Noorstream Security – Privacy Policy
Effective Date: April 21, 2026
Entity: Noorstream Security LLC (“Noorstream,” “we,” “us,” “our”)
Jurisdiction: United States
Contact: privacy@noorstream.com
1. Our Privacy Commitment
We treat privacy as a matter of digital sovereignty. We collect only the information necessary to deliver our services securely, fulfill contractual or legal obligations, and improve our operations.
We never sell, rent, trade, or share your personal data for marketing or analytics purposes.
2. Information We Collect
A. You Provide
- Basic contact information (name, email, company name)
- Payment and billing details for transactions
- Information you submit for security services or assessments
- Booking inquiries: contact information plus context about your organization and needs
- Newsletter subscriptions: email address only
- Communications sent to our support team
B. Automatically Collected
- General device, browser, and connection data
- Site usage analytics via Matomo, configured to respect privacy with IP anonymization and no third-party data sharing
- Security-related event metadata
3. Use of Information
We use your information to:
- Deliver and maintain Noorstream services
- Provide security advisories, assessments, and reports
- Maintain operational integrity and protect against abuse
- Meet applicable legal requirements
4. Zero Data Brokerage
Noorstream operates under a strict no data brokerage policy:
- No sale, rental, or trade of your personal data
- No sharing with advertisers, analytics brokers, or unrelated third parties
- The only exception is when legally required by a valid, enforceable request under applicable law
5. Data Retention
We retain data only for as long as needed to:
- Operate our services
- Maintain security
- Satisfy legal or compliance requirements
When no longer needed, data is securely deleted.
6. Security
As a security firm, we hold our own data protection practices to the same operational standards we recommend to clients. We continuously review and improve our defenses against unauthorized access, alteration, or loss.
7. Cookies
We use minimal cookies:
- Essential — to ensure website functionality and secure sessions
- Analytics — Matomo analytics cookies, configured with IP anonymization and short retention periods
We do not use advertising, tracking, or third-party marketing cookies.
You can disable cookies through your browser settings. Disabling essential cookies may affect site functionality.
8. Service Providers
We use the following third-party providers to operate our services:
- WordPress.com (Automattic) — website hosting and infrastructure
- Google Workspace — email, calendar, and appointment scheduling
- Matomo — privacy-respecting analytics
- Jetpack — subscription management
Each of these providers has its own privacy policy. We only share data with them as necessary to provide our services.
9. International Access
Noorstream’s systems and subprocessors are located in the United States. If you access Noorstream services from outside the U.S., your data will be transferred to and stored in the U.S. By using our services, you consent to this transfer.
For users in jurisdictions with stricter data protection laws (including the EU, UK, and regions governed by GDPR), please contact privacy@noorstream.com to discuss applicable rights.
10. Children’s Privacy
Noorstream’s services are directed at business and professional users. We do not knowingly collect information from children under 13. If you believe a child has submitted information to us, please contact privacy@noorstream.com and we will delete it.
11. Your Rights
Where legally applicable, you may request:
- Access to your personal data
- Corrections or updates
- Deletion of data
Contact: privacy@noorstream.com
12. Policy Updates
We may update this policy as needed. The revised version will be posted here with the updated Effective Date.
13. Contact
For privacy-related matters: privacy@noorstream.com