Privacy Policy

1. Introduction

Norvoxy Ltd ("Norvoxy", "we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at norvoxy.com, use our conversation security platform, or engage with our services.

Norvoxy Ltd is registered in England and Wales with its registered office in London, United Kingdom. For the purposes of data protection legislation, Norvoxy Ltd is the data controller.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when you:

• Request a demo or contact us through our website
• Create an account or register for our services
• Subscribe to our newsletter or marketing communications
• Participate in surveys, promotions, or events
• Communicate with our support team

This may include your name, email address, company name, job title, phone number, and any other information you choose to provide.

2.2 Automatically Collected Information

When you access our website or services, we may automatically collect certain information, including:

• Device information (browser type, operating system, device identifiers)
• Log data (IP address, access times, pages viewed, referring URL)
• Usage information (features used, actions taken, performance data)
• Location information (derived from IP address)

2.3 Information from Our Services

Our conversation security platform is designed with a zero-access architecture. We process conversation metadata and threat signals in real-time but do not store, retain, or access the content of conversations or any personally identifiable information contained within them. Our clients retain full control and ownership of their customer data.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve our services
• To process transactions and send related information
• To respond to your enquiries and provide customer support
• To send promotional communications (with your consent)
• To detect, prevent, and address technical issues and security threats
• To comply with legal obligations and enforce our terms
• To analyse usage patterns and improve user experience

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract: Processing necessary for the performance of a contract with you
• Legitimate Interests: Processing necessary for our legitimate business interests, provided these do not override your rights
• Consent: Where you have given clear consent for processing (e.g., marketing communications)
• Legal Obligation: Processing necessary to comply with legal requirements

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third parties that perform services on our behalf (hosting, analytics, payment processing)
• Business Partners: With your consent, for joint marketing initiatives
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets

All third parties are contractually required to protect your data and use it only for the purposes we specify.

6. International Data Transfers

Your information may be transferred to and processed in countries outside the UK and European Economic Area. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with adequate data protection laws
• Binding corporate rules for intra-group transfers

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements. Retention periods vary based on the type of data and our legal obligations. When data is no longer required, it is securely deleted or anonymised.

8. Your Rights

Under GDPR and UK data protection law, you have the following rights:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data in certain circumstances
• Restriction: Request limitation of processing in certain circumstances
• Portability: Receive your data in a structured, commonly used format
• Objection: Object to processing based on legitimate interests or for direct marketing
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at privacy@norvoxy.com. We will respond within one month of receiving your request.

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience, analyse usage, and deliver relevant content. You can manage your cookie preferences through your browser settings. For more information, please see our Cookie Policy.

10. Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and employee training. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

11. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the "Last updated" date. Your continued use of our services after any changes indicates your acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated. The ICO can be contacted at ico.org.uk.