Our Policies
Review our policies
Niricson’s policies codify our commitment to transparency, security-by-design, and accountable operations.
Information and Data Protection Policy
Last Updated: 22 April 2025
1. Overview
At Niricson Software Inc., we are committed to safeguarding the confidentiality, integrity, and availability of all data entrusted to us. This policy (DPP.001.000) outlines how we protect information assets, manage cybersecurity risks, and ensure compliance with data protection laws and contractual obligations.
Our security practices are built into every layer of our operations, from how we design and deploy our AUTOSPEX® platform to how we manage client infrastructure data and internal systems.
2. Purpose
The purpose of this policy is to define Niricson’s approach to protecting client, employee, and partner information from unauthorized access, loss, or misuse.
We maintain a security-by-design philosophy to ensure that data protection is embedded into our technology, processes, and people.
3. Scope
This policy applies to all Niricson employees, contractors, and systems involved in the collection, processing, or storage of:
Personal information (e.g., names, contact details, login credentials)
Client-provided infrastructure data (e.g., 2D/3D models, defect vectors, geospatial metadata)
Inspection and operational data captured or processed via AUTOSPEX®
Internal corporate systems and cloud environments supporting these services
4. Core Principles
Our information and data security framework is guided by the following principles:
Confidentiality: Only authorized users can access sensitive data.
Integrity: Data is accurate, complete, and protected against unauthorized alteration.
Availability: Systems and information remain accessible to authorized users when required.
Accountability: Access and actions are logged and auditable.
Continuous Improvement: Security practices are regularly reviewed, tested, and enhanced.
5. Data Classification
All data managed by Niricson is categorized as one of the following:
Public: Information approved for external publication.
Internal: Business data not intended for external sharing.
Confidential: Client data, inspection data, or personal information.
Restricted: Highly sensitive data requiring enhanced access control and encryption.
Appropriate handling, storage, and transmission controls are applied to each classification level.
6. Security Governance
Security oversight is led by Niricson’s executive and technical leadership teams.
We ensure:
Defined ownership for all systems and datasets
Documented access control policies
Regular security and privacy training for employees and contractors
Internal audits and compliance checks aligned with ISO 27001 and SOC 2-equivalent standards
7. Cybersecurity Controls
Niricson employs a layered security approach that includes:
Firewalls, VPNs, and network segmentation
Multi-factor authentication and strong password policies
Encryption of data in transit and at rest
Secure Software Development Lifecycle (SDLC) practices
Continuous vulnerability scanning and patch management
Separation of production and non-production environments
Incident response planning and threat monitoring
8. Cloud and Data Center Security
All third-party data centers and cloud platforms used by Niricson:
Comply with internationally recognized standards (ISO 27001, SOC 2, or equivalent)
Provide redundancy, fault tolerance, and high availability
Undergo security and compliance reviews prior to engagement
9. Data Sharing and Third Parties
We do not sell or rent any personal or client data.
When data is shared with trusted vendors or partners, we:
Conduct due diligence and security assessments
Require signed data protection and confidentiality agreements
Limit access to only what is necessary to perform contracted work
Monitor ongoing compliance with Niricson’s standards
10. Data Protection and Privacy
Niricson’s Data Protection Policy (DPP.001.000) governs how we collect, use, store, and protect personal and client data.
We adhere to all applicable privacy laws and contractual obligations and support data subject rights, including access, correction, and deletion requests.
For more information, refer to our Privacy Policy
Acceptable Use Policy
Last Updated: 22 April 2025
1. Overview
This Acceptable Use Policy (AUP) defines the standards of conduct required when accessing or using Niricson Software Inc. systems, networks, and services — including the AUTOSPEX® platform, associated web applications, and client data environments.
By using Niricson systems or services, users agree to comply with this policy to ensure the confidentiality, integrity, and availability of information managed within our ecosystem.
2. Purpose
The purpose of this policy is to:
Establish clear expectations for the appropriate use of Niricson’s technology and data assets.
Protect clients, partners, and employees from security, privacy, and reputational risks.
Ensure compliance with applicable laws, regulations, and contractual obligations.
This policy supports our broader Information and Data Protection Policy frameworks.
3. Scope
This policy applies to:
All Niricson employees, contractors, consultants, partners, and authorized users.
Any device or network accessing Niricson resources or AUTOSPEX® systems.
All data, including personal, operational, and infrastructure inspection data processed through Niricson platforms.
4. General Responsibilities
Users of Niricson systems must:
Access systems and data only for authorized business purposes.
