PRIVACY POLICY

DATA PROTECTION

The Company is committed to ensuring the security, integrity, and confidentiality of personal data processed within its systems and services, in accordance with applicable European data protection legislation, including Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), as well as other relevant laws and regulations.

This Data Protection Policy describes the technical and organizational measures implemented by the Company to protect personal data being processed.

Scope

This policy applies to:

All personal data processed by the Company in connection with the platform
All employees, contractors, and authorized personnel of the Company
All systems, infrastructure, and services used to deliver the SaaS solution

Roles and Responsibilities

When providing the platform:

The Company acts as a Data Processor on behalf of its business customers.
Business customers act as Data Controllers with respect to personal data of their employees, users, or other data subjects entered into the platform.

The Company processes personal data solely in accordance with documented instructions from the Data Controller, unless otherwise required by applicable law.

Data Protection Principles

All personal data is processed in compliance with the following principles:

Lawfulness, fairness, and transparency
Purpose limitation
Data minimization
Accuracy and data quality
Storage limitation
Integrity and confidentiality

Technical Security Measures

The Company implements appropriate technical measures to protect personal data, including but not limited to:

Secure hosting infrastructure
Encryption of data in transit and, where applicable, at rest
Role-based access control
Authentication and authorization mechanisms
Logging and monitoring of system activity
Regular updates, patches, and vulnerability management

These measures are designed to ensure a level of security appropriate to the risk associated with the processing of personal data.

Organizational Measures

In addition to technical safeguards, the Company applies organizational measures such as:

Restricted access to personal data on a need-to-know basis
Confidentiality obligations for employees and contractors
Internal policies governing data protection and information security
Procedures for handling data protection requests and incidents

Sub-processors

The Company may engage third-party sub-processors to support the delivery of its services, such as hosting, infrastructure, analytics, and communication providers.

All sub-processors are carefully selected and contractually obligated to implement appropriate data protection and security measures in compliance with GDPR.

Personal Data Breach Management

In the event of a personal data breach, the Company:

Promptly assesses and contains the incident
Takes necessary corrective measures
Notifies the Data Controller without undue delay
Assists the Data Controller in fulfilling notification obligations to supervisory authorities and data subjects, where required

International Data Transfers

Personal data may be processed or stored outside the country of residence of the data subject, including within the European Union and in jurisdictions where the Company’s sub-processors operate.

Where data is transferred outside the EU/EEA, appropriate safeguards are applied in accordance with GDPR, including the use of Standard Contractual Clauses approved by the European Commission.

Data Retention and Deletion

Personal data is retained only for as long as necessary to fulfill contractual obligations, comply with legal requirements, or as instructed by the Data Controller.

Upon termination of the service, personal data will be deleted or anonymized in accordance with contractual agreements and applicable law, unless retention is required by law.

Data Subject Rights Support

The Company supports Data Controllers in responding to data subject requests, including:

Access to personal data
Rectification
Erasure
Restriction of processing
Objection

Requests relating to data protection may be addressed to the Company’s Data Protection Officer.

Contact Information

Email: support@norteh.net

Policy Review and Updates

This Data Protection Policy is reviewed periodically and may be updated to reflect changes in legal, technical, or operational requirements.

The latest version will always be available on the Company’s website.

01.01.2026.

‍

About Us

News

Products:

/ SalesDrive™

Reinventing the way how brands manage sales and reward retail teams performance by using process driven innovation in order to boost revenue and increase profit margin

/ SmartMetrics

Go-to solution for businesses seeking comprehensive sales reporting, consolidating all sales seamlessly under a single user-friendly interface

/ HyperCare

Sales representatives, filed sales team and frontline employees directly interact with the software, facilitating task management, data collection and analytics

/ BonusWise

Allows businesses to automate the calculation of various compensation models for their in-house sales team members

Tutorials

Contact

REQUEST A DEMO