Privacy Policy

Your privacy is important to us. This Privacy Policy explains how Nocarta collects, uses, protects, and shares information about you.

Data Controller

Nocarta is the data controller for your personal information. Contact: [email protected]

Information We Collect

Information you provide:

• Account information (email address, name)
• Authentication data (passkey credentials)
• User content (forms, workflows, documents, files)
• Communications (support requests, feedback)

Information collected automatically:

• Usage data (pages visited, features used)
• Session data (login times, session duration)
• Device information (browser type, operating system)
• Network information (IP address, anonymized after 24 hours)

How We Use Your Information

Data Processing Location

All your data is processed exclusively on our own servers located in the European Union. We do not use third-party analytics services. Your data never leaves our infrastructure.

Data Sharing

We do NOT share your data with:

• Third-party analytics providers
• Advertising networks
• Data brokers

We may share data with essential service providers (hosting, email delivery) under Data Processing Agreements, and when required by law.

Data Retention

• Account data: Until deletion + 30 days
• User content: Until deleted by you
• Usage analytics: 12 months, then anonymized
• Security logs: 90 days

Cookies

We use only essential cookies for authentication and security. We do not use tracking or advertising cookies.

Security

We implement comprehensive security measures including:

• TLS 1.3 encryption in transit
• AES-256 encryption at rest
• Passkey/WebAuthn authentication (no passwords)
• Regular security audits

Last updated: January 25, 2026