Privacy Policy

Last updated: 2 June 2026

1. Introduction

Support Portal(“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Support Portal application (the “Service”).

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

2.1 Personal Information

We may collect personally identifiable information that you voluntarily provide when registering or using the Service, including but not limited to:

  • Full name
  • Email address
  • Phone number (optional)
  • Country of operation
  • Job role and permissions within the system

2.2 Usage Data

We automatically collect certain information when you access the Service, including:

  • IP address
  • Browser type and version
  • Pages visited and time spent
  • Date and time of access
  • Device information

2.3 Ticket Data

The Service processes support ticket information including client names, branch locations, issue descriptions, warranty status, and resolution notes. This data is essential for providing IT support management services.

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide, maintain, and improve the Service
  • To manage user accounts and authentication
  • To process and track support tickets
  • To send notifications related to ticket status changes
  • To generate reports and analytics
  • To communicate with you about the Service
  • To detect and prevent security incidents
  • To comply with legal obligations

4. Data Storage & Security

Your data is stored on secure servers using MongoDB, a leading database platform. We implement industry-standard security measures including:

  • Password hashing using bcrypt encryption
  • JWT-based session management
  • HTTPS encryption for data in transit
  • Role-based access control (RBAC)
  • Two-factor authentication (optional)
  • Activity logging and audit trails

While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

5. Data Sharing & Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:

  • Service Providers: With third-party vendors who assist us in operating the Service (e.g., email/SMS providers, cloud hosting)
  • Legal Requirements: If required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, sale, or transfer of assets
  • With Your Consent: With your explicit permission

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Ticket data is retained for the duration of the support contract. Activity logs are automatically deleted after 3 years.

Upon termination of the service agreement, all client data will be permanently deleted within 30 days, unless otherwise required by law.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your data:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Restriction: Limit processing of your data
  • Portability: Receive your data in a structured format
  • Objection: Object to processing of your data

To exercise these rights, contact us at the email address provided below.

8. Cookies & Tracking

The Service uses essential cookies for authentication and session management. These cookies are necessary for the Service to function and cannot be disabled. We do not use tracking cookies for advertising or analytics purposes.

You can configure your browser to refuse cookies, but this may prevent you from using certain features of the Service.

9. Third-Party Services

The Service integrates with the following third-party services for messaging:

  • Email (SMTP via Nodemailer)
  • SMS (Twilio, MessageBird, Vonage, or Sinch)
  • WhatsApp (Meta Cloud API)
  • Telegram (Telegram Bot API)

These services have their own privacy policies. We encourage you to review them. We are not responsible for the privacy practices of third-party services.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of any material changes by posting the new Privacy Policy on this page and updating the “Last updated” date.

Your continued use of the Service after any changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Support Portal

Email: support@thenorthsystems.com

Phone: +974 399 400 18

Website: https://thenorthsystems.com