DATA PROTECTION

DATA PROTECTION

The Company is committed to ensuring the security, integrity, andconfidentiality of personal data processed within its systems and services, inaccordance with applicable European data protection legislation, includingRegulation (EU) 2016/679 (General Data Protection Regulation – GDPR), as wellas other relevant laws and regulations.

This Data Protection Policy describes the technical and organizationalmeasures implemented by the Company to protect personal data being processed.

Scope

This policy applies to:

All personal data processed by the Company in connection with the platform
All employees, contractors, and authorized personnel of the Company
All systems, infrastructure, and services used to deliver the SaaS solution

Roles and Responsibilities

When providing the platform:

The Company acts as a Data Processor on behalf of its business customers.
Business customers act as Data Controllers with respect to personal data of their employees, users, or other data subjects entered into the platform.

The Company processes personal data solely in accordance with documentedinstructions from the Data Controller, unless otherwise required by applicablelaw.

Data Protection Principles

All personal data is processed in compliance with the followingprinciples:

Lawfulness, fairness, and transparency
Purpose limitation
Data minimization
Accuracy and data quality
Storage limitation
Integrity and confidentiality

Technical Security Measures

The Company implements appropriate technical measures to protectpersonal data, including but not limited to:

Secure hosting infrastructure
Encryption of data in transit and, where applicable, at rest
Role-based access control
Authentication and authorization mechanisms
Logging and monitoring of system activity
Regular updates, patches, and vulnerability management

These measures are designed to ensure a level of security appropriate tothe risk associated with the processing of personal data.

Organizational Measures

In addition to technical safeguards, the Company applies organizationalmeasures such as:

Restricted access to personal data on a need-to-know basis
Confidentiality obligations for employees and contractors
Internal policies governing data protection and information security
Procedures for handling data protection requests and incidents

Sub-processors

The Company may engage third-party sub-processors to support thedelivery of its services, such as hosting, infrastructure, analytics, andcommunication providers.

All sub-processors are carefully selected and contractually obligated toimplement appropriate data protection and security measures in compliance withGDPR.

Personal Data Breach Management

In the event of a personal data breach, the Company:

Promptly assesses and contains the incident
Takes necessary corrective measures
Notifies the Data Controller without undue delay
Assists the Data Controller in fulfilling notification obligations to supervisory authorities and data subjects, where required

International Data Transfers

Personal data may be processed or stored outside the country ofresidence of the data subject, including within the European Union and injurisdictions where the Company’s sub-processors operate.

Where data is transferred outside the EU/EEA, appropriate safeguards areapplied in accordance with GDPR, including the use of Standard ContractualClauses approved by the European Commission.

Data Retention and Deletion

Personal data is retained only for as long as necessary to fulfillcontractual obligations, comply with legal requirements, or as instructed bythe Data Controller.

Upon termination of the service, personal data will be deleted oranonymized in accordance with contractual agreements and applicable law, unlessretention is required by law.

Data Subject Rights Support

The Company supports Data Controllers in responding to data subjectrequests, including:

Access to personal data
Rectification
Erasure
Restriction of processing
Objection

Requests relating to data protection may be addressed to the Company’sData Protection Officer.

Contact Information

Email: support@norteh.net

Policy Review and Updates

This Data Protection Policy is reviewed periodically and may be updatedto reflect changes in legal, technical, or operational requirements.

The latest version will always be available on the Company’s website.

01.01.2026.

‍

About Us

News

Products:

/ SalesDrive™

Reinventing the way how brands manage sales and reward retail teams performance by using process driven innovation in order to boost revenue and increase profit margin

/ SmartMetrics

Go-to solution for businesses seeking comprehensive sales reporting, consolidating all sales seamlessly under a single user-friendly interface

/ HyperCare

Sales representatives, filed sales team and frontline employees directly interact with the software, facilitating task management, data collection and analytics

/ BonusWise

Allows businesses to automate the calculation of various compensation models for their in-house sales team members

Tutorials

Contact

REQUEST A DEMO