Founding partner program — applications close 30 June 2026. Read the brief →

Legal

Terms of Service

Last updated: February 12, 2026

Website Terms of Use

These terms govern use of norrsent.com and information provided through this website. The actual platform operates under separate enterprise agreements.

About Norrsent

Norrsent is an enterprise platform — NorrsentOne — that runs risk, compliance, governance, capital decisions, and planning on one connected system. Today, the platform ships modules covering risk, controls, obligations, and audit evidence across the value chain, aligned to the ISO 31000 framework. Additional capabilities deploy on the same foundation.

Website Usage

The website permits learning about our services, applying to the founding partner program, and accessing general information about the platform. Platform access requires a separate enterprise agreement.

Intellectual Property

All website content — text, graphics, logos, and software — belongs to Norrsent and receives full intellectual property protection. Reproduction or distribution requires prior written permission.

Demo and Trial Access

Demo access and trial periods are provided for evaluation purposes only and are subject to separate terms provided at the time of signup.

Information Accuracy

While Norrsent attempts to maintain current, accurate content, we make no warranties regarding the completeness or accuracy of the content on this website. Specifications and features may change.

Security and Compliance

The Norrsent platform is ISO 27001 + SOC 2 Type II aligned, GDPR + Schrems II compliant, hosted on AWS infrastructure that holds SOC 2, SOC 3, and ISO 27001 certifications. Data is AES-256 encrypted at rest and TLS 1.3 in transit; audit trails are cryptographically signed per write.

Limitation of Liability

To the maximum extent permitted by law, Norrsent shall not be liable for any damages arising from your use of this website.

Data Processing Agreement

Norrsent acts as a Data Processor for customer data, providing a DPA compliant with GDPR. Sub-processors are listed below.

Sub-Processors

AWS

Cloud infrastructure in EU (Frankfurt, Ireland) and US. SOC 2 and ISO 27001 certified.

OpenAI

AI analytics with Standard Contractual Clauses. Zero data retention policy. SOC 2 Type II certified.

Norrsent provides 30 days' notice before adding new sub-processors.

Key Data Processing Terms

  • Processing solely for contracted services
  • AES-256 encryption at rest and in transit
  • 30-day data deletion post-termination
  • JSON / CSV / Excel export available
  • 72-hour breach notification
  • Security architecture pack and AWS SOC 2 / SOC 3 attestation reports available on request
  • EU primary processing with Standard Contractual Clauses for international transfers

AI Processing and GDPR Article 22

Norrsent does not engage in automated decision-making with legal effects. All AI outputs are recommendations only — every decision requires human review and approval. AI-generated content is clearly labelled throughout the platform.

Enterprise Agreements

Platform usage requires individual enterprise agreements that address operational requirements, service levels, data processing obligations, and termination terms.

Contact

For any questions about these terms, contact us at contact@norrsent.com.