Nomad LogoNomad

Privacy Policy

Last updated: November 13, 2025

Introduction

This privacy policy describes how ARDAN HOLDING, SASU, publisher of the Nomad platform, collects and processes your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable French legislation.

Nomad is a B2B platform for workspace management and corporate presence, enabling desk and room booking, presence planning, internal messaging and access to dashboards for HR, Workplace or Office Management teams.

This Privacy Policy is an integral part of our Terms of Service. It must be read in conjunction with them.

Roles and responsibilities

Client companies

For data relating to employees and end users (presence, reservations, messages, etc.), the employer or client company is, in principle, the data controller within the meaning of the GDPR.

ARDAN HOLDING then acts as a processor, on documented instruction from the client company, within the framework of the contract concluded with it.

ARDAN HOLDING

ARDAN HOLDING acts as data controller for the following processing operations:

  • Management of its website, demonstration accounts and contact channels.
  • Management of commercial relations with client companies (B2B prospecting, billing, contract monitoring).
  • Platform security management (security logs, anomaly detection).
  • Product improvement through aggregated and anonymized statistics.
  • Compliance with legal and accounting obligations.

This policy details the processing operations carried out by ARDAN HOLDING, whether as data controller or as processor on behalf of its clients.

Data collected

In order to operate Nomad, we collect information that you provide directly to us, as well as data that we collect automatically.

Data you provide directly

  • Your registration data: full name, professional email address, password, company, team, department, role in the application, usual workplace, presence status.
  • Your reservations: desks, rooms, phone booths (resource, date, time, status).
  • Your presence declarations (who plans to be where and when).
  • Your messages and exchanges via internal messaging.
  • Your interactions with Nomad: action history in the interface.

Data we collect automatically

  • Technical data: IP address, browser information, operating system and device type.
  • Technical logs: timestamps, URLs visited, error codes, security event logs.
  • Cookies and similar technologies: we use cookies to ensure the service functions, secure sessions and, with your consent, measure audience and improve the product. Detailed information is available in our Cookie Policy, accessible from the website.

Why do we collect your data?

We collect and process your personal data for the following reasons:

  • To enable you to access Nomad and use the services we provide: this means you are executing the contract we have with you.
  • In ARDAN HOLDING's legitimate interest: we may use your data if we have a legitimate reason to do so, for example to protect ourselves against fraudulent and illegal behavior, and to ensure the platform remains secure.
  • To fulfill a legal obligation: we are required, for example, to retain certain data and transmit it to authorities if they request it.
  • With your consent: for optional processing (newsletters, analytical or non-essential marketing cookies), we only implement them if you have given your explicit consent.

When ARDAN HOLDING acts as a processor for the client company, the main legal basis for processing is determined by the employer and specified in the client company's documentation.

How do we use your data?

We collect, use and store your personal data in order to:

  • Create and manage your user account and enable you to access Nomad services.
  • Enable desk, room and phone booth reservations.
  • Display and plan presence (on-site, remote, leave, etc.).
  • Enable internal communication via messaging.
  • Provide dashboards and reports to client company administrators.
  • Ensure platform security and prevent fraud.
  • Improve our services and fix bugs.
  • Send transactional emails (account creation, password reset, reservation confirmations, important notifications).
  • Send newsletters or commercial information, if you have consented.
  • Comply with our legal obligations.

Consent

Processing strictly necessary for service provision (account creation, reservations, presence, security) does not rely on your consent, but on contract performance or legitimate interest.

Optional processing (newsletters, analytical or non-essential marketing cookies) is only implemented if you have given your explicit consent. You can withdraw your consent at any time via your account settings, the cookie banner, or by contacting us directly.

Your rights

In accordance with the GDPR, you have the following rights regarding your personal data:

Right of access
Right to rectification
Right to erasure (right to be forgotten)
Right to restriction
Right to data portability
Right to object
Right to withdraw your consent
Post-mortem right (French law)

Exercising your rights

You can exercise your rights:

  • By email: contact@be-nomad.io
  • Possibly via the internal administrator of your client company, when it has set up a specific procedure.
  • Eventually, via a dedicated section in the application when this feature is available.

For certain processing operations carried out on behalf of your employer, we may refer you to your client company, as data controller, so that your request is processed within the framework it has defined.

Complaint to the supervisory authority

You also have the right to lodge a complaint with the competent supervisory authority. In France:

CNIL – Commission Nationale de l'Informatique et des Libertés
Website: https://www.cnil.fr

Data sharing and processors

We do not sell any personal data.

Data may be shared with service providers acting as processors on behalf of ARDAN HOLDING, solely for the purposes described. With each provider, ARDAN HOLDING implements a GDPR-compliant processor agreement, imposing in particular confidentiality obligations, appropriate security measures, and limiting access to authorized persons only.

The data we process is primarily intended for internal use by ARDAN HOLDING and its technical processors. Only certain authorized persons within ARDAN HOLDING can access your personal data (for example for support, maintenance, security or administration). These accesses are limited to what is strictly necessary for the performance of their duties and are subject to controls and confidentiality commitments.

Will your data be transferred outside the European Union?

Personal data of Nomad users is stored on servers located in the European Union (EU). In cases where transfers are made to countries that are not members of the European Union, they are carried out under the guarantee of standard contractual clauses as published by the European Commission.

How is your data protected?

ARDAN HOLDING ensures that your data is processed securely and confidentially. Consequently, appropriate technical and organizational measures are implemented to prevent loss, misuse, alteration and deletion of your personal data.

However, zero risk does not exist on the internet and we cannot guarantee 100% security of your personal data. That is why it is important to inform us immediately if you think you have been the victim of an attack on your personal data, by writing to us at contact@be-nomad.io.

In case of a personal data breach likely to pose a risk to your rights and freedoms, ARDAN HOLDING will notify the competent supervisory authority (for example the CNIL) within the time limits provided for by the GDPR when required, and will inform users or the concerned client company as soon as possible.

How long do we keep your data?

Personal data is retained only for the duration necessary for the purposes for which it is collected, increased if necessary by legal limitation periods.

When your account is deleted (or at the request of the client company), your personal data is no longer accessible in the interface. However, some data may be retained beyond this deletion to comply with our legal obligations (for example, retention of consent evidence, security logs, billing), as long as a dispute or security incident is ongoing, or to prevent the reopening of fraudulent accounts.

In these cases, access to retained data is strictly limited and data is archived, then deleted or anonymized after the necessary periods.

Cookies and trackers

ARDAN HOLDING uses cookies and similar technologies to ensure the Nomad service functions, secure sessions and, with your consent, measure audience and improve the product.

Cookies strictly necessary for website operation are deposited without prior consent. Analytical or non-essential marketing cookies are only deposited with your consent. A cookie banner is displayed on your first visit to allow you to accept or refuse non-essential cookies, configure your choices by category, and modify your preferences at any time.

Detailed information (types of cookies used, purposes, retention periods) is available in the Cookie Policy, accessible from the website.

Policy modifications

It may be necessary to update this Privacy Policy, in particular to comply with current regulations, or in case of changes to how we use your personal data. The update date at the top of this page will be updated. In case of substantial changes, users and/or administrators of client companies may be informed via a notification in the application and/or an email sent to administrator contacts.

Contact

For any questions regarding this policy or the protection of your data:

ARDAN HOLDING – SASU

Publisher of the Nomad platform

60 rue François 1er
75008 Paris, France

Email: contact@be-nomad.io

Privacy Policy - Nomad