Lingvanex GDPR Statement
NordicWise Limited (also “the Company”), incorporated under the laws of the Republic of Cyprus with a registered office at 52 1st April, 7600 Athienou, Larnaca, provides its clients with several types of language translation and speech recognition services, both on-premise and cloud-based ones, including, among others, On-premise Machine Translator, Translator for PC (online and offline mode), Translator for Slack, Translator for Browsers, Mobile Translator, etc.
The Company takes its privacy-related responsibilities seriously and endeavors to constantly enhance its data protection practices. The Company has taken a wide range of GDPR-compliance measures.
Maintaining a Register of Processing Activities (also “the RoPA”) as set forth in Art. 30(1) of the GDPR.
The RoPA includes the following data:
- the purpose and legal basis of the processing;
- a description of the categories of data subjects and of the categories of personal data;
- the categories of data recipients (including recipients in third countries);
- where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country and the documentation of suitable safeguards;
- data retention terms.
All these details are indicated for each data processing activity separately. The Company also maintains a data flow map to keep track of personal data flows.
Publishing a Privacy Policy to ensure that personal data is processed in a transparent manner (Art. 13 and 14 of the GDPR).
The Privacy Policy includes all details that are named in Art. 13 and 14 of the GDPR, including data recipients, their location (which is especially relevant if they are situated outside of the European Economic Area) and the applicable international data transfer mechanism. Data subjects’ privacy-related rights are also described with a clear mechanism for exercising these rights.
Providing website visitors with a cookie banner to ensure that personal data are processed in a transparent manner (Art. 13 and 14 of the GDPR).
The cookie banner installed on the website lingvanex.com follows recommendations for visual configuring cookie-banners in accordance with the requirements of national legislation in EU countries. No dark patterns, no hidden text. It provides a website visitor with three options:
- Accept All Cookies (necessary + optional tracking);
- Continue without Accepting (only necessary cookies enabled), or
- Customize your preferences by clicking "Cookies Settings" in the banner (bottom-left corner).
No dark patterns, no hidden text. Necessary cookies are turned on by default. Other cookies are turned on by a visitor herself. What is more, not only “ordinary” cookies, but also local storage files and web beacons are described in the Cookie Policy. Since a cookie banner is always available at a single click (a cookie icon is located in the bottom-left corner of the screen), a website visitor can adjust cookie settings at any time.
Performing a vendor analysis to perform the duty of a data controller to engage trustworthy data processors (Art. 28(1) of the GDPR).
The Company has performed a vendor analysis with regard to all companies engaged in personal data processing. We have checked the content of the relevant Data Processing Agreement, as well as suitable international data transfer guarantees. The Company does its best to engage personal data processors located either in the European Economic Area or in jurisdictions that enjoy the adequacy decision of the European Commission.
Taking technical and organisational measures of personal data protection (Art. 24(1) of the GDPR).
The Company takes a wide range of technical and organisational measures to ensure that personal data are protected from data breaches. These measures include, for example:
- determining data retention terms for each and every data processing activity separately (depending on the purpose of data processing and the need of the Company to use these data);
- limiting access to personal data (both technically and organisationally);
- using encryption, pseudonymisation and other technical measures preventing unauthorised access to personal data, etc.
Engaging a third-party company that specialises in personal data protection to audit NordicWise’s privacy practices (Art. 24(1) of the GDPR).
In the beginning of 2026 the Company engaged Data Privacy Office GmbH to audit the Company’s data protection practices. The Data Privacy Office team has interviewed NordicWise’s employees to get a deep understanding of the Company’s business processes, checked the privacy-related documents of NordicWise, as well as its cookie banner, and performed a user journey. On the basis of the audit the Data privacy Teams has provided NordicWise with a set of recommendations aimed at strengthening the Company’s GDPR compliance.