Skip to content




Privacy Policy

1 Person responsible according to Art. 4 No. 7 GDPR

Responsible for the provision of this website is:

Northern Data AG
An der Welle 3
60322 Frankfurt am Main
Germany
Phone: +49 69 34 87 52 25
E-mail: info@northerndata.de

For some processing operations, Northern Data AG is jointly responsible with its affiliates for the processing of personal data. A corresponding joint responsibility agreement according to Art. 26 GDPR has been concluded. More information about the responsible parties as well as the essence of the joint responsibility agreement can be found under section 12.

2 Data protection officer of the responsible party

You can reach our data protection officer at dataprotection@northerndata.de.

3 Legal basis

We may process your data on the basis of:

  • your consent according to Art. 6(1)(a) GDPR
  • the fulfillment of a contract (incl. pre-contractual measures) according to Art. 6(1)(b) GDPR
  • the fulfillment of a legal obligation according to Art. 6(1)(c) GDPR
  • a legitimate interest according to Art. 6(1)(f) GDPR
  • the establishment, implementation, or termination of an employment relationship pursuant to Section 26 BDSG

4 Rights of the data subject

In the following, we will inform you about your data subject rights.

  • Right of access (Art. 15 GDPR)
    You have the right to request information from us at any time as to whether and which of your personal data is being processed by us. This also includes information on the purposes of processing, if applicable, recipients to whom we have disclosed your data, the planned storage period and, if applicable, information on the origin of this data if we have not collected it directly from you.
  • Right to rectification (Art. 16 GDPR)
    You have the right to request us to correct any inaccurate data we have stored about you. This also includes the right to have incomplete personal data completed.
  • Right to erasure (Art. 17 GDPR)
    You have the right to request us to delete data that we have stored about you. Provided that there are no reasons against further processing, we will comply with your request.
  • Right to restriction of processing (Art. 18 GDPR)
    You have the right to request the restriction of personal data processed about you in any of the following circumstances:
    • You dispute the accuracy of your personal data stored by us
    • To prove of unlawful processing operations
    • For the establishment, exercise or defense of legal claims
    • To verify your objection to the processing
  • Right to data portability (Art. 20 GDPR)
    You have the right to receive from us personal data that you have provided to us in a structured, commonly used and machine-readable format for the purpose of transferring it to another controller, provided that the processing is based on your consent or on a contract.
  • Right to object to processing (Art. 21 GDPR)
    Insofar as we base the processing of your personal data on our legitimate interest within the meaning of Art. 6(1)(f) GDPR, you may object to the processing.
  • Right to withdraw consent under data protection law (Art. 7 GDPR)
    If you have given your consent to the processing of your data, you may revoke this consent at any time pursuant to Art. 7(3) GDPR with effect for the future.
  • Right of appeal to a supervisory authority (Art. 77 GDPR)
    You have the right to complain at any time to a data protection supervisory authority about our processing of data relating to you. The competent supervisory authority can be reached at:

The Hessian Commissioner for Data Protection and Freedom of Information
represented by
Prof. Dr. Alexander Roßnagel
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany
E-mail: poststelle@datenschutz.hessen.de

5 Data deletion and storage duration

The personal data of the data subject shall be deleted or blocked as soon as the purpose of the processing ceases to apply.

Processing may also take place if we are required by law to retain the data.

Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or fulfillment of a contract.

6 Data transfer to the USA

An adequacy decision of the EU Commission exists for the transfer of personal data to the USA. Insofar as we use service providers that are certified under this framework (such as HubSpot), your data will be transferred to the USA based on this decision. Otherwise, standard contractual clauses are concluded with the service providers in the USA to ensure the protection of your data.

7 Recipients

We share your information with the following categories of recipients:

Recipient

Description

Third country transfer

Hosting service provider

Infrastructure services for hosting and displaying the website

Cannot be excluded and is covered by an adequacy decisions and standard contractual clauses.

Consent Management Service Provider

For consent retrieval and management

Cannot be excluded and is covered by an adequacy decisions and standard contractual clauses.

Newsletter service provider

For newsletter distribution and tracking

Cannot be excluded and is covered by an adequacy decisions and the standard contractual clauses and consent.

Job applicant management service provider

For the management of the processes relating to job applications

Cannot be excluded and is covered by an adequacy decisions and standard contractual clauses.

CRM service provider

Customer data management system

Cannot be excluded and is covered by an adequacy decisions and standard contractual clauses.

