NoteradPrivacy Policy
Last updated: 8 June 2026
This policy explains what personal data Noterad collects when you visit our store or buy a digital guide, why we collect it, who we share it with, and the rights you have under the EU General Data Protection Regulation (GDPR).
1. Who we are
Noterad is operated by Wendeco Norden AB ("Noterad", "we", "us"), a company registered in Sweden. We are the data controller for the personal data described in this policy.
Contact: info@noterad.com
Registered address: Berzeliigatan 5, 412 53 Göteborg, Sweden · Company reg. no. (org.nr): 556779-0919
2. What we collect
| Data | Examples |
|---|---|
| Contact data | Email address you provide at checkout or to receive a download/library link. |
| Order data | Which guides you bought, amount paid, currency, order and payment-reference IDs, your access (entitlements) to purchased PDFs. |
| Payment data | Processed by Stripe. We receive confirmation, billing country, and the last digits/brand of your card — we never see or store your full card number. |
| Technical data | IP address, approximate location (for VAT/tax), device and browser information, and basic request logs, used for delivery, security, and fraud prevention. |
| Preferences | Your chosen display currency, stored locally in your browser. |
3. How we use your data and our legal basis
- To fulfil your order — create your purchase, grant access to your PDFs, and email your download/library links. Legal basis: performance of a contract.
- To calculate and remit tax (VAT) and keep accounting records. Legal basis: legal obligation.
- To prevent fraud and secure the service. Legal basis: our legitimate interest in operating a safe store.
- To send the optional free toolkit / newsletter, if you ask for it. Legal basis: your consent, which you can withdraw at any time.
- To respond to you when you contact support. Legal basis: legitimate interest / contract.
4. Who we share it with
We do not sell your personal data. We share it only with the service providers ("processors") needed to run the store, each under a data-processing agreement:
| Provider | Purpose |
|---|---|
| Stripe | Payment processing, fraud checks, and VAT/tax calculation. |
| Supabase | Secure database and file storage for orders, access rights, and your PDFs. |
| Resend (and Amazon Web Services / SES) | Sending transactional emails such as your download and library links. |
| Vercel | Website and application hosting. |
| Google Fonts | Delivering the fonts used on the site (may receive your IP address when fonts load). |
We may also disclose data where required by law or to protect our legal rights.
5. International transfers
Some of these providers process data outside the European Economic Area (for example in the United States). Where that happens, the transfer is protected by appropriate safeguards such as the EU Standard Contractual Clauses or an adequacy decision (e.g. the EU–US Data Privacy Framework).
6. Cookies and local storage
We do not currently use advertising or analytics cookies. We use your browser's local storage to remember your chosen currency. Our payment provider (Stripe) may set cookies that are strictly necessary to process your payment securely and prevent fraud. If we introduce analytics or marketing tools in the future, we will update this policy and ask for your consent first where required.
7. How long we keep it
- Order and payment records: kept for as long as required by Swedish accounting law (currently 7 years).
- Your library access (entitlements): kept so you can re-download what you bought, until you ask us to delete it.
- Newsletter email: kept until you unsubscribe.
8. Your rights
Under the GDPR you have the right to: access your data; correct it; have it erased; restrict or object to its processing; receive it in a portable format; and withdraw consent at any time. To exercise any of these, email info@noterad.com.
9. Security
Payments are handled entirely by Stripe over encrypted connections; we never store your full card details. Your downloads are served through short-lived, signed links so they cannot be shared indefinitely. We use reputable, access-controlled infrastructure for data and file storage.
10. Children
Our store is intended for adults. We do not knowingly collect personal data from children under 16.
11. Changes to this policy
We may update this policy from time to time. The "last updated" date above shows the latest version, and material changes will be reflected on this page.
12. Contact
Questions about this policy or your data? Email info@noterad.com.