Northwise

Privacy Policy

Last updated: 26 June 2026

Site-1 placeholder. Replace this section with a GDPR-compliant privacy policy before launch. Content should cover: data controller identity, lawful bases, processing purposes, retention periods, sub-processors (Scaleway, Hetzner, Mailgun, Anthropic), and data subject rights (access, rectification, erasure, portability, objection).

1. Data controller

[LEGAL CONTENT GOES HERE — Data controller details: company name, registration number, address, contact email, DPO if applicable]

2. What data we collect

[LEGAL CONTENT GOES HERE — Categories of personal data: account data (name, email, organisation), usage data, IP address, technical identifiers]

3. Lawful basis for processing

[LEGAL CONTENT GOES HERE — GDPR Article 6 lawful bases for each processing activity: contract performance, legitimate interests, consent]

4. How we use your data

[LEGAL CONTENT GOES HERE — Processing purposes: service delivery, billing, support, security, analytics (Plausible, no cookies)]

5. Sub-processors

[LEGAL CONTENT GOES HERE — List of sub-processors: Hetzner GmbH (DE, hosting), Scaleway SAS (FR/NL, hosting), Mailgun Technologies Inc (email, EU endpoint), Anthropic PBC (AI, only if tenant configures LLM key), Plausible Analytics OÜ (EE, analytics)]

6. Data retention

[LEGAL CONTENT GOES HERE — Retention periods for account data, usage logs, deleted tenant data]

7. Your rights

[LEGAL CONTENT GOES HERE — GDPR rights: access, rectification, erasure, restriction, portability, objection, complaint to supervisory authority (Autoriteit Persoonsgegevens, NL)]

8. Contact

Privacy questions: yori@getnorthwise.com