Norsh
HomeNTPNCLAPI
HomeNTPNCLAPI
  1. Compliance
  • Norsh
    • Getting Started
    • Usage Guide
      • Cryptographic Identity
    • API
      • Crypto
        • Generates a public and private key pair
        • Generates an address from a public key.
  • NTP - Norsh Technical Paper
    • LICENSE-NCL-11
    • Published
      • NTP-1: Norsh Technical Paper Specification
      • NTP-2: Standards for Encoding, Time and Localization
      • NTP-3: Cryptography and Hash Specification
      • NTP-4: Interchangeable Data Standard
      • NTP-5: Temporal Time-Step Model
      • NTP-6: Modular Prime Fragmentation
      • NTP-7: The End of Mining - PoW
      • NTP-8: The Fallacy of Stake - PoS
      • NTP-9: The Myth of Absolute Non-Censorship
      • NTP-10: Structural Failures of Decentralization
  • NCL - Norsh Commons License
    • NCL-0: Norsh Commons License
    • NCL-1: Attribution Requirement
    • NCL-2: Restricted Commercialization
    • NCL-4: Commercialization with Agreement or Royalties
    • NCL-8: Educational Use Permission
    • NCL-16: Complementary Use and Integration Permission
    • NCL-32: Pre-Approval for Application Publication
    • NCL-64: Restricted or Authorized Derivatives
    • NCL-128: Contribution Terms
  • Academy
    • Exam Program
  • Compliance
    • Terms of Use
    • Privacy Policy
    • Norsh Brand and Trademark Usage Guidelines
    • AI Content Notice
    • Credits
    • Partners
    • Legal Templates
      • Policy on Public Disclosure of Legal Templates
      • NDA - Template
      • Service Agreement - Template
  • Resources
    • Norsh Brand Guidelines
  1. Compliance

Privacy Policy

1. Introduction#

Norsh recognizes that privacy is a fundamental right and handles the subject with technical rigor. This policy describes how personal data is processed for users and organizations that use Norsh services, products, and blockchain infrastructure, according to the laws of the United States (including CCPA/California), European Union (GDPR), Brazil (LGPD), and other jurisdictions.
This policy applies to all interactions with Norsh, including websites, applications, services, integrated systems, or directly with blockchain infrastructure, as well as operations via API interfaces, dApps, and any solution that uses assets, addresses, or elements managed by Norsh.

2. General Privacy Principles#

Norsh only collects and stores personal data strictly necessary for user authentication, preference management, and system usage metrics. We do not use personal data for advertising, third-party marketing, or the sale of information to third parties.

3. Privacy and Blockchain#

By design, Norsh operates under a privacy model based on private keys:
Data recorded on the blockchain is public and immutable, except when anonymization, encryption, or fragmentation techniques are explicitly used by the user or the company responsible for the element.
Identifiable or identified information stored on the blockchain or displayed in transactions is the exclusive responsibility of the holder of the corresponding private key or the company that owns the associated element.
Norsh does not collect, store, or link personal data to addresses, transactions, or assets on the blockchain, except where such linkage is requested and authorized by the user or required by law or contract.
The immutable nature of blockchain may limit the exercise of rights such as deletion and rectification. It is the user's responsibility to assess the content recorded in public ledgers and, where applicable, adopt pseudonymization or anonymous metadata practices.

4. Regional Legal Details#

4.1. United States (including CCPA - California Consumer Privacy Act)#

For US residents, especially California:
Norsh does not sell or share personal data for advertising purposes.
Users may request information about personal data collected, correct information, restrict usage, or request deletion as provided by local law.
If California law (CCPA/CPRA) applies, users may exercise their rights through the official privacy channel or by contacting the designated Data Protection Officer.
Authentication and usage data (logs, IP, preferences) are collected exclusively for service provision and platform security.
No data is used for behavioral segmentation or shared with non-essential third parties.

