The General Privacy Policy describes the privacy practices of Nord’s Business Services, applications, and Website which also apply to the NordLocker Business product. Nevertheless, the provision of Services related to NordLocker Business ("NordLocker Business Services") also involves the processing of additional personal data. Please read more information below.

1. GENERAL REMARKS

   NordLocker Business has no technical means to access the organization’s encrypted files stored at the NordLocker Business account. They are securely protected by the Master Password that is known only to account holders.
2. ADDITIONAL NOTICE TO END USERS WHEN USING NORDLOCKER BUSINESS SERVICES

   When the End Users use the NordLocker Business account provided by an organization, that organization can:

   • Control and administer the End User’s NordLocker Business account, including controlling privacy-related settings and/or features.
   • Access and process End User’s personal data within the NordLocker Business account, including the interaction data, diagnostic data, and the contents of their communications with us.
   • Suspend or delete the End User’s NordLocker Business account and, in that case, limit/revoke access to the End User’s uploaded documents/files.
   • Grant or revoke access that allows End Users to share data (documents, files) inside or outside the organization.
   • Recover suspended End Users’ files, i.e., preview and download files (without possibility to move, rename or delete it). This function can only be implemented by End Users having ”owner” rights.

   File change history. If this feature is made available to you, we will collect information on the status of your files, so you can see who and when encrypted, shared, or edited a file.

   Granting access to Customer Files. In case of granting access to Customer Files to any third party – personal data such as email address may be disclosed to the recipient. Please note that NordLocker Business is not responsible or in control of personal data made available by the End User.
3. NORDLOCKER BUSINESS AS A DATA CONTROLLER

   In addition to the information provided in the General Privacy Policy, we process the following data as a data controller when you use NordLocker Business Services or visit our Website:

   • Application diagnostics. This aggregated and anonymized data helps us identify problems related to our app performance and updates. The collected non-identifying information such as crash error reports, model of device, operating system version, and information on which item you clicked on when the error occurred.
   • Anonymized app usage statistics. We collect aggregated statistical information about the activity of the NordLocker Business account - the type and amount of files encrypted and the date of encryption and sharing. This analytical information provides knowledge on how this app is being used so we can improve the user experience and the app itself.
   • Device information. Such information is logged automatically and may include a browser type, operating system version, and similar non-identifying information. We may use this information to monitor, develop, and analyze the use of NordLocker Business Services.

   Granting access to Customer Files. NordLocker Business allows to grant access to Customer Files to any person, regardless of whether the receiving person uses NordLocker Services or not. In the event End User of NordLocker Business Services granted you access to Customer Files via locker or via link (URL) – Nord process the following data of yours: IP address, which allows us to identify your geolocation, NordLocker Business platform and its version (if in use), browser type and browser version, OS, session ID, device screen resolution and its type, and events (such as clicks and errors). This data is processed by NordLocker Business in order to develop and ensure the operation of the Services. We do not share this information with access to Customer Files grantor. Please note that when you are granted rights to access Customer Files – NordLocker Business has no technical means to access, see, or review Customer Files stored in the NordLocker Business locker or shared with any third party as detailed in the NordLocker Business Additional Terms.