NordPass Business and NordLocker Business

Data Processing Agreement

NordLayer

NordPass Business Privacy Notice

Effective from: January 3, 2024

  1. GENERAL REMARKS
    1. ADDITIONAL NOTICE TO END USERS WHEN USING NORDPASS BUSINESS SERVICES
      • Control and administer the End Users’ Vault, including controlling privacy-related settings and/or features.
      • Access and process End Users’ personal data, including the interaction data, diagnostic data, and the contents of End Users’ communications with us.
      • See when End Users accessed the application, and how they used the items within the Vault (e.g., shared with others, auto-filled, deleted, etc.).
      • See other available information, such as the End User’s email, timestamp, item name (available only to owners, as it is specified in the NordPass Business Whitepaper), receivers of items (where applicable), etc.
      • See if End Users have been breached (this info is also available for End Users; see more in Section “Data Breach Scanner”).
      • View End Users’ password health stats (without details of items themselves) and see how many old/weak/reused passwords the End User has stored in their Vault.
      • Reassign the End User’s items to another End User after the End User’s account and Vault is deleted. All items within that Vault will be inherited by another End User to whom the Vault is reassigned.
      • Delete all items in the End User’s Vault at its own discretion.
      1. NORDPASS BUSINESS AS A DATA CONTROLLER
        • Application diagnostics. This aggregated and anonymized data helps us identify problems related to our app performance and updates. The collected information includes crash error reports and visited web addresses.
        • Anonymized app usage statistics. We collect statistical information about the End Users’ activity when using NordPass Business Services: (i) the number of items stored, (ii) the date when the item was created, (iii) how the password was created (e.g., imported, autosaved, created manually), (iv) the strength of passwords in percentage (e.g., 85% of your passwords are very strong), (v) the strength of the Master Password, (vi) the percentage of suggested passwords used, and (vii) the number of different folders in NordPass Business Vault, and (viii) information about the usage of autofill feature (e.g., disabling it for certain websites and switching the autofill forms manually). This analytical data gives us information on how our application is being used so that we can improve the NordPass Business users’ experience and the app itself.
        • Live chat widget. If you contact us via the live chat widget, in addition to processing your contact information, we will process your device information (such as the type of the operating system and browser) and IP address. This information is necessary for our support to determine the user’s country, prevent abuse, see if the user is connected to our servers, and help our support to process queries faster.
        • Device information. As in the case of when you visit our Website http://www.nordpass.com/business-password-manager, we collect some device information in our application too. Such information is logged automatically and may include your IP address, browser type, operating system version, and similar non-identifying information. We may use this information to monitor, develop, and analyze the use of NordPass Business Services.
        • Also, we process your photo if you provide it on a voluntary basis by uploading it on your NordPass Business account. Please note that the photo available on the account will be available to other users of NordPass Business Services with whom you share and/or who share the items with you.
        1. DATA BREACH SCANNER
          1. PASSWORD HISTORY
            1. EMAIL MASKING
              1. ITEM SHARING
                1. DATA CENTER LOCATION