Privacy Policy

At Norelum, we respect your privacy and are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable European data protection laws.

1. General Information

This Privacy Policy explains how Norelum ("we", "us", or "our") collects, processes, and protects your personal data when you visit our website, use our services, or interact with us.

Norelum acts as a Data Controller for our marketing website visitors and inquiries. When performing custom software engineering or data-related services on behalf of our clients, Norelum acts as a Data Processor, and a standard Data Processing Addendum (DPA) governs those operations.

2. Data We Collect

We process different types of personal data depending on your interaction with us:

  • Contact Data: Name, business email address, company name, phone number, and any information you provide when scheduling a discovery call or emailing us.
  • Technical Data: IP address, browser type, operating system, and basic analytics data gathered via modern headless analytics engines during your site visit.
  • Cookie Data: Details stored in local cookies to remember your consent preferences.

3. Purposes of Processing

We process your personal data strictly for the following purposes:

  • To schedule and conduct discovery calls and process inquiries
  • To provide, secure, and improve our website and premium services
  • To comply with our legal and accounting obligations in Sweden and the European Union
  • To protect against security incidents or unauthorized activities

4. Legal Grounds (GDPR Article 6)

We process personal data only when we have a valid legal basis:

  • Consent: When you voluntarily submit forms, opt-in to non-essential cookies, or choose to schedule a call.
  • Contract Performance: To take necessary steps prior to entering into a professional service agreement.
  • Legitimate Interests: To secure our infrastructure, prevent fraud, and run basic performance analytics on our digital assets.

5. Cookies & Tracking Technologies

We believe in a fast, privacy-first web experience. We do not use intrusive advertising tracking networks. We use essential session cookies only to store your visual preferences and cookie consent status.

You can manage or revoke your consent preferences at any time. Essential system cookies do not track you across the web and are deleted automatically when you close your browser.

6. Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, or to comply with European statutory retention requirements (such as Swedish tax law, which requires certain business records to be stored for 7 years).

7. Your Rights under GDPR

As a European resident, you hold full legal rights under the GDPR regarding your personal data:

  • Right of Access: You can request a copy of the data we hold about you.
  • Right to Rectification: You can request corrections to inaccurate data.
  • Right to Erasure ("Right to be Forgotten"): You can request deletion of your data under specific conditions.
  • Right to Restrict or Object: You can object to processing based on legitimate interests.
  • Right to Data Portability: You can request transfer of your structured data to another provider.

To exercise any of these rights, please email us directly at hello@norelum.com.

8. Contact Information

For questions or requests regarding your privacy and our compliance with European digital guidelines, please contact us:

Norelum
Stockholm, Sweden
Email: hello@norelum.com