Privacy policy

Introduction

At ID North, we value your privacy. This privacy policy explains which personal data we process, why we process it, how long we retain it, and what rights you have under the General Data Protection Regulation (GDPR).

Data controller and contact details

Data controller: ID North
Email: privacy@id-north.com

If you have any questions about our processing of personal data, or if you wish to exercise your rights, please contact us via the email address above.

Personal data we collect

The personal data we collect depends on the context. This may include, for example:

  • Contact details: name, email address, phone number, employer and job title.
  • Customer and contact-related data: correspondence, meeting notes, orders, and participation in events or training.
  • Marketing and event-related data: registrations, areas of interest, consents and unsubscribe requests.
  • Technical data: IP address, device information, page views, newsletter clicks and cookies (see the Cookies section below).

We do not normally process sensitive personal data. If you voluntarily provide information such as dietary requirements or allergy information for an event, it will only be used for that purpose and will be deleted afterwards.

Why we process your personal data

We use personal data to:

  • provide ordered services and fulfil agreements,
  • manage customer relationships, support and administration,
  • invite you to events and training,
  • send relevant information, newsletters and invitations,
  • improve our website and communications,
  • comply with legal obligations, such as accounting requirements.

Processing is based on contractual necessity, legitimate interest (e.g. customer relationships and marketing), or consent (e.g. newsletters).
You may withdraw your consent at any time or object to direct marketing.

How long we retain personal data

We retain personal data only for as long as necessary for the relevant purpose:

  • Customer and contract-related data is retained for the duration of the agreement and up to three (3) years thereafter.
  • Accounting records are retained for seven (7) years in accordance with legal requirements.
  • Event-related data is normally retained for up to thirty-six (36) months after the event for follow-up, future invitations and marketing communications, unless you object.
  • Newsletter data is retained until you unsubscribe or we determine that the information is no longer relevant.
  • Technical logs are retained for the shortest possible time for security and statistical purposes.

Who we share personal data with

We only share personal data with:

  • Service providers (e.g. IT, CRM or newsletter platforms) that process personal data on our behalf under data processing agreements.
  • Partners for joint events, where required for administration or follow-up.
  • Authorities, where required by law.

We never sell your personal data.

Transfers outside the EU/EEA

In some cases, we may use providers that process personal data outside the EU/EEA, for example when using cloud services or analytics tools. Where such transfers occur, we ensure there is a legal basis and appropriate safeguards in place, such as the European Commission’s Standard Contractual Clauses, as well as other technical and organisational security measures.

We only select providers that meet EU data protection requirements.

Security

We protect your personal data through appropriate technical and organisational measures. Access is granted only to individuals who need the data for their work, and we use security solutions such as authentication, encryption and logging where relevant.

Cookies

We use cookies and similar technologies on our website to provide a good user experience, analyse traffic and improve content.

You can choose to accept or decline cookies in your browser settings or via our cookie banner. For more information, please refer to our cookie policy on the website.

Your rights

You have the right to:

  • access your personal data (data subject access request),
  • have inaccurate data corrected,
  • request deletion of your data in certain circumstances,
  • object to processing for direct marketing,
  • request restriction of processing or data portability where applicable.

To exercise any of these rights, please contact us at privacy@id-north.com.
We will respond as soon as possible, normally within 30 days.

Newsletters and email communications

We may occasionally send newsletters and invitations to individuals who have shown interest in our services or events. You can unsubscribe at any time via the link in our emails or by contacting us.

For existing customers, we may also send necessary information relating to our services and cooperation.

Links to other websites

Our website and communications may include links to other websites. We are not responsible for how those websites process personal data, and we recommend that you read their privacy policies.

Changes to this policy

We may update this privacy policy from time to time. The most recent version is always available on our website.

Last updated: November 2025

Contact

Questions about privacy or our processing of personal data?
📩 privacy@id-north.com