Privacy & Policy

1. Introduction

At Nostra, we highly value your privacy and the security of your personal data. This Privacy Policy details how we collect, use, disclose, and protect user information when you access our website, Nostratech.com, and use our services, which include IT consulting, project portfolio management, and an engineer training academy.

We are committed to handling your data responsibly and transparently. By using our website and services, you acknowledge and consent to the practices outlined in this Privacy Policy.

2. Information We Collect

We collect different types of information to provide better services and improve user experience. The types of data we collect include:

  • Identity Information: Includes full name, email address, phone number, mailing address, government-issued identification details, and other personal contact details.
  • Professional Information: Includes job title, company affiliation, industry, work experience, certifications, and professional licenses.
  • Academy Information: If you enroll in our academy, we collect details such as registration information, completed courses, certifications obtained, learning progress, assessments, and feedback on courses.
  • Technical Information: Includes data such as IP address, device type, operating system, browser type, geolocation data, website activity logs, browsing history, referring URLs, and session duration. This information helps us improve security, analyze usage patterns, and enhance functionality.
  • Cookies and Tracking Technologies: We utilize cookies, web beacons, and tracking tools to enhance user experience, remember preferences, provide targeted advertisements, and analyze website traffic and interactions.

3. Use of Information

The collected information serves various essential purposes, which are described in the table below:

Use of information for various purposes as described in our Privacy Policy, including service provision, training, communication, security, data analysis, legal compliance, and marketing.
Purpose Description
Service ProvisionEnables us to provide, manage, and improve IT consulting services, project portfolio, and training academy.
Training ProcessingAllows us to register participants, manage training progress, conduct assessments, and issue certifications for academy programs.
CommunicationsFacilitates direct communication to share updates, service information, promotional offers, and customer support.
SecurityHelps us protect users by preventing fraud, monitoring suspicious activities, detecting security threats, and securing systems.
Data AnalysisEnables us to evaluate website performance, optimize services, understand user behavior, and enhance user experience.
Legal ComplianceEnsures compliance with applicable laws, regulations, legal processes, and governmental requests.
Marketing & AdvertisingPersonalizes and delivers targeted advertisements, promotional campaigns, and special offers based on user preferences and interests.

4. Information Sharing

We do not sell, rent, or trade your personal information to third parties. However, in specific situations, we may share your data with:

  • Third-party Service Providers: We work with trusted third-party partners who assist in operating our website, managing communications, processing payments, conducting analytics, and delivering advertisements. These providers are contractually required to maintain confidentiality and use data only for service-related purposes.
  • Legal Authorities: We may disclose user data if required by law, in response to legal proceedings, regulatory requirements, or to protect our rights, safety, and business integrity.
  • Business Transfers: In the event of a merger, acquisition, or sale of company assets, user information may be transferred as part of the business transaction, subject to privacy safeguards.

5. Information Security

We have implemented strong technical, administrative, and organizational security measures to safeguard personal information from unauthorized access, misuse, and data breaches. Our security practices include:

  • Data encryption for sensitive information to prevent unauthorized access.
  • Secure authentication mechanisms and access controls to limit unauthorized data exposure.
  • Regular security audits, penetration testing, and vulnerability assessments to identify and mitigate security risks.
  • Continuous monitoring of network traffic and systems for potential security threats.

Despite our efforts, no system is entirely secure. We recommend users take precautionary measures such as using strong passwords, enabling multi-factor authentication, and avoiding sharing sensitive information over unsecured channels.

6. User Rights

We respect your rights regarding your personal data. You have the following options:

  • Access & Correction: You may request access to your personal information and update or correct any inaccuracies.
  • Data Deletion: You have the right to request the deletion of your data unless we are legally required to retain it.
  • Marketing Preferences: You may opt out of marketing communications at any time by following the unsubscribe link in our emails or contacting us directly.
  • Data Portability: You can request a copy of your data in a structured, machine-readable format for transfer to another service provider.
  • Objection & Restriction: You may object to data processing for certain purposes or request restrictions on how we process your information.

To exercise any of these rights, please reach out via our contact information listed in Section 9.

7. Agile Scrum Policy

As a company that follows Agile Scrum methodology, we ensure that all project-related data remains confidential and accessible only to authorized team members. Our Agile Scrum practices prioritize security, transparency, and efficiency in project management while upholding strict data protection standards. Key principles include:

  • Limited Data Access: Only authorized personnel within specific Scrum teams can access relevant project data.
  • Data Segmentation: Project data is segmented to ensure confidentiality and prevent unauthorized access.
  • Continuous Review: Regular security assessments are conducted to maintain compliance and safeguard project-related data.

8. Policy Changes

We may update this Privacy Policy periodically to align with regulatory requirements, industry best practices, or changes in our services. Any modifications will be posted on our website, and where necessary, we will notify users of significant updates via email or website notifications.

9. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy, please contact us at:

  • Email: sysadmin@nostratech.com
  • Address: Sequis Centre 10th floor, JL. Jenderal Sudirman No.71 Jakarta 12190

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your data.

We use cookies to improve your experience, and analyze site performance. You can accept all cookies or customize your preferences.