Protect login credentials and never share passwords or authentication tokens.
Report suspected security incidents, data breaches, or unauthorized access immediately.
Ensure that personal devices used for work meet Niricson’s security standards (e.g., encryption, updated antivirus software).
Follow all corporate policies regarding cybersecurity, privacy, and data protection.
5. Prohibited Activities
To maintain the security and integrity of Niricson’s systems, the following activities are strictly prohibited:
5.1 Unauthorized Access or Misuse
Gaining or attempting to gain unauthorized access to Niricson systems or client environments.
Circumventing authentication or security controls.
Using another user’s credentials or sharing account access.
5.2 Malicious or Illegal Conduct
Uploading, transmitting, or storing malware, ransomware, or other harmful code.
Conducting penetration testing, scanning, or probing of Niricson networks without written authorization.
Engaging in activities that violate applicable laws, including data protection or export control regulations.
5.3 Misuse of Client Data
Downloading, copying, or sharing client infrastructure or inspection data for non-business purposes.
Disclosing confidential or proprietary information without authorization.
Using client data to train external AI models or third-party analytics tools without consent.
5.4 Misuse of Resources
Using Niricson systems for personal commercial ventures or political activities.
Excessive personal use of company networks that interferes with business operations.
Introducing unapproved software or hardware into production environments.
6. Data Handling Requirements
All users are responsible for ensuring that data handled within Niricson’s systems is managed securely and in accordance with:
Encryption requirements for data at rest and in transit.
Access controls based on least privilege principles.
Retention limits and secure deletion procedures outlined in our Data Protection Policy.
7. Third-Party and Client Access
Where Niricson provides clients, partners, or third parties with access to AUTOSPEX® or related services:
Access is granted only for legitimate, contractually defined purposes.
Users must comply with this AUP and all relevant data-protection and confidentiality obligations.
Unauthorized sharing, sublicensing, or resale of access credentials is prohibited.
8. Monitoring and Enforcement
Niricson reserves the right to:
Monitor network traffic and system activity for security and compliance purposes.
Investigate potential violations of this policy.
Suspend or terminate accounts found to be in breach.
Report unlawful activities to regulatory or law enforcement authorities as required.
Violations may result in disciplinary action, up to and including termination of employment or contract, and potential legal action.
9. Reporting Security Incidents
All users must immediately report:
Suspected or confirmed data breaches.
Lost or stolen devices containing company or client information.
Phishing attempts, suspicious emails, or unauthorized access.
Reports should be sent promptly to info@niricson.com
Technical Support & Service Level Policy
Last Updated: 22 April 2025
1. Overview
This policy defines Niricson Software Inc.’s commitment to providing reliable, responsive, and secure technical support for its software platforms, including AUTOSPEX® and associated services.
Our goal is to ensure that all clients receive consistent, high-quality support that maintains system availability, data integrity, and operational efficiency.
2. Purpose
The purpose of this policy is to:
Establish the standards and processes governing technical support services.
Define the service levels, response times, and escalation procedures applicable to clients.
Reinforce Niricson’s commitment to proactive system monitoring, client satisfaction, and service continuity.
This policy aligns with Niricson’s Information and Data Protection Policy (DPP.001.000) to ensure all support interactions uphold strict data security and privacy standards.
3. Scope
This policy applies to:
All clients and users of Niricson’s AUTOSPEX® platform and digital inspection solutions.
All Niricson employees, contractors, and support partners providing technical assistance or system maintenance.
All communication channels used for technical support, including email, ticketing systems, and service portals.
4. Support Commitment
Niricson is committed to delivering reliable service and transparent communication.
Our support objectives include:
Maintaining consistent system uptime and data access.
Providing timely responses to technical inquiries and service requests.
Ensuring minimal disruption to client operations during troubleshooting or maintenance.
Continuously improving system stability, performance, and usability based on client feedback.
5. Service Availability
Niricson’s AUTOSPEX® platform is designed for high availability, with redundant cloud infrastructure hosted in ISO 27001 and SOC 2-compliant environments.
Unless otherwise specified in a client agreement:
AUTOSPEX® services are available 24 hours a day, 7 days a week, 365 days a year.
Scheduled maintenance windows will be communicated at least 48 hours in advance.
Emergency maintenance may be performed as required to protect service integrity or security.
