Privacy Policy

1. Data Controller

Norixis is the data controller for personal data processed through the service.

Address: Netherlands - Almere

Contact: support@norixis.com

2. Data We Collect

We process account identifiers, contact details provided by auth providers, subscription and billing status, product usage/progress, support communications, and technical/security logs.

3. Purposes and Legal Bases (GDPR)

We process personal data to: provide the service (contract), secure and improve the platform (legitimate interests), process payments and account actions (contract/legal obligation), and send necessary service communications (contract/legitimate interests). Where required, we rely on consent (for example, non-essential advertising cookies).

4. Recipients and Processors

We share data with service providers that process data on our behalf, including authentication providers, payment processors, cloud hosting/infrastructure, analytics, and customer support tooling, strictly for business purposes.

5. International Transfers

Your data may be processed outside your country. Where required, we use legally recognized transfer safeguards such as adequacy decisions or standard contractual clauses.

6. Retention

We keep data only as long as necessary for the purposes above, including legal, accounting, dispute, fraud-prevention, and security obligations. Retention periods vary by data type and operational need.

7. Cookies and Advertising

We use cookies and similar technologies for core functionality and, where enabled, ad delivery/measurement. Non-essential ad cookies are loaded only after consent where required.

We do not sell personal information for money. If targeted advertising is enabled, we may share certain online identifiers with advertising partners, which may be treated as "sharing" for cross-context behavioral advertising under some US state laws.

8. Your Privacy Rights

Depending on location, you may request access, correction, deletion, restriction, portability, objection, withdrawal of consent, and opt-out of targeted advertising/sharing where applicable.

Submit requests at support@norixis.com. We may verify identity before fulfilling requests.

We aim to respond within legally required timelines (typically 30 days for GDPR requests and 45 days for certain US state privacy requests, subject to lawful extensions). Where required, you may appeal a denied request by replying to our decision email.

9. Automated Decision-Making

We do not use solely automated decision-making that produces legal or similarly significant effects about you.

10. Children's Privacy

The service is not directed to children under 13. We do not knowingly collect personal data from children under 13 without verifiable parental consent. If you believe a child provided data, contact us so we can investigate and delete data where required.

11. Complaints and Supervisory Authorities

If you are in the EU/EEA/UK and believe our processing violates applicable law, you may lodge a complaint with your local data protection authority.

12. Updates

We may update this policy from time to time. Material changes are reflected by updating the effective date on this page.