← Back to Norven

Privacy Policy

Last updated: March 2026

At Norven, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our field inspection digitization platform.

1. Information We Collect

1.1 Account Information

When you create a Norven account, we collect:

  • Name and email address
  • Company name and role
  • Phone number (optional)
  • Billing information (processed securely through our payment provider)

1.2 Inspection Data

As you use our platform, we store:

  • Inspection reports, checklists, and templates you create
  • Photos, videos, and attachments uploaded during inspections
  • Notes, annotations, and comments
  • Location data associated with inspections (if you enable it)
  • Team member information and permissions

1.3 Usage Data

We automatically collect certain information about how you use Norven:

  • Pages visited and features used
  • Time spent on the platform
  • Clicks, interactions, and navigation patterns
  • Error logs and performance data

1.4 Device and Technical Information

We collect technical information including:

  • IP address and general location (city/country level)
  • Browser type and version
  • Device type, operating system, and screen resolution
  • Referring website and session identifiers

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our inspection platform
  • Process your transactions and send billing notifications
  • Respond to your support requests and communications
  • Send important service updates and security alerts
  • Analyze usage patterns to improve our product
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations and enforce our terms

3. Data Sharing and Disclosure

We do not sell your personal data. We only share your information in the following limited circumstances:

3.1 Service Providers

We work with trusted third-party service providers who help us operate our platform:

  • Authentication: Clerk (user authentication and session management)
  • Payments: Stripe (payment processing)
  • Hosting: Cloud infrastructure providers (data storage and computing)
  • Email: Transactional email service providers

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

3.2 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to:

  • Comply with legal obligations
  • Protect the rights, property, or safety of Norven, our users, or the public
  • Detect, prevent, or address fraud or security issues

3.3 Business Transfers

If Norven is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

  • Data encryption in transit (TLS/SSL) and at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication requirements
  • Secure data centers with physical and network security
  • Regular backups and disaster recovery procedures

Your data is stored on secure servers located in the European Union and complies with EU data protection standards.

While we take extensive precautions, no system is completely secure. We cannot guarantee absolute security of your data.

5. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

5.1 Right to Access

You can request a copy of all personal data we hold about you.

5.2 Right to Rectification

You can update or correct your personal information at any time through your account settings.

5.3 Right to Deletion

You can request deletion of your account and associated data. We will delete your data within 30 days, except where we are required to retain it for legal or accounting purposes.

5.4 Right to Data Portability

You can export your inspection data in a structured, machine-readable format (JSON/CSV) at any time from your account settings.

5.5 Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances.

5.6 Right to Object

You can object to our processing of your data for specific purposes.

To exercise any of these rights, contact us at hello@norven.io. We will respond within 30 days.

6. Cookies and Tracking

Norven uses cookies and similar technologies to provide and improve our service. We use:

  • Essential cookies: Required for authentication, security, and basic functionality
  • Preference cookies: Remember your settings and preferences
  • Analytics cookies: Help us understand how you use our platform

For detailed information about our cookie usage and how to manage them, please see our Cookie Policy.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. Specifically:

  • Account data: Retained while your account is active, deleted within 30 days of account closure
  • Inspection data: Retained according to your subscription plan and deleted upon request or account closure
  • Billing records: Retained for 7 years as required by accounting and tax regulations
  • Usage logs: Typically retained for 90 days for security and debugging purposes

8. International Data Transfers

Norven is based in Spain and primarily serves European customers. Your data is stored within the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

9. Children's Privacy

Norven is a B2B platform not intended for children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice in the application

Your continued use of Norven after the changes become effective constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to all legitimate requests within 30 days.

Questions about this policy? Contact us at hello@norven.io