Legal information.

Privacy Policy

NordOps Consulting SL respects your privacy. This page describes what personal data we collect, why we collect it, and how we handle it.

Data controller

NordOps Consulting SL
Registered office: Plaza de la Constitución 16, 4A, 29640 Fuengirola, Málaga, Spain
Email: contact@nordopsconsulting.com

NordOps Consulting SL is in the process of completing its mercantile registry inscription. Once registered, the registry number and CIF will be published in the Aviso Legal section of this site. The data controller identity, registered office, and contact details remain as stated above.

What we collect

• Information you submit through our contact form — name, email, company name, company size band, and the message you write.
• Any further email correspondence you send us.

Why we collect it

To respond to your enquiry, schedule the discovery call you request, and — if a business relationship follows — deliver the services you contract us for. We do not use this data for marketing or share it with third parties for advertising.

Analytics and tag management

We use analytics to measure aggregate site usage — which pages are read, which entry sources bring readers, how long visits last on average — so we can improve content and identify what readers find useful. We do not use analytics to identify individual visitors or to create profiles for targeted advertising.

Tools and recipients. NordOps uses Google Tag Manager (container GTM-53DT4BLF) as the tag delivery mechanism and Google Analytics 4 (measurement ID G-L7ML468Y0E) as the analytics platform. The data recipients are Google Ireland Limited (the EU-facing entity for European visitors) and Google LLC (the US parent, where data may be transferred). Google operates under EU Standard Contractual Clauses for international data transfers and is currently certified under the EU–US Data Privacy Framework.

Data processed. IP address (truncated by GA4’s IP anonymisation feature), GA4 client identifier, page URLs visited, referrer, browser user-agent, approximate geographic location at country or region level, session duration, and interaction events such as clicks, scrolls, and outbound link clicks.

Legal basis: consent (GDPR Article 6(1)(a)). We process this data only after you have granted consent via our cookie settings. You can withdraw consent at any time via the “Cookie Settings” link in the footer.

Retention. GA4 retains event data on Google’s servers for 14 months by default. Cookies set in your browser persist for 2 years (_ga) and 13 months (_ga_L7ML468Y0E). After the GA4 retention period elapses, event data is automatically deleted from Google’s servers; aggregated reporting data is retained indefinitely in non-personalised form.

Legal basis for processing

Under GDPR Article 6, every processing activity must have a legal basis. The bases we rely on are as follows:

• Contact form and discovery call requests — Contract performance (Article 6(1)(b)). The data is necessary to respond to the enquiry you initiated.
• Email correspondence with prospects and clients — Contract performance (Article 6(1)(b)) prior to engagement; legitimate interests (Article 6(1)(f)) for follow-up communications post-engagement.
• Analytics — Consent (Article 6(1)(a)), granted via the cookie banner.
• Storage of tax-related communications and invoices — Legal obligation (Article 6(1)(c)). Spanish tax law requires retention of business records for at least four years.
• Security and abuse prevention, e.g. blocking spam contact-form submissions — Legitimate interests (Article 6(1)(f)).

How long we keep it

Contact data is retained for as long as necessary to respond to your enquiry and for any subsequent commercial relationship. Where no commercial relationship is established, contact data is deleted within twelve months of last contact. Analytics retention is described in the Analytics section above.

Your rights under GDPR

Under the General Data Protection Regulation (GDPR) you have the right to access, rectify, erase, port, restrict, and object to processing of your personal data. You also have the right to withdraw consent at any time, where consent is the legal basis for processing — you can do this via the “Cookie Settings” link in the footer. Withdrawal does not affect the lawfulness of any processing carried out before withdrawal.

To exercise any of these rights, email contact@nordopsconsulting.com.

You also have the right to lodge a complaint with the Spanish data protection authority (Agencia Española de Protección de Datos). The authority’s main site is aepd.es; complaints can be filed directly via AEPD’s online complaint form.

Cookie Policy

This page explains what cookies and similar technologies this website uses, how to control them, and how to change your choice at any time.

Your choice comes first

The first time you visit, a banner asks whether you accept analytics and marketing cookies. Until you accept, only strictly-necessary technologies load. We use Google Consent Mode v2, which means analytics and marketing tags are blocked by default and only fire if you explicitly accept. You can change your choice at any time using the “Cookie Settings” link in the footer of every page.

Categories of cookies and tags

Strictly necessary (always loaded). A small amount of technical data needed for the site to work. This includes a localStorage entry called nordops_consent that records your cookie-banner choice so the banner doesn’t reappear on every visit. No personal data is stored.

Analytics (only loaded if you accept). We use Google Analytics 4 (measurement ID G-L7ML468Y0E), loaded via Google Tag Manager. GA4 measures aggregate traffic patterns — which pages are visited, which links are clicked, how long sessions last — to help us improve the site. Analytics tags do not load unless you click “Accept All” in the cookie banner.

Marketing (not currently in use). If we add marketing tools in the future — for example the LinkedIn Insight Tag, Meta Pixel, or Google Ads conversion tracking — they would help us understand which campaigns reach the right people. Marketing tags would not load unless you click “Accept All” in the cookie banner, and we would update this policy before any new tag goes live.

Cookies and storage entries currently in use

This list reflects what is set as of 4 May 2026. We will update it whenever new tracking tools are added.

Tag manager

This site uses Google Tag Manager (GTM, container GTM-53DT4BLF) to load third-party tags consistently and to enforce your consent choice across them. GTM itself does not set tracking cookies; it is the loader. Each individual tag GTM loads is governed by the consent category above.

Third-party services we use today

• Google Fonts — webfonts loaded from fonts.googleapis.com and fonts.gstatic.com for typography. Google may receive your IP address as a side-effect of any request to a third-party domain. No personal information is sent in the request.
• Google Tag Manager (container GTM-53DT4BLF) — loads on every page to deliver tags consistently and to enforce your consent choice across them. GTM itself does not set tracking cookies.
• Google Analytics 4 (measurement ID G-L7ML468Y0E) — aggregate site analytics, fired only after you grant consent. Recipients: Google Ireland Limited (EU) and Google LLC (US). See the Privacy Policy section above for full details on data processed and retention.

Browser controls

You can also manage cookies and similar storage at the browser level — clear them, block them, or set per-site preferences. Doing so does not affect the core functionality of this website. If you clear browser storage, your previous cookie-banner choice will be cleared too, and the banner will reappear on your next visit.

Changes to this policy

If we add a new analytics or marketing tag, we will update this section before that tag goes live, and existing visitors will see the cookie banner again so they can re-confirm their choice in light of the change.