Your use of NordPass Business Services is subject to theGeneral Termsand these NordPass Business Additional Terms. If there is any conflict or inconsistency between clauses in the General Terms and the NordPass Business Additional Terms, the NordPass Business Additional Terms will govern and apply.

Capitalized terms not defined here have the same meaning as defined in the General Terms.

1. NordPass Business Services

   NordPass Business is an advanced business password management solution, which mitigates security risks, improves productivity and provides a way of management of business sensitive information.

   Current information about the functioning of NordPass Business Services, subscription plans, and pricing can be found at nordpass.com/business.
2. Zero knowledge

   YOU ACKNOWLEDGE THAT, DUE TO THE ENCRYPTED NATURE OF THE SERVICES AND ZERO-KNOWLEDGE POLICY OF NORDPASS, (I) THERE IS NO WAY TO RECOVER ITEMS STORED WITHIN NORDPASS VAULT WITHOUT A VALID MASTER PASSWORD OR A RECOVERY CODE, AND (II) NORDPASS HAS NO ABILITY OR OBLIGATION TO RECOVER YOUR DATA IF THEY ARE LOST OR DAMAGED OR OTHERWISE INACCESSIBLE FOR ANY REASON, INCLUDING IF YOU OR YOUR END USER MISPLACED MASTER PASSWORDS AND RECOVERY CODES FOR THEIR NORDPASS VAULTS.
3. Customer Items

   The Terms do not grant Nord any ownership to the passwords, notes or other items uploaded through the Services by Customer and its end users ("Customer Items"), except for the limited rights that are reasonably necessary for Nord to provide the NordPass Business Services in accordance with the Terms, for instance, to store, backup, or transfer (e.g., between our servers) Customer Items.

   You acknowledge that NordPass uses strong encryption algorithms to protect Customer Items and, as a Customer, you are fully and solely responsible and accountable for the content of Customer Items. By using the Services, you guarantee that you have all required permissions for each Customer Item, including rights to distribute, transfer, store and/or make the content available online through the Services.

   Ownership and Customer’s rights. Customer and each of its end users acknowledge that Customer Items are owned by the Customer. Consequently, NordPass Business Services, as well as the Terms, provide the Customer with a number of management rights towards the Customer Items and the end users accounts, such as to manage vaults where Customer Items are stored, to see certain information how the end user uses the Service (e.g. when accesses it, when shares or deletes a Customer Item, when uses a Customer Item with an auto-fill feature, etc.) and other.

   If an end user leaves Customer’s organization or end user’s access to the Service is terminated for any other reason, the Customer has the right to (i) delete such end user’s account and (ii) remove all of the Customer Items uploaded to such end user’s account or to reassign them to any other end user at such Customer’s organization. In the latter event, the reassigned Customer Items would be inherited by the end user to whom the Customer reassigned them.

   Transfer of items stored in personal NordPass account to NordPass Business. If (i) the end user has a personal account with NordPass (i.e. not with NordPass Business, but with NordPass consumer version), and (ii) end user received an invitation from the Customer to join its organization on NordPass Business with the same email, and (iii) end user accepts such invitation and joins NordPass Business with the same email, then:

   • end user’s personal account with NordPass is transferred and transformed to an account with NordPass Business Services (and such end user will not be able to use one’s personal NordPass account with the same email from that moment on); and
   • all items end user has in its personal account with NordPass (at the moment of accepting the invitation to join NordPass Business) automatically transfers to its NordPass Business account and become property of the Customer, i.e., such items become Customer Items owned by the Customer.

   If the end user wishes to avoid the transfer of one’s personal items to the Customer, the end user should either use a different email address for an account with NordPass Business, or remove one’s personal items before accepting the invitation to join NordPass Business, or export (and then, remove) one’s personal items before accepting the invitation to join NordPass Business and then transfer them to another personal account with NordPass created with a different email address.
4. User’s profile photo

   Each end user has a right to upload one’s photo to the profile of NordPass Business account. Customer and its end users acknowledge that this photo will be available publicly to other end users of NordPass Business Services with whom a Customer Item is shared and/or who share a Customer Item with such end user. Customer is fully and solely responsible for such photos uploaded by its end users, is liable for it, and guarantees that Customer and/or its end users have all required permissions, including copyright and other intellectual property rights, to use it. In addition, by uploading the photo each end user agrees that s/he will not:

   • impersonate any person or entity or post any photo of another person without his/her permission;
   • upload any photo that (i) is hate speech, threatening, sexually explicit, or pornographic; (ii) incites violence or contains nudity or graphic or gratuitous violence; and/or (iii) promotes racism, bigotry, hatred, or physical harm of any kind against any group or individual.

