
Email: contact@nordast.com
For any question about this policy or how we handle your data, or to exercise any of your data protection rights, contact us at contact@nordast.com.
This policy applies to:
It does not apply to third-party websites we may link to.
When you use a contact form on nordast.com, we collect the information you enter, which currently includes:
If you contact a department address directly by email instead of using the form, we collect whatever personal data is contained in that email and its attachments (e.g., your name, email address, signature details, and message content).
We may also automatically collect limited technical data when you visit the site (e.g., IP address, browser type, device type, pages visited), generated in the ordinary course of operating the site by our hosting and analytics tools.
We do not knowingly collect any special categories of data (health, religion, biometric data, etc.) through these forms, and we ask that you do not include such information in your messages.
| Purpose | What we do | Legal basis (GDPR Art. 6(1)) |
|---|---|---|
| Responding to your inquiry | Reviewing your message, routing it to the right department, replying with next steps | (b) necessary to take steps prior to entering into a contract, and/or (f) our legitimate interest in responding to business inquiries |
| Managing the business relationship | If your inquiry becomes a quote, order, or service engagement, using your contact details to deliver it | (b) performance of a contract |
| Internal record-keeping | Keeping a record of past inquiries and communications for quality, continuity, and accounting purposes | (f) legitimate interest in maintaining accurate business records; (c) legal obligation, for records that must be kept under Estonian accounting law |
| Preventing misuse | Basic spam/abuse filtering on form submissions | (f) legitimate interest in keeping our systems secure |
We do not currently use your data submitted through these forms for marketing communications (e.g., adding you to a newsletter) unless you separately and explicitly opt in to that. If this changes, we will update this policy and the relevant form to make that clear at the point of collection.
We do not carry out automated decision-making or profiling based on the data collected through these forms.
Your data is accessible to Nordast staff in the department relevant to your inquiry (Systems, Parts, Mechanics, Electronics, or General/Management), on a need-to-know basis.
We also share data with service providers who process it on our behalf (“processors”), strictly to operate our website and communications:
Elementor, Elementor Pro, and Brizy are page-building tools used to design the site; in the configuration described, they do not independently transmit visitor personal data off our server. Code Snippets, Disable Gutenberg, One User Avatar, CMS Portal, SWA Import Export Special, Theme Core Options, and Hello Dolly are administrative/development tools and do not process visitor personal data.
We do not sell personal data, and we do not share it with third parties for their own marketing purposes.
We may disclose data where required by law, for example in response to a valid request from a court or regulator.
Our website hosting (Namecheap, EasyWP) runs on an EU data center, so hosting itself does not involve a transfer of data outside the EEA.
Some of our other processors are based outside the European Economic Area (EEA), in the United States:
Where personal data is transferred to these providers, the transfer is protected by an adequate safeguard recognized under GDPR Chapter V — such as Standard Contractual Clauses (SCCs), or the provider’s certification under the EU-U.S. Data Privacy Framework where applicable.
After these periods, data is deleted or anonymized, unless a longer retention period is required to comply with a legal obligation or to establish, exercise, or defend a legal claim.
Under GDPR, you have the right to:
To exercise any of these rights, email contact@nordast.com. We will respond within one month, as required by GDPR.
nordast.com uses the following categories of cookies:
We do not currently use advertising or retargeting cookies (e.g., Meta Pixel, LinkedIn Insight Tag).
You can give, decline, or withdraw your consent to analytics cookies at any time through the Cookie Banner, accessible via the link in the site footer.
A detailed table of individual cookies, their purpose, and their retention period should be published as a separate Cookie Policy, linked from the Cookie Banner.
We take reasonable technical and organizational measures to protect the personal data you submit, including access restrictions and secure handling of email and form data. No system is 100% secure, but we work to keep your data protected against unauthorized access, loss, or misuse.
Our services are directed at businesses and professionals in the maritime industry. We do not knowingly collect personal data from children, and our forms are not intended for use by anyone under 18.
We may update this policy from time to time, for example if we change our tools, add new forms, or as required by law. The “Last updated” date at the top will reflect the latest version. Material changes will be reflected on this page.
Nordast Marinen OÜ
Valge tn 13, Kesklinna linnaosa, Tallinn, Harju maakond, 11415, Estonia
Email: contact@nordast.com