6. Support Channels
Clients can reach Niricson’s technical support team through the following channels:
Email: support@niricson.com
| Severity Level | Description | Resolution Target |
|---|---|---|
| Critical (P1) | Complete service outage, data access failure, or security incident impacting all users. | Within 24 hours or as continuously worked until resolution. |
| Moderate (P2) | Major feature malfunction or performance degradation impacting multiple users or core functionality. | 2 business days. |
| Minimal (P3) | Minor issue, single-user problem, or feature not performing as expected without significant operational impact. | Within 3–5 business days. |
| Maintenance Activities and Updates (P4) | All other items. A change to the platform that is planned by Niricson. | Addressed in next scheduled update/release. |
All response and resolution times are measured during standard business hours (Monday–Friday, 9:00 AM – 5:00 PST, excluding statutory holidays).
8. Client Responsibilities
To ensure efficient resolution, clients are expected to:
Provide accurate and detailed descriptions of issues, including steps to reproduce the problem.
Designate authorized points of contact for submitting and approving support requests.
Cooperate with Niricson’s support team during diagnostic and troubleshooting processes.
Maintain their own internal connectivity and device configurations as per Niricson’s technical requirements.
9. System Maintenance and Updates
To maintain performance and security:
Niricson may deploy periodic software updates, security patches, or enhancements.
Maintenance is scheduled to minimize service impact and communicated in advance.
Updates follow a secure change management process aligned with Niricson’s Secure Software Development Lifecycle (SDLC).
10. Incident Management
In the event of a major service incident:
Niricson will immediately investigate, isolate, and remediate the issue.
Clients affected by a critical or high-severity event will receive timely status updates.
Root cause analysis reports will be shared upon resolution when applicable.
11. Data Protection and Confidentiality
All support interactions are handled in accordance with Niricson’s Data Protection and Cybersecurity policies.
Support staff are bound by confidentiality agreements and have access only to the systems and information necessary to resolve client issues.
Sensitive client data, such as inspection imagery or infrastructure models, is never copied, transmitted, or shared outside secure environments unless explicitly authorized.
12. Escalation Procedure
If an issue is not resolved within the target timeframe or requires additional attention:
Contact the assigned support representative or ticket owner.
Escalate to the Technical Software QA Lead if unresolved within the defined window.
Further escalation can be directed to Niricson’s Chief Product Officer (CPO) for critical matters affecting service continuity.
Escalations are prioritized immediately upon receipt.
13. Service Review and Continuous Improvement
Niricson regularly evaluates its support performance against established metrics and client feedback.
We continuously improve our support processes through:
Post-incident reviews and lessons learned.
User feedback and feature enhancement requests.
Regular internal training and performance assessments.
14. Policy Review
This policy is reviewed annually or as required due to changes in:
Service offerings or infrastructure,
Regulatory or contractual obligations, or
Industry best practices.
15. Contact
For questions or assistance regarding technical support or service levels, please contact:
📧 info@niricson.com
Privacy Policy
Last Updated: 22 April 2025
1. Introduction
Niricson Software Inc. (“Niricson,” “we,” “us,” or “our”) is committed to protecting the privacy and security of personal information and client data collected through our website and services, including the AUTOSPEX® platform. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with applicable Canadian and international privacy laws.
By using our website or related services, you agree to the practices described in this policy. If you do not agree, please discontinue use of the site.
2. Information We Collect
2.1 Personal Information
We may collect personal information such as:
Email address
First name and last name
Phone number
Job title
IP address
Cookie data
Usage Data
Information you voluntarily provide through contact forms, demos, surveys, or inquiries
2.2 Infrastructure and Inspection Data
In the course of providing AUTOSPEX® and related services, we may process:
2D and 3D models of assets such as dams, bridges, or airfields
Defect vector data, annotations, and geotagged images
Structural and geospatial metadata
Although these datasets typically do not include personal information, they represent sensitive infrastructure data that we protect with the same level of security as personal data.
3. How We Use the Information
We use information to:
Provide and improve our products and services
Respond to user inquiries and support requests
Manage user accounts and access permissions
Conduct analytics and service optimization
Fulfill legal, contractual, and security obligations
Communicate company or product updates when you have opted-in to receive them
We do not sell or rent any personal or client data.
4. Lawful Basis for Processing
We process personal information only when we have a lawful basis to do so, including:
Your consent
Performance of a contract
Compliance with legal obligations
Legitimate business interests that do not override individual rights
5. Data Sharing and Third-Party Services
We may share limited data with:
Authorized service providers or partners under confidentiality and data-protection agreements
Cloud or IT vendors certified to recognized standards (ISO 27001, SOC 2 or equivalent)
Legal or regulatory authorities when required by law
All third-party providers are contractually obligated to maintain the same level of security and confidentiality as Niricson.
