Who we are

Nokia is a global company that is made up of many legal entities. Excluding those legal entities that have their own separate privacy notices this privacy notice applies to all legal entities within the Nokia group of companies with respect to enabling you to access the Network-as-Code Portal and Services.

We care about your privacy

Nokia respects your privacy and we are committed to protecting it. For your understanding and reference this privacy notice describes how we collect use and disclose personal data.

Here you will find our privacy practices in connection with the Network-as-Code Portal and Services email communications and offline business interactions with you.

Collectively we refer to the NaC Portal and Services emails (including to users of Nokia brand licensed products and services) and offline business interactions as the "services."

This privacy notice does not apply to personal data collected and processed by Nokia brand licensed products and/or services (such as Nokia branded phones and tablets). These products and services are manufactured and sold by Nokia brand licensees (such as HMD Global Oy) as authorized third parties. Please consult the relevant licensee's respective privacy notices regarding these products and services for information on how they use personal data. However please note that Nokia may provide a service to communicate information about such products and services to you and in connection with those activities we may collect and process personal data from you as further clarified below.

You are not required to provide personal data to Nokia. Please keep in mind that if you choose not to provide your personal data to Nokia we may not be able to provide you with either our products or services or all of their functionalities or to respond to queries you may have.

We may provide supplements to this notice providing additional and/or updated privacy information regarding our privacy practices that are specific to a product or service. Our products or services may contain links to other companies' websites and services that have privacy notices of their own. Please access those notices to understand their privacy practices which are outside our responsibility.

What personal data do we collect?

Personal data is information that identifies you as an individual or relates to an identifiable individual. Personal data we may collect includes:

• Name

• Email address

• Telephone or mobile number

• IP address (we may also derive your approximate location from your IP address)

• Online identifier

• Photograph containing an individual

• Payment card details or bank account information

• Geolocation data

We and our services collect and use personal data in a variety of ways including:

Through creating an account on the Network-as-Code Portal

The foregoing types of Personal data may be used by Nokia to create an account for you to access our Network-as-Code ("NaC") Portal and Services.

Through using the NaC Portal and Services

When you access the NaC Portal our web servers automatically create records of your visit. These records typically may include IP-address access times the sites linked from pages visited the links and features used the content viewed or requested browser or application type language and other such information. See also our Cookies & Similar Technologies Notice. Our applications may contact our servers periodically for example to check for updates or to send us information relating to service usage. Additionally we may invite you to join voluntary product and service improvement or research programs where detailed information is collected from participants.

Information you provide us with

When you create an account make a purchase request services participate in research or campaigns or otherwise interact with us we may ask for information such as your name email address phone number street address usernames and passwords feedback information relating to your devices age gender and language bank account number credit card details and other such financial information. We also maintain records of your consents preferences and settings that may include location data marketing and the sharing of personal data.

Your transactions with us

We maintain records of your purchases downloads the content you have provided us with your requests agreements between you and Nokia the products and services provided to you payment and delivery details as well as your interactions with us. We may in accordance with applicable law record your communication with our customer care team or with other such contact points (including communications with our brand licensees).

From third-party sources

We receive your personal data from third-party sources for example publicly available databases and joint marketing partners that share information with us.

Third party service providers that assist us with our business operations also collect and use information through the services they provide and also may share the collected information with us. For example our suppliers collect and share information with us to analyze use of the services to help us detect and prevent fraud and to improve user experience.

When and how do we use and share your personal data?

We and our service providers use personal data for the following purposes:

Providing the functionality of the NaC Portal and Services and fulfilling your requests

We use your personal data to provide you with our NaC Portal and Services to process your requests or as otherwise may be necessary to perform the contract between you and Nokia. This may include the need to ensure the functionality and security of our products and services to identify you in order to provide the service and to prevent and investigate fraud and other misuses. We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.

Creating accounts

NaC services require an account to help you manage your subscriptions and preferences. We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.

