Privacy Policy

This privacy policy details how NaorX (Naor Cohen) ("we", "our", "the Company") collects, uses, protects and shares personal information of users on the NaorX.com website and services we provide. We are committed to protecting your privacy and handling your personal information responsibly and in accordance with Israeli and international privacy protection laws, including the European Union General Data Protection Regulation (GDPR). The Company provides advanced technological development services including developing smart bots for various platforms, professional website development, business automation systems, artificial intelligence solutions and technology consulting services. During service provision, we may collect and process personal information for legitimate business purposes and with your explicit consent. This policy is updated from time to time according to technological and regulatory changes, and you can always find the most updated version on our website.

We collect several types of information during website and service usage, always according to legitimate purposes and with your consent. Personal identifying information includes full name, email address, phone number, home or business address, company or organization details, and information about your technological interests and needs. Technical and website usage information includes IP address, browser type and operating system, pages visited on the website, time spent on each page, traffic source to the website (how you reached us), and cookies for improving user experience. During service provision we collect project information and technical requirements, professional communication between parties, project documents and technical materials, feedback and comments on services, and performance and usage data from systems we developed. Financial and business information includes secure payment details (processed by third-party payment providers), invoices and business agreements, and business needs analysis findings. All information is collected and stored according to international standards for personal information protection.

We use collected information for well-defined legitimate business purposes, always maintaining principles of minimization and relevance. Providing professional services includes planning and developing customized technological solutions, professional communication and project coordination, providing technical support and customer service, and fulfilling contractual and business obligations. Service improvement includes analyzing usage patterns to improve the website, developing new services and innovations, personalizing services to client needs, and researching technological trends. Communication and marketing include sending updates about new services and products (with explicit consent), invitations to professional events and learning sessions, customized professional content in technology fields, and responding to professional inquiries and questions. Legal compliance includes managing business and financial records, meeting regulatory and tax requirements, protecting intellectual property rights and confidential information, and handling complaints or legal disputes. All information use is conducted according to privacy principles and always for transparent and predefined purposes.

We do not sell or share personal information with third parties for commercial purposes. All information sharing occurs only in the following cases and according to strict limitations. Essential service providers include secure cloud storage providers for data backup, secure payment systems (PayPal, Stripe) for payment processing, analytics services (Google Analytics) for anonymous usage research, and professional communication tools for project management. All providers are signed on strict confidentiality agreements and meet international information security standards. Legal requirements include cases where law requires information disclosure to authorized authorities, legal proceedings or formal complaint clarification, protecting our legal rights or our clients' rights, and preventing illegal activity or fraud. Limited business partnerships include information sharing with professional consultants (lawyers, accountants) subject to confidentiality obligations, technical contractors assisting in development according to confidentiality agreements, and approved information processors for handling technical data. In any case of information sharing, we ensure the third party meets the same privacy protection standards we maintain and commits not to use information for purposes other than those defined.

We implement a multi-layered protection system based on the most advanced technological standards for protecting personal and business information. Data encryption includes complete encryption of all information in transit using advanced SSL/TLS protocol, encryption of databases at rest with AES-256 keys, encrypted daily backup of all critical information, and distributed and secure key management system. Access control and authentication includes multi-factor authentication for all critical systems, tiered access permissions according to need-to-know principle, complete tracking and documentation of all information access operations, and periodic updating of permissions and removal of unnecessary access. Monitoring and control include 24/7 monitoring system to identify hacking attempts or unusual access, periodic security scans of all systems and applications, annual penetration testing by external security companies, and rapid response plan for security incidents. Updates and maintenance include ongoing updates of all operating systems and applications, implementation of critical security patches within 24 hours of publication, distributed backup in three different geographical locations, and cloud-based disaster recovery plan. All information is stored in certified cloud service facilities meeting SOC 2 and ISO 27001 standards.

According to Israeli and international privacy protection laws, you have comprehensive rights regarding your personal information held by us. Right of access and update includes receiving complete details about personal information stored about you with us, updating or correcting information that is inaccurate or outdated, receiving explanation of usage purposes and information sources, and understanding retention periods and planned deletion procedures. Right of deletion and restriction includes requesting deletion of personal information no longer required for legitimate purposes, restricting information processing to specific purposes only, objecting to certain uses of information (such as marketing), and canceling consents previously given for specific uses. Right of portability includes receiving a copy of personal information in structured and machine-readable format, transferring information to another service provider (when technically possible), and receiving assistance in the transfer process in appropriate cases. Right of complaint includes direct contact with us for handling any problem or concern, contacting the Israeli Privacy Protection Authority in case of dissatisfaction, receiving detailed response to any complaint within 30 days, and transparent tracking of the complaint handling process. All rights can be exercised without cost and through simple contact with us through the channels detailed at the end of this policy.

