1. Introduction
Welcome to Noria Strata. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us. By using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.
2. Data Controller
The data controller responsible for your personal data is Noria Group L.P. located at Grammou 71, Marousi, Athens 151 24, Greece. Phone: +30 21 0014 0120. Email: info@noria.gr. As the data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring compliance with applicable data protection laws.
3. Data We Collect
We collect different types of information depending on how you interact with our services.
3.1
When you submit a contact form, we collect: Full name, Email address, Company name, Message content
3.2
When you request a demo of our platform, we collect: Full name, Business email address, Company name, Job title / role, Country, Company size, Areas of interest, Additional comments (optional)
3.3
We collect anonymized analytics data to improve our services, including: Pages visited and time spent on pages, Referral sources, Device type and browser information, Approximate geographic location (country/region level), Interaction patterns (clicks, scrolls)
3.4
We use cookies and similar technologies to enhance your browsing experience. See Section 10 for our complete Cookie Policy.
4. How We Use Your Data
We use the personal data we collect for the following purposes: Communication - Responding to your inquiries, providing customer support, and sending relevant information about our services. Service delivery - Processing demo requests, scheduling meetings, and providing access to our platform. Marketing - Sending newsletters and promotional communications (only with your explicit consent). Analytics - Analyzing usage patterns to improve our website and services. Legal compliance - Meeting legal obligations and protecting our legitimate interests. Security - Detecting and preventing fraud, abuse, and security incidents.
5. Legal Basis for Processing
Under the GDPR, we process your personal data based on the following legal grounds: Consent - When you subscribe to our newsletter or agree to receive marketing communications. You may withdraw consent at any time. Contract Performance - When processing is necessary to fulfill a contract with you, such as providing access to our platform or processing demo requests. Legitimate Interest - When processing is necessary for our legitimate business interests, such as improving our services, ensuring security, and responding to inquiries. We always balance these interests against your rights. Legal Obligation - When processing is required to comply with applicable laws and regulations.
6. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected: Contact form submissions - 2 years from last interaction. Demo request data - 3 years from submission. Customer account data - Duration of contract + 5 years. Analytics data - 26 months (anonymized). Marketing preferences - Until consent is withdrawn. Legal/compliance records - As required by law. After the retention period expires, we securely delete or anonymize your data.
7. Your Rights (GDPR)
Under the GDPR, you have the following rights regarding your personal data: Right of Access - Request a copy of the personal data we hold about you. Right to Rectification - Request correction of inaccurate or incomplete data. Right to Erasure - Request deletion of your personal data (also known as the "right to be forgotten"). Right to Restrict Processing - Request limitation of how we process your data. Right to Data Portability - Receive your data in a structured, machine-readable format and transfer it to another controller. Right to Object - Object to processing based on legitimate interests or for direct marketing purposes. Right to Withdraw Consent - Withdraw previously given consent at any time. To exercise any of these rights, please contact our Data Protection Officer at privacy@noriastrata.com. We will respond to your request within 30 days. You also have the right to lodge a complaint with a supervisory authority if you believe your rights have been violated.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction: Encryption in transit (TLS 1.3) and at rest (AES-256), Regular security assessments and penetration testing, Access controls and authentication mechanisms, Employee training on data protection practices, Incident response and breach notification procedures, Regular backups with secure storage. While we strive to protect your personal data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.
9. Third-Party Services
We use trusted third-party services to operate our platform. These providers process data on our behalf under strict contractual agreements: Supabase - Database and authentication services. Data stored in EU regions. Vercel - Website hosting and deployment. GDPR-compliant with EU data processing agreements. We ensure all third-party processors comply with GDPR requirements and maintain appropriate data protection standards.
11. International Data Transfers
Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place: Standard Contractual Clauses (SCCs) approved by the European Commission, Transfers to countries with adequacy decisions from the European Commission, Binding Corporate Rules where applicable.
12. Contact Information
If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact our Data Protection Officer: Noria Group L.P., Grammou 71, Marousi, Athens 151 24, Greece. Email: privacy@noriastrata.com. Phone: +30 21 0014 0120. We will respond to all legitimate requests within 30 days. In some cases, we may need to verify your identity before processing your request.
13. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. When we make material changes, we will: Update the "Last updated" date at the top of this page, Notify registered users via email for significant changes, Post a notice on our website when appropriate. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.