Developing and managing products and services

We use personal data to develop and manage our products services customer care sales and marketing. We engage in these activities to manage our contractual relationship with you to comply with a legal obligation and/or based on our legitimate interest including product development and quality control.

Communicating with you

We use personal data to communicate with you for example to inform you that our services have changed or to send you critical alerts and other such notices relating to our services or products and/or services offered by our brand licensees and to contact you for customer-care related purposes. We will engage in these activities to manage our contractual relationship with you for our legitimate interests and/or to comply with a legal obligation.

Analyzing personal data for business reporting and providing personalized services

We use personal data to personalize our offerings so that they match your specific situation and to provide you with more relevant services for example to make recommendations and to display customized content and advertising in our services. This may include displaying Nokia and third-party content (such as Nokia branded products by our licensees). We will provide personalized services based on our legitimate interests and with your consent to the extent required by applicable law.

Aggregating and/or making your personal data anonymous

We may aggregate and/or anonymize personal data so that it no longer relates to an identified or identifiable person. We do so to generate other data that we may use and disclose for any purpose as it no longer is personal data.

Accomplishing our business purposes

We employ data analysis based upon personal data for an extensive list of purposes including:

• Improving the efficiency of our services

• Conducting audits to verify that our internal processes function as intended and to address legal regulatory or contractual requirements.

• Preventing fraud and monitoring for fraud security purposes for example to detect and prevent cyberattacks or attempts to commit identity theft.

• Enhancing improving repairing maintaining or modifying our current products and services as well as undertaking quality and safety assurance measures

• Identifying usage trends for example understanding which parts of our services are of most interest to users; determining the effectiveness of our promotional campaigns so that we can adapt our campaigns to the needs and interests of our users.

• Operating and expanding our business activities for example understanding which parts of our services are of most interest to our users so we can focus our energies on meeting our users' interests.

We engage in these activities to manage our contractual relationship with you to comply with a legal obligation and/or based on our legitimate interest.

When and how do we share your personal data?

We disclose personal data:

To our affiliates for the purposes described in this notice

We provide our affiliates (see list) with access to your personal data to use in the ways described in this notice. Our affiliates will be responsible for addressing any questions or requests you have regarding their use of personal data shared with them and in some cases the response may also come from the central Nokia team.

By using our services you may elect to disclose personal data.

Some of our products and services allow you to share your personal data with other users of the product or service or with other services and their users. Please use your judgment before disclosing any personal data or other information that might be accessible to other users.

To authorized third parties.

We may share your personal data with other authorized third parties (including Nokia brand licensees) that process personal data for Nokia for the purposes described in this notice. This may include for example billing through your network service provider or otherwise delivery of your purchases; providing services including customer service; managing and analyzing consumer data; credit checks; conducting research and managing marketing and other such campaigns.

International transfers of personal data

Our products and services may be provided using resources and servers located in various countries around the world. It is possible that your personal data may be transferred across international borders including to countries outside the European Economic Area (EEA) that do not have laws providing specific protection for personal data or that have different legal rules on data protection. In certain circumstances courts law enforcement agencies regulatory agencies or security authorities in those other countries may be entitled to access your personal data. To address concerns about transfers from the UK or EEA to countries not considered adequate by the European Commission we have implemented appropriate measures to protect your personal data. For example we use standard contractual clauses adopted by the European Commission and binding corporate rules and we require the use of appropriate technical and organizational information security measures.

We also use and disclose your personal data when we have a legal obligation or legitimate interest in doing so:

To comply with applicable laws and regulations

This may include laws outside your country of residence.

To cooperate with public and government authorities

We may disclose your personal data to respond to a request from authorities or to provide information we believe is necessary or appropriate. These can include authorities outside your country of residence.

To cooperate with law enforcement

We may disclose your personal data to certain authorities or other third parties for example to law enforcement agencies in the countries where we or third parties acting on our behalf operate.

For other legal reasons

We may also disclose and otherwise process your personal data in accordance with applicable law to defend Nokia's legitimate interests for example in civil or criminal legal proceedings.

