Privacy PolicyPolicy

NRX Solution may collect account details such as name, work email, organisation name, role, authentication records, and activity logs needed to provide secure access to the platform.

We may also process documents, workflow submissions, audit evidence, and support communications submitted by customer organisations through the service.

• Identity and account details
• Authentication, device, and session information
• Usage logs and platform activity history
• Customer-provided business content and support requests

We use personal data to authenticate users, operate the platform, secure customer environments, deliver requested features, respond to support requests, and maintain service quality.

We may also use operational data to troubleshoot incidents, monitor abuse, improve product reliability, and comply with legal or contractual obligations.

Depending on the context, we process data to perform our contract with customer organisations, pursue legitimate business interests such as security and product improvement, comply with legal obligations, or act on documented customer instructions.

Where consent is required by applicable law, we will rely on that consent for the specific activity involved.

We may share data only with trusted service providers, infrastructure partners, and subprocessors that help us deliver the service, provided they are bound by confidentiality and security obligations.

We may also disclose information when required by law, to protect the rights and safety of users or customers, or in connection with a corporate transaction subject to appropriate safeguards.

We retain personal data only for as long as necessary to provide the service, satisfy contractual commitments, resolve disputes, comply with legal requirements, and maintain security and audit records.

Retention periods may vary depending on the category of data, the customer relationship, and any legal obligations that apply.

NRX Solution uses administrative, technical, and organisational controls designed to protect personal data against unauthorised access, loss, misuse, or disclosure.

Those controls may include access management, authentication safeguards, logging, least-privilege access, encrypted transport, and routine monitoring of service security.

Subject to applicable law and your relationship with the relevant customer organisation, you may have rights to access, correct, delete, restrict, or object to certain processing of your personal data.

Requests relating to business-account data may need to be coordinated with your organisation administrator because that organisation may control the account and underlying records.

If personal data is transferred across borders, we will use appropriate safeguards suitable for the jurisdictions involved and the role we serve in the data-processing arrangement.

Those safeguards may include contractual protections, vendor diligence, and security measures proportionate to the nature of the data.

We may update this Privacy Policy from time to time to reflect operational changes, legal developments, or enhancements to the service.

The latest version published on this page becomes effective from the stated update date.