Legal

Privacy Policy

Last updated: 22 June 2026

DRAFT — This policy is a working draft pending legal review and is not yet the final, binding version. For any privacy question in the meantime, email [email protected].

1. Who we are

North Keeper is a product of North Star Tech Oy (Business ID 3632278-1) ("North Keeper", "we", "us"). We are the controller of personal data processed through this website and the North Keeper service. Our registered office is at Uuno Kailaan katu 7 D 118, 02600 Espoo, Finland. You can reach us at [email protected].

2. What we collect

We collect only what we need to run the service and respond to you:

  • Information you give us — such as your name, email address, organisation, and the contents of messages you send us.
  • Service data — the records and check results an institution connects to North Keeper in order to be verified.
  • Technical data — basic, privacy-respecting information your browser sends (such as IP address and request logs) needed to operate and secure the site.

3. How we use it

We use personal data to:

  • provide, maintain, and secure the North Keeper service;
  • run integrity checks and issue and publish verification results;
  • respond to your enquiries and provide support;
  • meet our legal and accounting obligations.

We do not sell personal data, and we do not use it for advertising.

4. Legal basis

Where the EU General Data Protection Regulation (GDPR) applies, we process personal data on the basis of performing a contract with you, our legitimate interest in operating and securing the service, your consent where required, and compliance with legal obligations.

5. Sharing

We share personal data only with service providers who process it on our behalf under appropriate agreements, where required by law, and — for the registry — the verification results an institution has chosen to publish. The registry is designed to make integrity results public; we will make clear what is published before anything goes live.

6. Retention

We keep personal data only as long as needed for the purposes above or as required by law, then delete or anonymise it.

7. Your rights

Subject to applicable law, you may request access to, correction of, or deletion of your personal data, object to or restrict certain processing, and request a copy of your data. To exercise these rights, email [email protected]. You may also lodge a complaint with your local data protection authority.

8. Changes

We will update this policy as the service develops and as it is finalised through legal review. Material changes will be reflected by the date above.