In connection with a sale or business transaction

If we decide to sell buy merge or otherwise reorganize our businesses in certain countries this may involve us disclosing personal data to prospective or actual purchasers and their advisers or receiving personal data from sellers and their advisers.

What other information do we collect?

Other information is any information that does not reveal your specific identity or does not directly relate to any individual's identity. We may collect other information such as:

• Browser and device information such as your Media Access Control (MAC) address computer type (Windows or Mac)

• Applications usage data

• Information collected through cookies web beacons and other similar technologies.

• Demographic information and other information provided by you that does not reveal your specific identity.

• Information that has been aggregated in a manner such that it no longer reveals your specific identity.

We and our service providers may collect other information in a variety of ways including:

• Your browser or device
  Certain information is collected by most browsers or automatically through your device such as your MAC address computer type (Windows or Mac) screen resolution operating system name and version device manufacturer and model language internet browser type and version and the name and version of the services (such as the app) you are using. We use this information to ensure that the services we provide function properly.

• Your use of our applications
  When you download and use our applications we and our service providers may track and collect applications usage data such as the date and time the applications on your device accesses our servers and what information and files have been downloaded to the applications based on your device number. When you download and use our applications we and our service providers may track and collect applications usage data such as the date and time the applications on your device accesses our servers and what information and files have been downloaded to the applications based on your device number.

• Cookies and Web Beacons
  Nokia uses cookies web beacons and other similar technologies to operate and improve our websites and offerings. We also use cookies for personalization and to display advertisements. Some Nokia websites use third party advertising technologies to present ads. Our domains may include third party elements that set cookies on behalf of a third party for example relating to third party social network. Please visit our Cookies & Similar Technologies Notice to find out more about how Nokia uses cookies and how you can disable cookies by browser settings or by other means.

We may use and disclose other information for any purpose except where we are required to do otherwise by law. If we are required to treat other information as personal data under applicable law we may use and disclose it for the purposes for which we use and disclose personal information as described in this notice. In some instances we may combine what we define as other information with personal data. If we do we will treat the combined information as personal data for as long as it is combined.

Third-party services

This notice does not address and we are not responsible for the privacy information or other practices of any third parties including any third party operating any website or service to which our services link. The inclusion of a link on our services sites does not imply endorsement of the linked site or service by us or by our affiliates. In addition we are not responsible for the information collection use disclosure or security policies or practices of other organizations such as Facebook Apple Google Microsoft RIM or any other application developer application provider social media platform provider operating system provider wireless service provider or device manufacturer including with respect to any personal data you disclose to other organizations through or in connection with the applications or our social media pages.

Third-party advertising

We use third-party advertising companies to place advertisements regarding goods and services that may be of interest to you when you access and use our services and other websites or online services. You may receive advertisements based on information relating to your access to and use of our services and other websites or online services on any of your devices as well as on information received from third parties. These companies place or recognize a unique cookie on your browser (including using pixel tags). They also use these technologies along with information they collect about your online use to recognize you across the devices you use such as a mobile phone and a laptop. If you would like more information about this practice and to learn how to opt out of it in desktop and mobile browsers on the particular device on which you are accessing this notice please visit http://optout.aboutads.info/#/ and http://optout.networkadvertising.org/#/. You may download the AppChoices app at www.aboutads.info/appchoices to opt out in mobile apps

How do we address the privacy of children?

Nokia's products and services are not intended for use by children. If you are under the age of majority in your place of residence you may use Nokia products and services only with the consent of or under the supervision of your parent or legal guardian. Consistent with the requirements of the US Children's Online Privacy Protection Act (COPPA) if we learn that a child under age 13 has provided personal data to or through the products or services without first receiving their parent's verified consent we will dispose of such personal data.

If you believe Nokia may have collected any information from a child under age 13 please contact our Privacy Office by using the form available here - Contact us - and selecting "Privacy" as the relevant category for the question or feedback

How do we address data quality?