   If you believe any Customer or end user of the NordPass Business Services infringed the Terms (e.g., violated your privacy or infringed your copyright, other intellectual property rights, or any other rights by uploading a photo to his/her profile, or in any other way), please notify us in writing, by email: [email protected].
5. Notice and Action Mechanism for Alleged Illegal Content

   We respect the law and require the same from all our Customers and end users. Therefore, Customers and end users cannot use NordPass Business Services to violate applicable law, including infringe copyright or other rights of third parties. This means that Customer and end users shall not upload, store, access, and/or otherwise exploit on or through NordPass Business Services content that is either itself illegal or is rendered to be illegal in a view that it relates to illegal activities (“Illegal Content”).

   Notices

   In case any individual or entity (“Notifier”) considers that the Customer or the end user is exploiting Illegal Content on or through NordPass Business Services (e.g., allegedly infringing the Notifier's copyright or other rights), the Notifier may reach out to the Customer and/or its end user directly, if possible.

   Alternatively, the Notifier may submit a notice (“Notice”) to us via [email protected] (for EU related notices) or to a designated agent (for all other notices) via email address [email protected] or registered mail via address below:

   Nord Security Business, Abuse Team
   Nord Security Inc.
   16192 Coastal Highway
   Lewes, Delaware 19958
   County of Sussex, USA
   email: [email protected]

   Encrypted nature of NordPass Business Services

   The Notifier shall bear in mind the encrypted nature of NordPass Business Services. Only encrypted content is stored on or through our Services meaning that we cannot access, review and/or evaluate the allegedly Illegal Content.

   In other words, due to end-to-end (E2E) encryption of our Services, we may be unable to access, review and/or evaluate the allegedly Illegal Content even upon receipt of the Notice. Therefore, the Notifier shall provide us with sufficient evidence pertaining to the allegedly Illegal Content for us to be able to access, review and evaluate the allegedly Illegal Content concerned.

   NordPass Business will only process the Notice if it meets the requirements set herein below.

   Requirements for the Notice

   To be valid the Notice shall contain the following information:

   • a sufficiently substantiated explanation of the reasons why the Notifier alleges the Illegal Content to be violating applicable law;
   • identification of the copyright-protected work allegedly infringed (or, for multiple works, a representative list), if the Illegal Content allegedly infringes copyright of the Notifier;
   • a clear indication of the exact electronic location of the allegedly Illegal Content and, where necessary, additional information;
   • contact information (at least, full name, physical address, and email address) of the Notifier and its authorized representative, if applicable;
   • a statement by the Notifier (or its authorized representative) that the Notifier has a good-faith belief that the use of the allegedly Illegal Content in the manner complained of is not authorized by the Notifier, its authorized representative, or the law;
   • a statement by the Notifier that the information and allegations contained in the Notice are accurate and, under penalty of perjury, that the Notifier (or its authorized representative) is authorized to act;
   • the physical or electronic signature of the Notifier (or its authorized representative).

   The Notifier's personal data and other information will be processed in accordance with our Privacy Policy.

   Procedure for handling the Notice

   Upon receipt of the Notice, we will review it to make sure that it meets the above mentioned requirements and includes all the necessary information to comply with the applicable laws. In case some information and/or details were missing, we may require the Notifier to provide them prior to processing the Notice.

   Once we verify that the Notice is valid, we will process it and expeditiously take whatever action we deem appropriate, necessary and feasible. Thereafter, we will inform the Notifier and the Customer and/or the affected end user, if possible.

   We reserve the right, at any time and in our sole discretion, with or without notice, without liability towards the Notifier, you and/or any third party, to impose any restrictions with respect to your content should it violate applicable law and/or our Terms, whether repeatedly or on a single instance. It means that, among other things, we may:

   • suspend or terminate the provision of NordPass Business Service to you in whole or in part;
   • suspend or terminate the Customer’s and/or its end user’s account regardless of whether you are a repeat infringer or not in appropriate circumstances.

   The foregoing does not limit other rights or remedies available to us hereunder, at law or in equity.
6. Contacts regarding NordPass Business Services

   For users

   Nord has designated a single point of contact (please direct requests to [email protected]) for NordPass Business users for the purposes of the Digital Services Act (DSA).

   For notices of alleged illegal content, please see Section 5 “Notice and Action Mechanism for Alleged Illegal Content” above.

   For authorities

   Nord has designated a single point of contact (please direct requests to [email protected]) for EU Member States’ authorities to contact us for the purposes of the DSA.

   Please ensure that all requests meet the requirements of the DSA and are made in English (or, at a minimum, an English translation is provided).

   If you have other questions or concerns regarding these NordPass Business Additional Terms and/or NordPass Business Services, please contact us at [email protected].

   DSA Transparency Report

   Transparency reports for NordPass Business services are published pursuant to the DSA:

   • NordPass Business Transparency Report 1 Jan 2024 - 31 Dec 2024 (Download)