The service providers mentioned in section 11

See section 11

See section 11

Affiliates in third countries

See section 12

Cannot be excluded and is covered by an adequacy decisions and standard contractual clauses.

8 Server log files

Server logs are used to log the calls to the website. The following data is collected:

  • Time of the call of an Internet address
  • User agent of the browser
  • IP address

We process the above data in our legitimate interest pursuant to Art. 6(1)(f) GDPR to ensure the stability and security of the website.

9 Use of cookies

Cookies are small files that are stored on your hard drive associated with the browser you are using and through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the Internet offer as a whole more user-friendly and effective.

The storage of technically unnecessary cookies or the use of comparable technical functions is based on the legal basis of consent.

The possible further processing of your data with the help of a cookie is also based on your consent according to Art. 6(1)(a) GDPR.

The storage of technically necessary cookies is based on art. 5(3) of the ePrivacy Directive.

The settings you make using the cookie banner are stored in a cookie. The legal basis for this processing is the legal obligation pursuant to Art. 6(1)(c) GDPR for cookies and third-party services to obtain your consent

Detailed information about the cookies we use can be found in our cookie banner.

10 Other forms of use of our website

10.1 Contact forms

Our website contains various forms that you can use to contact us. When using the forms, the data entered in the input mask is transmitted to us and stored. The mandatory fields are marked with an asterisk. In addition, your IP address and the date and time of the request are stored.

In addition, it is possible to contact us via e-mail addresses provided by us. In this case, your personal data transmitted with the e-mail will be stored and processed by us in order to process your inquiry or the reason for your contact. The data will not be passed on to third parties. The data is used exclusively for processing the conversation.

We process the data within the scope of contacting you exclusively for the purposes specified in the respective form.

The legal basis for the processing of your data in the context of your contact request is our legitimate interest according to Art. 6(1)(f) GDPR to answer your request or in the case of pre-contractual measures Art. 6(1)(b) GDPR.

10.2 Application

If you apply for a job offer or send us an unsolicited application, we process the data you provide in order to process your application. As a rule, your documents contain special categories of personal data (e.g. information on marital status; information on health; a photo that allows conclusions to be drawn about your ethnic origin and, if applicable, eyesight and/or religion; similarly sensitive data within the meaning of Art. 9 GDPR).

10.2.1 Legal basis

The legal basis for the processing of applicant data is Art. 6(1)(b) GDPR, as the processing is necessary for the decision on the establishment of an employment contract.

10.2.2 Retention period

Your data will be deleted 6 months after the termination of an unsuccessful application procedure.

10.3 Newsletter

When sending our electronic newsletter, to which you can subscribe, we process the data you enter. Mandatory fields are marked with a *.

For the dispatch of the electronic newsletter the specification of the e-mail address is mandatory. The processing of your further data serves the personalization of these contacts as well as the specialization of the offers and information and is voluntary.

We process your e-mail address in order to contact you for the purpose of sending you our electronic newsletter, to inform you about current events as well as current developments, if applicable, and to maintain our contractual relationship with you. In addition, we use this data for advertising messages by e-mail and, if we have received your e-mail address in connection with our products and services, for advertising measures about our own similar products and services.

10.3.1 Tracking

By subscribing to the newsletter, the user consents to tracking for statistical purposes. A tracking pixel is used.

When delivering the newsletter, the external server can then record certain data of the recipient, for example the time of the retrieval, the IP address or information on the e-mail program used (client). The name of the image file is individualized for each e-mail recipient by appending a unique ID and can thus determine which newsletter recipient has just opened the e-mail when the image is retrieved.

Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by us in order to optimize the newsletter dispatch and to better adapt the content of future newsletters to the interests of the recipients. The data will not be passed on to third parties.

10.3.2 Legal basis

For sending our newsletter as well as the associated tracking to you, we will obtain your consent. We use the so-called double opt-in procedure for this purpose. After you have registered for the newsletter, we will send you an e-mail to the e-mail address you have provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 48 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses used and times of registration and confirmation. The purpose of this procedure is to prove your registration and to be able to clarify a possible misuse of your personal data.

Insofar as we do not already process your data on the basis of your consent only in exceptional cases, your personal data will only be processed to the extent that this is necessary to protect our legitimate interests or the legitimate interests of a third party and does not override your interests or fundamental rights and freedoms that require the protection of personal data (Art. 6(1)(f) GDPR). Tracking only takes place with your consent.

