Data Processing Policy

NORO acts as a data processor for customer workspace signals and as a controller for platform security and service analytics. Processing is limited to service delivery, reliability monitoring, abuse prevention, and performance optimization.

Customer workspace data is logically isolated by project and owner identifiers. Operational pipelines use scoped credentials, signed webhooks, and auditable service actions.

Data retention windows are aligned to product requirements, billing records, and legal obligations. Deletion and export requests are handled through authenticated support workflows.