Noxu.
Back to Home

Privacy Policy for Noxu

At Noxu, based in Antwerp, Belgium, we are committed to protecting the privacy of our clients and their website visitors. This policy explains how we handle data within our high-performance platform.

"This policy ensures full compliance with EU GDPR standards, protecting the integrity of our Enterprise-Grade website services."

1. Information We Collect

Client Data

Name, business registration (BTW/TVA), email, and billing information (processed securely via Stripe).

Onboarding Data

Content, brand assets, and business logic provided to initialize the "Noxu Factory" deployment.

Lead Data

Information submitted through contact forms or smart calculators on the websites we build and host for our Clients.

2. How We Use Information

  • Deploying and scaling high-performance websites via the Noxu platform.
  • Managing automated monthly or annual subscriptions.
  • Providing concierge technical support and performance monitoring.
  • Routing lead notifications directly to the Client's dashboard or email.

3. Data Processing & Sub-processors

To maintain a "Gold-Standard" infrastructure, we partner with industry-leading sub-processors that comply with EU data protection laws:

HostingVercel (Global Edge Network)
Database & CMSSanity.io (Headless CMS)
PaymentsStripe (PCI-compliant)
CommunicationResend / SendGrid
AnalyticsVercel Analytics

4. Lead Data Ownership & Protection

Ownership: All leads generated through a Client's website belong exclusively to the Client. Noxu acts as a Data Processor; we do not sell, use, or analyze lead data for any purpose other than delivery to the Client.

Isolation: Each client’s data is logically isolated within our database architecture to prevent cross-contamination.

5. "Headless" Security Architecture

Noxu uses a Headless/Decoupled architecture. This means:

  • There is no traditional database to "hack" on the frontend.
  • Lead data is encrypted during transmission (SSL/TLS).
  • Static site generation (SSG) ensures that your website is virtually immune to common SQL-injection or WordPress-style vulnerabilities.

6. Your Rights & Compliance

Under the EU GDPR, you and your visitors have the right to access, rectify, or delete personal data.

Data PortabilityYou can request an export of your content at any time.
Right to ErasureWe will delete your data upon request, subject to legal requirements.

Authority: If you have concerns, you have the right to contact the Belgian Data Protection Authority (GBA).

7. Contact Us

For any privacy-related inquiries or to exercise your rights:

Emailmagega.dev@gmail.com
LocationAntwerp, Belgium