Legal · Privacy

Privacy Policy

Last updated 15 July 2026

northdex is built to be privacy-preserving by design. The index itself contains no personal data — it is aggregated from commercial price figures. This policy explains the limited personal data we do process when you visit the site, contact us, or partner with us, and your rights under the EU General Data Protection Regulation (GDPR).

1

Who we are

The controller of your personal data is [northdex Legal Entity Name], registered in [Sweden] under company number [reg. no.], with its registered office at [address] (“northdex”, “we”).

For any privacy question, contact us at privacy@northdex.eu.

2

The index contains no personal data

The northdex indices and data products are built from commercial pricing data — GPU type, price, currency, region, month, and quantity. These fields identify no individual. Data contributed by operators is anonymised and aggregated (never fewer than three contributors), so no personal data enters the index. See our methodology and data-partner terms.

3

Personal data we do process

  • Contact & demo requests — if you email us or request access, we process your name, email address, organisation, and the content of your message.
  • Data-partner contacts — for operators who contribute data, we process the business-contact details of the individuals we coordinate with (not the pricing data itself, which is non-personal).
  • Technical data — when you visit the site, our infrastructure provider processes standard server logs (IP address, browser type, pages requested) to deliver and secure the service.
4

Why, and on what legal basis

  • To respond to your enquiries and provide access you request — Art. 6(1)(b) (steps prior to a contract) and 6(1)(f) (legitimate interest).
  • To operate, secure, and improve the site — Art. 6(1)(f) (legitimate interest in a functioning, secure service).
  • To administer data-partner relationships — Art. 6(1)(b) (contract) and 6(1)(f).
  • To comply with legal obligations where applicable — Art. 6(1)(c).
5

Where your data is stored

Personal data is stored and processed within the European Union, encrypted in transit and at rest. Where a processor operates outside the EEA, we rely on an adequate transfer mechanism (e.g. EU Standard Contractual Clauses). We do not sell personal data.

6

Processors we use

We use a small number of service providers strictly to run northdex, under data-processing terms: hosting and content delivery (our cloud infrastructure provider), and the collector infrastructure that computes the index. Each acts only on our instructions.

7

Retention

We keep personal data only as long as needed for the purpose it was collected, or as required by law. Enquiry correspondence is kept for as long as needed to handle the relationship and then deleted; server logs are retained for a limited period for security.

8

Your rights

Under the GDPR you have the right to:

  • access the personal data we hold about you;
  • have inaccurate data corrected, or your data erased;
  • restrict or object to processing, and request data portability;
  • withdraw consent at any time, where processing is based on consent.

To exercise any right, contact privacy@northdex.eu. You also have the right to lodge a complaint with your supervisory authority — in Sweden, the Swedish Authority for Privacy Protection (IMY).

9

Cookies

northdex uses only what is necessary to operate the site. If we introduce optional analytics or similar technologies, we will request consent first and update this policy accordingly.

10

Changes to this policy

We may update this policy as northdex develops. Material changes will be reflected here with a revised “last updated” date.