Book a Meeting
    Contact Information

    Benoni South Africa
    87 Kei Rd
    Farrarmere
    1501

    Give us a call. We would love to discuss your project.

    087 265 9489

    Find us here
    LinksNorthSupportNorthTraining
     GDPR Policy

    GDPR Policy

    Even though Northroom Technologies does not have a presence in th EU, Northroom Technologies is committed to complying with the General Data Protection Regulations by virtue of the fact that our processing activities are related to the offering of Services to individuals resident in the EU, or to the monitoring of the behaviour of individuals in the EU.
    This GDPR Compliance Policy explains how we collect, store, and process personal data in compliance with the GDPR, applicable to our clients, users, and website visitors within the European Economic Area (EEA).

    1. Data Controller Information

    For the purposes of GDPR, Northroom Technologies is the data controller for any personal data collected via our website and services.

    2. Data We Collect and Process

    We collect only the necessary personal data to provide our services effectively, which may include:

    • Personal Information: Name, email address, phone number, job title, and company information, including factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity (subject to explicit consent).
    • Technical Information: IP address, browser type, operating system, and usage data collected via cookies and similar technologies.
    • Service-Related Information: Any information required to provide and improve our software solutions, including feedback, project information, and communication history.

    3. Purpose and Legal Basis for Data Processing

    We process personal data and may transfer such data abroad based on the following legal grounds:

    • Consent: Where you have given explicit consent for processing (e.g., email marketing); as well as when you have explicitly consented to the proposed transfer and acknowledged the possible risks of such transfer due to inadequate safeguards.
    • Contractual Obligation: Processing is necessary to carry out actions for the conclusion or performance of a contract to which the user is a party, eg to render our software services.
    • Public interest: Processing is carried out in the public interest.
    • Legitimate Interests: Protect the vital interest of the data subject or of another natural person, and for the legitimate interest of Northroom Technologies when this does not override your fundamental rights. Further, where the transfer is for the benefit of the data subject, and – (i) it is not reasonably practicable to obtain the consent of the data subject to that transfer; and (ii) if it were reasonably practicable to obtain such consent, the data subject would be likely to give it.
    • Legal Compliance: To fulfill legal obligations or respond to lawful requests from authorities.

    4. Data Sharing and Third-Party Processors

    Northroom Technologies may share personal data with trusted third-party processors to facilitate our services. These processors are contractually obligated to adhere to GDPR and ensure the security of the data. We do not sell, rent, or otherwise disclose personal data to third parties for commercial purposes.

    5. Data Storage and Retention

    We store personal data securely within our systems and only retain it for as long as is necessary to fulfill the purposes outlined in this policy. Once personal data is no longer required, we securely delete or anonymize it, unless required otherwise by legal obligations.

    6. Data Subject Rights

    Under GDPR, you have the following rights regarding your personal data:

    • Access: Request access to your personal data and obtain a copy.
    • Rectification: Correct any inaccuracies in your personal data.
    • Erasure: Request deletion of your personal data where applicable.
    • Restriction of Processing: Limit the processing of your personal data.
    • Data Portability: Obtain a portable copy of your personal data for transfer to another provider.
    • Object: Object to processing based on legitimate interests or direct marketing.
    • Withdraw Consent: Withdraw your consent where consent is the basis for processing.

    To exercise any of these rights, please contact us.

    7. Data Security

    We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Security protocols include data encryption, regular audits, and access controls to ensure data confidentiality and integrity.

    8. International Data Transfers

    As a South African company, we may transfer personal data outside the EEA to provide our services. In such cases, we ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs) or equivalent measures, are in place to protect your data.

    9. Cookies and Tracking Technologies

    Our website uses cookies and similar tracking technologies to enhance user experience and gather usage data. For more details, please refer to our [Cookie Policy].

    10. Children’s Privacy

    Although the GDPR primarily refers to children's personal data in the context of information society services permissible between the ages of 13 and 16, our services will not be directed to children under the age of 18. If we become aware that we have collected data from a child, we will delete it promptly.

    11. Contact Us

    For questions, concerns, or to file a complaint regarding our GDPR practices, please contact us.

    12. Changes to This Policy

    Northroom Technologies reserves the right to update this GDPR policy as necessary to comply with legal requirements or reflect changes to our practices. Any updates will be posted on this page, and we encourage users to review it periodically.