.png)
PRIVACY POLICY (POPIA-Compliant)
Last Updated: 16 May 2026
---
1. Overview
Norovari (Pty) Ltd (“Norovari”, “we”, “us”) develops vehicle intelligence, data integrity, and security systems designed to support trusted, transparent, and responsible access to vehicle-generated information.
This Privacy Policy explains how we collect, process, use, safeguard, and govern personal information and vehicle-related data in accordance with applicable South African law and aligned international data protection principles.
Norovari recognises that connected-device and vehicle-generated data are increasingly subject to evolving global regulatory frameworks relating to transparency, portability, access rights, governance, and accountability.
---
2. Information We Collect
We may collect:
- Personal Information (name, contact details, organisation)
- Vehicle and Device Data (location, telemetry, operational signals, movement, usage, event, and system-generated information)
- Technical Data (IP address, browser type, system interactions, and platform usage)
- Communication Data (support requests, correspondence, notifications, and operational communications)
Vehicle-generated information may include structured, processed, or analytical outputs derived from connected systems where applicable.
---
3. Purpose of Processing
We process information to:
- provide and operate vehicle intelligence and security services
- generate operational, analytical, and forensic reporting
- support claims validation, asset recovery, incident analysis, and operational investigations
- improve system performance, reliability, integrity, and security
- detect anomalies, fraud, misuse, tampering, or unauthorised activity
- comply with legal, contractual, regulatory, and governance obligations
Norovari may use automated systems, analytical models, integrity-verification mechanisms, and related technologies to support operational insights and reporting functions.
---
4. Data Governance and Roles
Norovari recognises that users, vehicle owners, operators, fleet managers, insurers, and authorised entities may retain rights and interests relating to personal and vehicle-generated information.
Depending on the operational context, Norovari may act as:
- a Responsible Party or Controller
- an Operator or Processor acting on behalf of authorised clients or partners
Norovari does not claim unrestricted ownership over personal or vehicle-generated information.
---
5. Data Access and Portability
Subject to applicable law and technical feasibility, authorised users may request:
- access to relevant personal or vehicle-generated information
- export of information in a structured, commonly used format
- transfer of authorised information to approved third parties
Norovari supports principles of transparency, portability, controlled access, and accountable governance consistent with evolving connected-device and vehicle-data regulatory frameworks.
---
6. Data Sharing and Consent
We share information only:
- with authorised consent
- where necessary to provide services
- where required by law, regulation, fraud investigation, asset recovery process, lawful request, or protection of legal rights
All sharing activities are subject to:
- defined purpose limitations
- access restrictions
- confidentiality safeguards
- applicable legal and contractual protections
We do not sell personal data.
---
7. Data Integrity and Verification
Norovari may implement integrity verification, audit logging, cryptographic controls, tamper-evident mechanisms, anomaly detection systems, and related safeguards designed to support trustworthy, reliable, and accountable system records.
These measures are intended to support operational integrity, transparency, evidentiary reliability, and responsible governance where applicable.
Specific operational security mechanisms are not publicly disclosed where doing so could reasonably affect system integrity or security.
---
8. Transparency and Accountability
We aim to maintain appropriate visibility into:
- categories of information access
- authorised recipients
- processing purposes
- governance and operational activities
Norovari supports principles of accountable, transparent, and responsible data handling.
---
9. Security
We implement appropriate technical and organisational safeguards designed to protect information against unauthorised access, misuse, disclosure, alteration, destruction, or compromise.
Safeguards may include:
- encryption
- authentication controls
- access restrictions
- monitoring and anomaly detection
- integrity protections
- system logging and auditability measures
---
10. Data Retention
Information is retained only for as long as reasonably necessary for operational, legal, contractual, evidentiary, regulatory, security, fraud prevention, or governance purposes.
After this period, information may be securely deleted, anonymised, or archived where appropriate.
---
11. International Transfers
Where information is transferred across jurisdictions, Norovari implements reasonable safeguards consistent with applicable legal, contractual, confidentiality, and governance requirements.
---
12. Your Rights
Subject to applicable law, you may have the right to:
- access your information
- request correction or deletion
- object to processing
- request portability
- withdraw consent where applicable
- lodge a complaint with the Information Regulator or relevant authority
---
13. Contact
Email: info@norovari.com