The NORSE Labs Privacy Policy was updated on July 1, 2024.
In the following policy, NORSE Labs refers to the service offered by NORSE Labs OÜ (the “Company” or “We”)
through the norselabs.io website (the “Service”). This Privacy Policy
explains what information we collect through your access and use of our Service the use we make of such
information; and the security level we provide for protecting such information.
By visiting our websites
and using the Services provided here, you consent to the terms outlined in this privacy policy.
The Company is domiciled in Estonia and all data storage infrastructure is also located solely within European Union (the “EU”), and thus governed by the laws and regulations of the EU.
In most cases, we don’t need your personal information to provide our services. However, you may disclose your email address, first & last names to NORSE Labs. This information is used for security purposes, customer support and notifications.
Visiting our website: We use specific analytics software (Google Analytics) provided by third-parties only on NORSE Labs’s main website (norselabs.io) to collect some information (device type, language and etc.) in order to improve our services. Other our websites have no analytics software at all to ensure users’ privacy.
Account creation: It is not necessary to create an account in order to use our products, but you may create one using your email address for notification or other customer support purposes. Should you choose to provide it, we do associate email address with your account (for security notifications & customer support purposes).
DVPN by Norse: VPN nodes do not collect any traffic sent by your devices. We do not collect IP addresses, device information and so on.
IP Logging: By default, NORSE Labs does not keep permanent IP logs. However, IP logs are sometimes kept to combat abuse and fraud, and your IP address may be retained if you are engaged in activities that breach our terms and conditions (DDoS attacks against NORSE Labs’s infrastructure, brute force attacks and so on).
Payment Information: The Company relies on third parties to process credit card, PayPal, and Bitcoin transactions so the Company necessarily must share payment information with third parties. Anonymous Bitcoin and other cryptocurrencies payments are accepted however.
Native Applications: When you use our native applications, we (or the mobile app platform providers) may collect certain information in addition to the information mentioned elsewhere in this Policy. We may use mobile error analytics software to send crash information to our developers so that we can fix bugs rapidly. Some operating systems may also collect and aggregate anonymous statistics if you opt-in. Therefore, such data may be governed by the privacy policy and terms and conditions of such software vendors. None of the software on our apps will ever access or track any location-based information from your device at any time.
We do not have any advertising on our websites & applications. Any data that we do have will never be shared except under the circumstances described below in the Data Disclosure Section. We do NOT do any analysis on the limited data we do possess.
All servers used in connection with the provisioning of the Service are located in European Union. Only NORSE Labs’s employees have access to the servers. Data is ALWAYS transferred in encrypted format to our servers. All application specific data (e.g. DVPN traffic) is ALWAYS encrypted and we do not possess the ability to access any user encrypted data on the production servers.
Through the Service, you can directly access, edit, delete or export personal data (according to the EU General Data Protection Regulation) processed by the Company in your use of the Service.
If your account has been suspended for a breach of our terms and conditions, and you would like to exercise the rights related to your personal data, you can make a request to our support via email — support@norselabs.io.
When a NORSE Labs account is closed, data is immediately deleted from production servers. Active accounts will have data retained indefinitely.
Usually, we do not disclose your account information (except e-mail address) to third-party companies &
government authorities. We will only disclose the limited user data we possess if we receive notice from the
Interpol or Estonian Police and Border Guard Board regarding a court order that is coming from the
authorities of Estonia which we are legally obligated to recognize. We do not provide any information unless
we have received an original copy of the court order by registered post or in person. Your email address
will be disclosed to our partner company in order to deliver messages concerning your account and our
products.
If a request is made for user’s application-specific encrypted data, that NORSE Labs does not
possess the ability to decrypt, the fully encrypted data may be turned over. However, NORSE Labs uses
military-grade encryption algorithms & encrypted data cannot be decrypted be government authorities.
If permitted by law, NORSE Labs will always contact a user first before any data disclosure. NORSE Labs
may contest court orders. In such situations, the Company will not comply with the court order until all
legal or other remedies have been exhausted. Therefore, not all court orders will lead to data disclosure.
NORSE Labs reserves the right to periodically review and change this policy from time to time and we will notify users who have enabled the notification preference about changes to our Privacy Policy. Continued use of the Service will be deemed as acceptance of such changes.
This Agreement shall be governed in all respects by the substantive laws of Estonia. Any controversy, claim, or dispute arising out of or relating to the Agreement shall be subject to the jurisdiction of the competent Estonian court being expressly reserved.
NORSE Labs has not produced any information in response to a secret subpoena and has not built “backdoors” for any government into our products. All government requests for user data need to come through the front door (i.e., by serving valid legal process upon NORSE Labs).
If you have any questions or concerns about the matters discussed in this privacy policy, please contact us — legal@norselabs.io.
NORSE Labs OÜ (reg no. 17001009)
Tornimäe 5,
10145 Tallinn, Harjumaa
Estonia