Privacy Policy

Effective date: June 17, 2026 · Last updated: June 17, 2026

This Privacy Policy explains how Norventis (“Norventis,” “we,” “us,” or “our”) collects, uses, and protects information in connection with our website at norventis.ai, our contact and project-inquiry forms, and the Norventis software platform and products (collectively, the “Services”). It applies to visitors to our website and to authorized users of our products.

1. Who we are

Norventis is a bespoke software studio. We design and build custom software for our clients, and we operate a platform through which clients access the products built for them. Depending on how you interact with us, we may act as the controller of your information (for our website and our own business operations) or as a service provider/processor that handles a client’s data on their behalf under a separate written agreement. Where a client controls the data, that client decides how it is used, and you should direct requests about that data to them.

2. Information we collect

Information you give us

Project & contact inquiries — when you submit our “Start a project” or contact form, we collect your name, email address, company or team (if provided), and the contents of your message.
Account information — if you are a client user, the name, work email, organization, and role associated with your account.
Communications — messages, emails, and other correspondence you send us.

Information collected automatically

Authentication & security data — for product users, login events, IP address, and device/browser information used to secure accounts and detect suspicious activity.
Operational logs — basic server and application logs needed to run, secure, and troubleshoot the Services.

We do not use third-party advertising trackers, and we do not sell personal information.

3. How we use information

To respond to your inquiries and discuss potential or active engagements;
To provide, operate, secure, and improve the Services;
To authenticate users and protect against unauthorized access, fraud, and abuse;
To comply with legal obligations and enforce our agreements.

Submitting an inquiry does not by itself create a client relationship. We use the information you provide in a form only to evaluate and respond to your request.

4. How we share information

We do not sell personal information. We share information only as follows:

Service providers (subprocessors) — we host and operate the Services on cloud infrastructure (Amazon Web Services) and may use providers for email delivery and form handling. They process data on our behalf under appropriate data-protection commitments. A current list is available on request.
Within your organization — authorized users at a client organization can see that organization’s own data in the relevant product.
Legal & safety — when required by law, subpoena, or to protect the rights, safety, and security of users, the public, or Norventis.
Business transfers — in connection with a merger, acquisition, or sale of assets, subject to the protections of this Policy.

5. Client data

For active engagements, the client retains ownership of the data it provides (“Client Data”), and Norventis processes that data only to deliver the relevant product or service under our written agreement with that client. Product-specific privacy and data-handling terms may apply and, where they exist, control over this general Policy for that product.

6. Where data is processed

The Services are hosted in the United States. By using the Services you understand that information is processed in the United States.

7. Security

We apply industry-standard safeguards, including encryption in transit (TLS 1.2+), authentication and access controls, network restrictions, secrets management, and monitoring. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Data retention

We retain inquiry and account information for as long as needed to respond to you, provide the Services, and meet legal obligations. Client Data is retained according to our agreement with the client and is deleted or returned upon termination, subject to legal retention requirements.

9. Your choices and rights

Depending on where you live and applicable law (for example, the California Consumer Privacy Act), you may have the right to access, correct, delete, or receive a copy of personal information we hold about you. To exercise these rights, contact us at the address below. For data a client controls, we will refer your request to that client. We will not discriminate against you for exercising these rights.

10. Cookies

Our marketing website uses only the cookies and local browser storage strictly necessary to operate it and, for product users, to keep you signed in. We do not use advertising or cross-site tracking cookies.

11. Children’s privacy

The Services are business tools and are not directed to children. We do not knowingly collect personal information from children.

12. Changes to this Policy

We may update this Policy from time to time. When we make material changes, we will revise the “Last updated” date above and, where appropriate, provide additional notice. Your continued use of the Services after changes take effect constitutes acceptance of the updated Policy.

13. Contact us

Norventis
rj@norventis.ai