We use cookies and advanced tracking technologies to improve website user experience and provide personalized services, always respecting your wishes and privacy. Essential cookies include cookies necessary for basic website functionality (such as saving language preferences), security cookies to prevent cyber attacks and identity spoofing, session cookies for managing login status and temporary preferences, and form memory cookies for saving data during long form completion. Analytics cookies include Google Analytics cookies for anonymous visitor traffic analysis, measuring website page performance and loading times, understanding navigation paths and website behavior, and general (non-personal) demographic research of target audience. Functional cookies include saving personal preferences such as font size and design, remembering previous choices in forms and searches, content adaptation according to interest and visit history, and connection with external services (such as maps or video). Marketing and promotion cookies include tracking traffic sources for measuring campaign effectiveness, adapting advertising content to interests, retargeting previous visitors (with explicit consent), and market research for developing new services. You can always manage cookie preferences through your browser settings or using management tools on the website, and choose exactly which types of cookies to allow or block.

As part of providing services and operating the website, your information may be transferred and processed on servers located outside Israel, always maintaining strict privacy protection standards. Cloud and storage services include using leading cloud providers located in Europe and the United States meeting GDPR and SOC 2 standards, ISO 27001 certified data centers with complete encryption, distributed backup in three geographical regions for maximum security, and advanced protection systems against cyber threats and breaches. Cross-border protection agreements include detailed DPA (Data Processing Agreement) with every provider, strict privacy protection clauses in every international contract, supervision and control mechanisms for overseas information processing, and audit and inspection rights of implemented protection procedures. Restrictions and securities include information transfer only to countries with accepted privacy protection standards, using information only for purposes defined in agreements, return or deletion mechanisms for information upon request, and complete coordination with Israeli authorities for supervision and control purposes. In case of change in information processing location, you will receive at least 30 days advance notice with option to object or request changes.

We maintain the principle of minimization in information retention and keep personal information only as long as required for legitimate and defined purposes, while implementing automatic and periodic deletion procedures. Standard retention periods include active project information kept for project duration and up to two years after completion, business and professional correspondence kept up to 5 years for legal and business needs, anonymous analytics data kept up to 3 years for research and service improvement, and financial and business information kept according to Israeli law requirements (up to 7 years). Automatic deletion includes automatic systems for deleting information after retention period expiration, periodic scans to identify information no longer needed, secure archiving of critical business information according to law, and immediate deletion of temporary information and cache data after use. Deletion upon request includes responding to deletion requests within 30 days of inquiry, complete deletion from all systems and backups (except legal restrictions), written confirmation of deletion execution with details of deleted information, and special handling in cases where there are legal obligations for retention. Backup and archiving processes include encrypted backup of all critical information in three separate locations, periodic deletion of old backups according to retention procedures, monthly integrity and completeness checks of backups, and rapid recovery plan in case of data loss or technical failure.

This privacy policy may be updated from time to time according to technological, regulatory, or service structure changes, always maintaining transparency and advance notice to users. Types of changes include adaptation to new laws and regulations in privacy protection field, integration of new technologies or security improvements, addition of new services or modification of existing services, and updating contact details or inquiry handling procedures. Change notification includes publishing updated policy on website at least 30 days before implementation, sending email notification to registered users about the change and its implications, highlighting main changes clearly and readably, and providing option to object to changes or stop using services. Consent to changes includes continued website use after publishing changes constitutes consent to them, option to contact us with questions or objections before implementing change, right to request information deletion in case of disagreement with changes, and maintaining right of access to information at any stage. Change history includes keeping all previous policy versions on website for two years, detailed documentation of every change with date and reasoning, option to compare between different policy versions, and receiving explanation of change impact on user rights.

We are committed to special and enhanced protection of privacy for minors under 18, according to Israeli and international laws in the field of protecting minors online. Information collection from minors includes strict prohibition on collecting personal information from users under 13 without parental consent, requirement for explicit parental consent for minors aged 13-18 except basic information, and user age verification through technological mechanisms. In case unauthorized collection of minor information is discovered, we perform immediate and complete deletion of all relevant information. Special protections include parental control mechanisms for managing their children's information, strict restrictions on sharing minor information with third parties, shortened retention time policy for minor information, and simple tools for parents to delete their children's information. Education and awareness include explanatory materials for parents about maintaining online privacy, digital parenting tools for monitoring and controlling children's activities, cooperation with organizations promoting child safety online, and developing age-appropriate content about digital awareness. Parental rights include right to access information stored about their children, ability to demand deletion or restriction of information use, receiving periodic reports on children's website activity, and immediate access to technical and professional support on any issue related to their children's online safety.

During business engagements with you, we maintain maximum privacy and confidentiality levels in all communication channels, while adhering to advanced information security procedures and maintaining mutual trust. Encrypted communication includes using end-to-end encrypted communication channels for all sensitive correspondence, encryption of files and documents transferred during the project, digital identity authentication for all communication participants, and encrypted backup systems for all business correspondence. Project management includes secure project management platforms with tiered access control, document sharing in protected cloud environment with specific permissions, tracking all changes and updates in project documents, and secure archiving of all communication stages for future documentation needs. Professional confidentiality includes signing detailed confidentiality agreements before starting any project, restricting access to your business information only to relevant development team, strict security procedures to prevent information leakage or unauthorized access, and commitment not to use information for other projects or other clients. Record keeping includes complete and secure documentation of all business communication for coordination and tracking needs, automatic backup of all important documents and materials, distributed storage system for project materials with controlled access, and clear deletion procedures for project completion or upon your explicit request.