Compliance Information

Understanding how Nurosentrix handles data and supports your compliance requirements.

Important Notice

Nurosentrix is a growing platform and does not currently hold formal compliance certifications (such as SOC 2, ISO 27001, or HIPAA). We implement security best practices, but if your organization requires certified compliance, please contact us to discuss your specific needs.

How We Handle Your Data

Data Residency

You choose where your data is stored. We support deployments on DigitalOcean and Vultr with data centers in multiple regions including US, EU, and Asia-Pacific.

Data Processing

We process data only as necessary to provide our services. Your Odoo data remains in your instances - we do not access it unless explicitly authorized for support purposes.

Data Protection

All data is encrypted at rest and in transit. We implement industry-standard security measures to protect your information.

Access Controls

Role-based access control allows you to manage who can access your instances. Audit logs track all actions for accountability.

Data Portability

You can export your data at any time. Backups are in standard formats that can be restored to any Odoo installation.

Incident Notification

In the event of a data breach affecting your information, we will notify you promptly in accordance with applicable laws.

GDPR Considerations

For customers subject to the General Data Protection Regulation (GDPR), we support compliance through:

  • EU data center options - deploy your instances in EU regions
  • Data export capabilities - download your data in portable formats
  • Data deletion - request complete deletion of your account and data
  • Data Processing Agreement - available upon request for business customers
  • Minimal data collection - we only collect data necessary for service operation

Data Retention

Active Accounts: Your data is retained for as long as your account is active.

After Account Deletion: Personal data is deleted within 30 days. Backups may be retained for up to 30 additional days for recovery purposes before permanent deletion.

Audit Logs: Activity logs are retained for 90 days for security purposes.

Billing Records: Financial records are retained as required by applicable tax laws.

Third-Party Services

Nurosentrix integrates with third-party services to provide our platform. Your use of these services is subject to their respective terms:

  • Cloud Providers: DigitalOcean, Vultr (infrastructure)
  • Payment Processing: Stripe (billing)
  • Backup Storage: Your chosen provider (S3, GCS, Azure Blob)

Questions About Compliance?

Contact us to discuss your specific compliance requirements or request a Data Processing Agreement.

Contact UsView Privacy Policy