Nord Security Logo

NordPass Business and NordLocker Business

Data Processing Agreement

NordLayer

NordStellar

NordPass Business Privacy Notice

Calendar

Effective from: August 11, 2025

  1. GENERAL REMARKS
    1. ADDITIONAL NOTICE TO END USERS WHEN USING NORDPASS BUSINESS SERVICES
      • Control and administer the End Users’ Vault, including controlling privacy-related settings and/or features.
      • Access and process End Users’ personal data, including the interaction data, diagnostic data, and the contents of End Users’ communications with us.
      • See when End Users accessed the application, and how they used the items within the Vault (e.g., shared with others, auto-filled, deleted, etc.).
      • Manage the access and ownership of items and folders in the End User’s Vault.
      • See other available information, such as the End User’s email, timestamp, item name (available only to owners, as it is specified in the NordPass Business Whitepaper), receivers of items (where applicable), etc.
      • See if End Users have been breached (this info is also available for End Users; see more in Section “Data Breach Scanner”).
      • View End Users’ password health stats (without details of items themselves) and see how many old/weak/reused/exposed passwords the End User has stored in their Vault.
      • Reassign the End User’s items to another End User after the End User’s account and Vault is deleted. All items within that Vault will be inherited by another End User to whom the Vault is reassigned.
      • Delete all items in the End User’s Vault at its own discretion.
      1. NORDPASS BUSINESS AS A DATA CONTROLLER
        • Autofill diagnostics. We collect aggregated and anonymized data on End Users’ visited web addresses and autofill fields. This helps us improve our autofill feature, as well as quickly identify and patch problems related to its performance and updates.
        • App usage statistics and in-app events. We collect information about the End Users’ usage of NordPass Business Services and applications: (i) the number of items stored, (ii) the date when the item was created, (iii) how the password was created (e.g., imported, autosaved, created manually), (iv) the strength of passwords in percentage (e.g., 85% of your passwords are very strong), (v) the strength of the Master Password, (vi) the percentage of suggested passwords used, and (vii) the number of different folders in NordPass Business Vault, (viii) information about the usage of autofill feature (e.g., disabling it for certain websites and switching the autofill forms manually) and (ix) other interactions with features in our applications.
          We also collect in-app events, which contain the following information:
          • General event information: which application type sent the event, event time, time zone, category, type.
          • Device information: device’s operating system and its architecture, browser type and version (when applicable), device type, unique device identifier, session information.
          • Application information: name, version and source of the application.
          • Account information: user identifier, subscription type.
          We need this information to know if the application is working properly (e.g. that you can save your passwords properly or that our security features work as intended); (ii) to know how users interact with our application (e.g., what kind of user interface items are the most or least used, are notifications we show are of interest to users, etc.); and (iii) to identify problems related to our app performance and updates (e.g., crash error reports). We collect this information only with your consent. You can opt-out of the collection of in-app information at any time by navigating NordPass app settings.
        • Live chat widget. If you contact us via the live chat widget, in addition to processing your contact information, we will process your device information (such as the type of the operating system and browser) and IP address. This information is necessary for our support to determine the user’s country, prevent abuse, see if the user is connected to our servers, and help our support to process queries faster.
        • Device information. As in the case of when you visit our Website http://www.nordpass.com/business-password-manager, we collect some device information in our application too. Such information is logged automatically and may include your IP address, browser type, operating system version, and similar non-identifying information. We may use this information to monitor, develop, and analyze the use of NordPass Business Services.
        • Also, we process your photo if you provide it on a voluntary basis by uploading it on your NordPass Business account. Please note that the photo available on the account will be available to other users of NordPass Business Services with whom you share and/or who share the items with you.
        1. DATA BREACH SCANNER
          1. PASSWORD HEALTH & EXPOSED PASSWORDS
            1. PASSWORD HISTORY
              1. EMAIL MASKING
                1. ITEM SHARING
                  1. DATA CENTER LOCATION