4.2. European Union (GDPR - General Data Protection Regulation)#

For EU residents:
The legal basis for processing personal data may be user consent, contract execution, legal obligation, or legitimate interest, depending on context.
Users have the right to access, rectify, delete, restrict, port, and object to the processing of their personal data.
All collected data is stored and processed according to GDPR standards, including encryption, segregation, and audit logs.
Data is only shared with third parties when required to provide the service or comply with legal obligations, never for third-party commercial purposes.
Norsh ensures international data transfers are performed in compliance with GDPR requirements.

4.3. Brazil (LGPD - Lei Geral de Proteção de Dados)#

For data subjects in Brazil:
Data collection and processing follow the principles of LGPD, including purpose, necessity, adequacy, transparency, security, prevention, and non-discrimination.
Users may request information about processing, access, correction, deletion, anonymization, and portability of their personal data.
Norsh provides a Data Protection Officer (DPO) for handling requests, available through the official contact channel.
Personal data is used exclusively for authentication, preferences, performance, and security, and is not shared for marketing or sales purposes.
In the event of a security incident, the data subject will be notified as required by law.

4.4. Other Jurisdictions#

For users in other countries, Norsh follows privacy principles aligned with the most restrictive regulations. If there is a conflict between regulations, US law (including CCPA) will prevail.

5. Data Collection, Use, and Sharing#

5.1. Data Collected#

Norsh only collects the following data:
Authentication data (email, hashed password, public keys, access tokens).
User preferences (language, system settings).
Usage and metrics data (access logs, performance, IP, timestamps, device information).
Technical metadata for blockchain, API, and integrated interface operation.
We do not collect sensitive data (such as biometrics, precise location, health, religious beliefs, etc.) except where explicitly informed and authorized by the user for a specific feature.

5.2. Data Usage#

Provide authentication, authorization, and service access.
Manage user preferences and customized experience.
Monitor, protect, and maintain system performance and security.
Perform usage metrics and technical statistics.
Fulfill legal or regulatory obligations, where applicable.

5.3. Data Sharing#

Only with essential service providers (e.g., cloud providers, audit services, external authentication), always under contract and confidentiality requirements.
Sharing with public authorities or courts only upon valid legal order.
No sharing with third parties for commercial, advertising, or profiling purposes.

5.4. Cookies:**#

Norsh only uses cookies and similar technologies to:
Manage user authentication and preferences.
Measure usage and performance of systems.
We do not use cookies for profiling, remarketing, or collecting sensitive data beyond what is necessary for core functions and internal statistical analysis. Users may restrict or delete cookies via their browser, but this may impact essential system functionality.

6. Exercise of Rights#

Users may access, correct, restrict, port, or request deletion of personal data, as provided by CCPA, GDPR, LGPD, and applicable laws, subject to the technical limitations of blockchain immutability. Requests should be made through the official privacy channel available at docs.norsh.org/privacy or by the designated email.
In the blockchain context, deletion or modification of public data may not be technically possible. Where possible, alternatives such as obfuscation, anonymization, or dissociation of metadata will be evaluated and applied.

7. Security and Retention#

Norsh adopts technical and administrative measures to protect data against unauthorized access, leaks, or misuse, including encryption, environment segregation, access controls, logs, and periodic audits.
Personal data is retained only for as long as necessary for the original purpose or as required by law, and is deleted, anonymized, or dissociated after that period.
Data on the blockchain is immutable and public; retention depends on the network's technical operation.

8. Data of Minors#

Norsh does not target its services to minors and does not intentionally collect personal data from children without explicit consent from guardians when required by law. If minor data is identified, it will be removed or dissociated as soon as detected, unless required by law.

9. Updates#

This policy may be updated periodically to ensure regulatory compliance and technical adequacy. Users will be notified in case of substantial changes.

10. Contact#

For questions, requests, or the exercise of privacy rights, contact the official channel at docs.norsh.org/privacy or email privacy(at symbol)norsh.org. The Data Protection Officer is available to serve all jurisdictions mentioned in this policy.
Modified at 2025-06-24 03:51:40
Previous
Terms of Use
Next
Norsh Brand and Trademark Usage Guidelines
Built with