Privacy Policy
Northspec Studio collects and processes data to deliver software development, automation, and support services. This policy explains what data we collect, how it is used, and how you can control it.
Effective date: March 18, 2026
Introduction
Northspec Studio (“Northspec,” “we,” “us,” or “our”) collects and processes data to deliver software development, AI automation, and system implementation services. This policy explains what data we collect and how it is used as we build the systems our clients rely on to scale their operations.
We do not sell personal data. We never have, and we never will.
What We Collect
We collect only the data necessary to respond to inquiries and deliver our services.
Contact Information
- ›Full name
- ›Work email address
- ›Phone number (if provided)
- ›Company or project name
Project Details
- ›Project type and description
- ›Budget range
- ›Timeline preferences
- ›Technical requirements submitted via forms
Usage Data
- ›IP address (anonymized)
- ›Browser type and version
- ›Pages visited and time on site
- ›Referring URLs
Client System Data
- ›Data submitted during support requests
- ›System configuration shared for integration work
- ›Credentials shared securely for service delivery (never stored in plain text)
How We Use Your Data
We use data collected for the following purposes only:
Respond to inquiries and project requests
When you submit a contact form or support request, we use your information to follow up within our stated response window.
Deliver our services
Project details and technical requirements are used exclusively to scope, build, and support the work you've engaged us for.
Communicate updates
We may send transactional communications related to your project, support ticket, or billing. We do not send marketing emails without consent.
Improve our systems
Anonymized usage data helps us understand how our website performs and where we can improve the experience.
Comply with legal obligations
We retain certain data as required by applicable law, including records related to financial transactions and service agreements.
AI & Automation Data Handling
When you engage us for AI automation or system implementation, data handling follows strict protocols to ensure your business data remains secure and isolated.
Zero Model Training
We prioritize Enterprise grade AI APIs (e.g., OpenAI, Anthropic, AWS Bedrock) that do not use client data for model training. Your proprietary data never leaves your system or the specific, isolated environment we create.
Encrypted RAG
For Retrieval-Augmented Generation (RAG) systems, indexing and vector search occur within encrypted environments with strict access controls. Data is transformed into vectors that are meaningless to third parties.
No Persistence
For many automation workflows, we design for zero persistence. processing data in flight without long term storage on our infrastructure, unless specifically required for system performance.
Audit Trails
All AI-driven workflows are configured with activity logging to ensure complete transparency into how data is flowing through your automated systems.
Third-Party Services
We use a limited number of trusted third-party services to operate our website and deliver our work. These providers may process data on our behalf under their own privacy policies.
Hosting & Infrastructure
- ›Vercel (hosting)
- ›Amazon Web Services (infrastructure)
- ›Docker (deployment)
Automation & Logic
- ›n8n (workflow automation logic)
- ›Plaid (encrypted financial data verification)
Communication
- ›Resend (transactional email and notifications)
- ›Google Calendar (appointment scheduling)
Technical Support
- ›NocoDB (support ticket management)
- ›Clerk (secure user authentication)
We do not integrate advertising networks, third-party retargeting, or data broker services on this website.
Data Security
We implement reasonable technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. This includes encrypted transmission (HTTPS), access controls, and secure credential handling. No method of electronic storage is 100% secure. We cannot guarantee absolute security, but we take the protection of your data seriously and review our practices on an ongoing basis.
Data Retention
We retain personal data only as long as necessary to:
- ›Fulfill the purpose for which it was collected (e.g., respond to an inquiry or deliver a project)
- ›Comply with applicable legal and financial record-keeping obligations
- ›Resolve disputes or enforce our service agreements
Contact form data and project inquiry submissions are retained for up to 24 months unless you request earlier deletion.
Your Rights
Depending on your location, you may have the following rights regarding your personal data. We honor these requests regardless of which state or country you are in.
Access
Request a copy of the personal data we hold about you.
Correction
Request correction of inaccurate or incomplete data.
Deletion
Request deletion of your personal data ("right to be forgotten"). We will comply unless retention is required by law.
Opt-Out
Opt out of any communications that are not strictly transactional or service-related.
Data Portability
Request your data in a structured, machine-readable format.
Objection
Object to certain processing activities, including profiling.
To exercise any of these rights, email us at build@northspecstudio.com. We will respond within 30 days.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or best practices. The effective date at the top of this page will always reflect the most recent version. We encourage you to review this page periodically. Continued use of our website after changes are posted constitutes your acknowledgment of the updated policy.
Contact
For questions, concerns, or requests related to this Privacy Policy or our data practices: