DealCater
  • DealCater Software
  • FAQ
  • Pricing
  • Company
  • Contact

Legal

Privacy Policy

This policy explains how Nordic Resolutions Oy and the DealCater service process personal data, including data used by Google Calendar connections.

Last updated 17 July 2026

English Suomi Svenska

Contents

  1. Controller and roles
  2. Data we process
  3. Google Calendar data
  4. Purposes and legal bases
  5. Recipients and international transfers
  6. Retention and deletion
  7. Security
  8. Website technologies
  9. Your rights
  10. Google API Limited Use
  11. Changes to this policy

Controller and roles

Nordic Resolutions Oy (Business ID 3446364-4), the provider of DealCater, is the controller for its website visitor, account administration, customer relationship, support, security and company OAuth connection data.

When a catering company uses DealCater to process its own customer, offer, order or calendar data, that company normally determines the purposes of the processing and acts as controller. Nordic Resolutions Oy then processes the data on the company’s behalf as a processor under the applicable service agreement and data-processing terms.

Data we process

  • account and company information, such as name, work contact details, organisation, role and access rights;
  • customer relationship, contract, billing and support information;
  • information submitted through website and service forms;
  • technical usage, authentication, audit, device and security information, including IP address and timestamps where necessary;
  • offer, order, customer and calendar information entered into the service by customer organisations;
  • data required for optional Google and Microsoft calendar connections.

Customers are responsible for ensuring that they have a lawful basis and appropriate notices for personal data they enter into DealCater.

Google Calendar data

When a company connects a Google account, DealCater processes the account name and email address, calendar-list metadata and data from calendars selected by the company. Calendar event data may include title, description, location, dates, times, time zone and status.

DealCater also processes OAuth access and refresh tokens and technical calendar, event, version and synchronisation identifiers required to maintain the connection, prevent duplicates and diagnose failures. The complete raw Google event response is not retained after the data required by DealCater has been normalised.

Further details are available on the Google Calendar connection page.

Purposes and legal bases

We process data to provide and secure the service, administer accounts and customer relationships, synchronise data requested by customers, respond to support and sales contacts, meet legal obligations, prevent misuse and improve reliability.

Depending on the situation, processing is based on performance of a contract or steps requested before a contract, compliance with legal obligations, and our legitimate interests in operating, securing and developing a business service. Marketing based on consent is used only where consent is required.

Google OAuth authorisation is a technical permission to access the selected Google services. It is not by itself the legal basis for all processing under data-protection law.

Recipients and international transfers

Data is available only to authorised personnel and service providers that need it to provide hosting, communications, support, security, analytics or the connected integration. Google and Microsoft process data under their own terms when their services are used.

We do not sell personal data. If a provider processes data outside the EU or EEA, we use an applicable transfer mechanism such as an adequacy decision or contractual safeguards where required.

Retention and deletion

  • account and customer relationship data is retained for the duration of the relationship and afterwards only as required for legal, contractual, accounting or dispute-resolution purposes;
  • imported calendar data is retained while the calendar is linked and is removed locally when the linked calendar is disconnected from DealCater;
  • company OAuth tokens and connection metadata are retained while the connection is active and are removed when the connection is safely disconnected;
  • operational and security events are retained according to their purpose and severity; critical diagnostic events may be retained for up to 24 months;
  • contact and support information is removed or anonymised when it is no longer needed for handling the matter or the customer relationship.

Unlinking an imported calendar from DealCater does not delete or modify the external Google or Microsoft calendar.

Security

We use role- and company-based access controls, protected credentials, audit and monitoring controls, transport encryption and operational safeguards appropriate for a multi-tenant business service. Access is limited to persons and systems that require it.

No online service can guarantee absolute security. We investigate suspected incidents and notify affected parties and authorities where required by law.

Website technologies

The public website may process contact-form data and basic technical usage information. It uses website assets and services such as Google Fonts, Calendly, social-media content and DealCater’s analytics infrastructure. Opening embedded or third-party content may cause the third party to receive technical request information.

Strictly necessary cookies may be used for session and security functions. Non-essential analytics or third-party technologies must be used in accordance with applicable cookie and consent requirements.

Your rights

Subject to applicable law, you may request access to, correction or deletion of your personal data, restriction of or objection to processing, and data portability. You may withdraw consent where processing is based on consent.

If your data was entered into DealCater by a catering company, contact that company first because it is normally the controller for that data. You may also lodge a complaint with the Office of the Data Protection Ombudsman in Finland or another competent supervisory authority.

Google API Limited Use

DealCater’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Google user data is not used for advertising, sold, or used for unrelated profiling.

Changes to this policy

We update this policy when the service, legal requirements or processing practices change. The current version and update date are always published on this page.

Privacy contact

Send privacy requests and questions to the address below. We may need to verify the requester’s identity before fulfilling a request.

Nordic Resolutions Oy / DealCater
Finnish Business ID: 3446364-4

Contact Information
  • Phone 044 246 3364
  • Email
Navigation
  • Home
  • Features
  • Pricing
  • Contact
  • Try the DealCater Buffet Engine
Legal and data protection
  • Google Calendar connection
  • Privacy Policy
  • Terms of Service
Follow Us
Instagram Facebook

  • DealCater.fi
  • DealCater.se

© 2026 Nordic Resolutions Oy / DealCater. All rights reserved.

Website for companies: Sivulle.com