• We take reasonable steps to keep the personal data we possess accurate and to delete incorrect or unnecessary personal data. We retain personal data for as long as needed or permitted to fulfill the purposes outlined in this notice or otherwise communicated to you unless a longer period is required by law.

• The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide the products or services to you (for example for as long as you have an account with us or keep using the services)

  • Whether there is a legal obligation to which we are subject (for example certain laws require us to keep records of your transactions for a certain period of time before we can delete them)

  • Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations litigation or regulatory investigations)

We encourage you to access your personal data through your account from time to time to help us ensure that it is up to date.

The steps we take to safeguard your personal data

Privacy and security are key considerations for us in the creation and delivery of our products and services. We take appropriate steps to address online security physical security risk of data loss and other such risks. We take into consideration the risk represented by the processing of your personal data and the nature of the data being protected. Also we only give access to our databases containing personal data to authorized persons with a justified need to access such information. Unfortunately no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure please immediately notify us by using the form available here - Contact us - and selecting "Privacy" as the relevant category for the question or feedback.

You may choose to unsubscribe from direct marketing

You may unsubscribe from direct marketing messages and to request that we stop processing your personal data for direct marketing purposes by using the links provided to you with the direct marketing messages you have received. Please note that critical alerts may still be sent to you even if you opt-out from marketing and other communications from Nokia.

How can you access change or delete your personal data?

If you would like to request to access correct update suppress restrict or delete personal data object to or opt out of the processing of personal data or if you would like to request to receive a copy of your personal data for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law) you may do so by emailing us using the form available here - Contact us - and selecting "Privacy" as the relevant category for the question or feedback. We will respond to your request consistent with applicable law.

If you are a California resident please refer to the "Additional Information Regarding California" section below for more information about the requests you may make under the California Consumer Privacy Act (CCPA).

In your request please make clear what personal data you would like to have changed or whether you would like to have your personal data suppressed from our database. For your protection we only implement requests with respect to the personal data associated with the particular email address that you use to send us your request and we may need to verify your identity before implementing your request. We will try to comply with your request in a timely manner to the best of our ability. In some cases if you withdraw your consent or wish us to delete or stop processing your personal data we may not be able to continue to provide the services to you.

If you are not satisfied with what we provide in response to your request(s) you can let us know by contacting us using the form available here - Contact us - and selecting "Privacy" as the relevant category for the question or feedback. If you are still dissatisfied you may also lodge a complaint with an EU/EEA data protection authority for your country or region where you reside or your place of work or where an alleged infringement of applicable data protection law occurs. A list of EU/ EEA data protection authorities is available at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

Contacting us

If you are using a Nokia product or service Nokia Corporation of Karakaari 7 02610 Espoo Finland is the controller of your personal data.

In addition the Nokia affiliate providing the product or service may be a controller of your personal data. You may find the identity of the controller and contact details by reviewing the terms and conditions of such a product or service or by using contact information provided in the applicable Nokia websites where such products or services are offered.

In matters pertaining to Nokia's privacy practices you may also contact us or our Group Data Protection Officer at:

Nokia Corporation c/o Privacy
Karakaari 7
P.O. Box 226
FI-00045 Nokia Group
Finland

You may contact us by using the form available here - Contact us - and selecting "Privacy" as the relevant category for the question or feedback.

Please do not include credit card or other sensitive information in your email to us. Please only send sensitive personal data if we specifically request it.

Changes to this privacy notice

The LAST UPDATED text at the top of this privacy notice indicates when it was last revised. Nokia may change this notice at any time with or without notice. Any changes will become effective when we post the revised privacy notice on this site's home page. We recommend that you re-visit this notice from time to time to learn of any such changes. If this notice is changed in a material way Nokia will add text advising of such change at the beginning of this notice and on this site's home page for 30 days

Supplemental Privacy Notices

California Consumer Privacy Act Supplement

Additional information regarding California

California Consumer Privacy Act Supplement