You can revoke your consent at any time by clicking on the link provided in each newsletter email or by contacting us at compliance@northerndata.de.

11 Third-party services

11.1 HubSpot

We use HubSpot for marketing activities on our website. We use this integrated software solution for our own marketing, lead generation, and customer service purposes. This includes email marketing, which governs the sending of newsletters as well as automated mailings, social media publishing and reporting, contact management such as user segmentation and CRM, landing pages and contact forms. HubSpot uses cookies which enable an analysis of your use of the website by us. HubSpot analyzes the information collected (e.g., IP address, geographic location, browser type, length of visit, and pages viewed) on our behalf so that we can generate reports about the visit and the pages viewed. Information collected by HubSpot and the content of our website is stored on servers of HubSpot's service providers. Insofar as you have given your consent to this in accordance with Art. 6(1)(a) GDPR, the processing takes place on this website for the purpose of website analysis. The analysis data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Data will be deleted no later than 36 months after it has been collected. You can permanently object to the collection of data by HubSpot and the setting of cookies by preventing the storage of cookies accordingly through your browser settings.
 
A transfer of your data to a third country cannot be excluded. You can find more information in section 6.

12 Joint controller information

The joint responsibility agreement according to Art. 26 GDPR has been concluded between the following parties:

Country

Contact details of the controllers

Germany

Northern Data AG
An der Welle 3
60322 Frankfurt am Main
E-mail: info@northerndata.de
Phone: +49 69 34 87 52 25

Northern Data Software GmbH
An der Welle 3
60322 Frankfurt am Main
E-mail: info@northerndata.de
Phone: +49 69 34 87 52 25

England

Northern Data Services (UK) Limited
68 King William Street
EC4N 7HR London

Ireland

Taiga Cloud Limited
Riverside One
Sir John Rogerson’s Quay
Dublin 2, D02X576

Netherlands

Northern Data NL B.V.
Claude Debussylaan 7
1082MC Amsterdam

Norway

Northern Data NOR AS
c/o Næringspark B200
Heddalsvegen 9
3674 Notodden

Sweden

Hydro66 Svenska AB
Hydrogränd 2
961 43 Boden

Switzerland

Northern Data (CH) AG
Grafenauweg 8
6300 Zug

USA

Northern Data US, Inc.
c/o CT Corporation System
1209 Orange Street,
Wilmington, DE 19801

Below are the descriptions of the common responsibilities of the respective processing operations.

Process

Responsible

 

Home Website

Cloud Website

Data Center Website

Mining Website

Investor Relations Website

 

northerndata.de

taigacloud.com

ardentdc.com

peakmining.com

ir.northerndata.de

Contact via form

  • Northern Data AG
  • Northern Data Software GmbH
  • Northern Data Services (UK) Limited
  • Northern Data NL B.V.
  • Northern Data AG
  • Taiga Cloud Limited
  • Northern Data Software GmbH
  • Northern Data Services (UK) Limited
  • Northern Data US, Inc.
  • Northern Data AG
  • Northern Data NL B.V.
 

Contact via phone

  • Northern Data AG
  • Taiga Cloud Limited
  • Northern Data Services (UK) Limited
   
  • Northern Data AG

Contact via e-mail

  • Northern Data AG
  • Taiga Cloud Limited
  • Northern Data Software GmbH
  • Northern Data Services (UK) Limited
  • Northern Data US, Inc.
  • Northern Data AG
  • Northern Data NL B.V.
  • Northern Data AG

Newsletter

  • Northern Data AG
  • Northern Data AG
  • Taiga Cloud Limited
  • Northern Data Software GmbH
  • Northern Data Services (UK) Limited
  • Northern Data AG
  • Northern Data US, Inc.
  • Northern Data AG
  • Northern Data NL B.V.
  • Northern Data AG

Application

  • Northern Data AG
  • Northern Data Services (UK) Limited
       

In the joint responsibility agreement, the obligations within the meaning of the GDPR in the context of the above-mentioned processing operations were defined. This concerns in particular the exercise of the rights of the data subjects and the fulfillment of the information obligations pursuant to Articles 13 and 14 of the GDPR.

The parties shall fulfill the obligations under data protection law in accordance with their respective responsibilities for the individual process stages as described in the tabular presentation above. However, you may assert your rights under the GDPR with and against each of the controllers.