6. International Data Transfers
When data is transferred outside Canada, Niricson ensures that adequate safeguards are in place—such as standard contractual clauses or equivalent mechanisms—consistent with applicable privacy laws.
7. Data Security
Niricson applies technical and organizational measures to safeguard all data, including:
Encryption in transit and at rest
Multi-factor authentication and role-based access control
Network firewalls and secure VPN connections
Regular vulnerability assessments and monitoring
Segregation of production and non-production environments
For additional details, refer to our Cybersecurity Policy (CSP.001.000) and Data Protection Policy (DPP.001.000).
8. Data Retention
We retain personal and infrastructure data only as long as necessary to fulfill the purposes outlined above or to meet legal and contractual requirements. When no longer required, data is securely deleted or anonymized.
9. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Correct or update inaccurate information
- Request deletion of your personal data
Requests can be submitted to info@niricson.com
10. Cookies and Tracking Technologies
Our website may use cookies or similar technologies to enhance user experience, analyze web traffic, and improve functionality. You may disable cookies in your browser settings, though some features may not function as intended.
11. Data Protection and Governance
All Niricson employees, contractors, and partners are responsible for safeguarding data.
We provide mandatory privacy and security training and enforce access approvals for sensitive systems. Regular reviews and audits ensure continued compliance with privacy and cybersecurity standards.
12. Policy Updates
We may update this Privacy Policy from time to time to reflect legal, technical, or business changes. The “Last Updated” date at the top of this page indicates when the latest version took effect.
13. Contact Us
If you have questions about this Privacy Policy or our data-protection practices, please contact:
📧 info@niricson.com
Quality Policy
Last Updated: 2 April 2025
1. Overview
At Niricson Software Inc., quality is central to how we design, develop, and deliver our solutions.
We are committed to maintaining the highest standards of accuracy, reliability, and operational excellence across all our products and services — including AUTOSPEX®, our proprietary digital inspection and condition assessment platform.
Our quality philosophy is built on three pillars:
Integrity of data. Reliability of insights. Consistency of execution.
2. Purpose
This policy defines Niricson’s commitment to delivering consistent, high-quality outcomes that meet or exceed client expectations while complying with industry regulations and contractual requirements.
It guides our teams in maintaining continuous improvement, innovation, and accountability throughout our software development, inspection, and analysis workflows.
3. Scope
This policy applies to:
All Niricson employees, contractors, and partners.
All business processes, including software design, data collection, analysis, reporting, and client engagement.
All technology solutions and services provided through AUTOSPEX® and related applications.
4. Our Commitment to Quality
Niricson is committed to:
Client Satisfaction: Understanding client needs and delivering results that are accurate, actionable, and timely.
Operational Excellence: Maintaining consistent procedures and controls that ensure reliability in data and system performance.
Regulatory Compliance: Adhering to applicable standards, codes, and laws related to privacy, cybersecurity, and data integrity.
Continuous Improvement: Regularly reviewing performance, identifying opportunities for enhancement, and integrating client feedback.
Innovation: Advancing digital inspection methods to increase accuracy and efficiency across infrastructure asset management.
5. Quality Management Framework
Our quality management practices are integrated across our technology and operational processes through:
Standardized Procedures: Documented workflows governing data capture, processing, and validation.
Technical Excellence: Adherence to secure software development and engineering standards (SDLC).
Verification and Validation: Rigorous testing, review, and calibration of inspection and analytical outputs.
Compliance Oversight: Periodic internal audits and management reviews to ensure consistency with policy objectives.
Employee Training: Ongoing development programs to promote awareness of quality, data integrity, and client service standards.
6. Data Accuracy and Reliability
Because Niricson’s work directly supports critical infrastructure decision-making, maintaining data accuracy is paramount.
We ensure:
Automated and manual quality checks are performed before reporting.
Change Detection and Comparison Mode within AUTOSPEX® are used to validate asset condition trends with precision.
Reports and deliverables reflect verified, traceable information derived from controlled data sources.
7. Continuous Improvement
Niricson’s quality management approach emphasizes proactive improvement rather than reactive correction.
We continuously enhance our systems and processes by:
Reviewing performance metrics and client feedback.
Implementing findings from internal audits and project evaluations.
Benchmarking practices against industry standards and emerging technologies.
Applying lessons learned from past projects to strengthen future outcomes.
8. Roles and Responsibilities
Executive Leadership: Define quality objectives and ensure adequate resources for implementation.
Department Heads: Oversee adherence to quality standards and report performance metrics.
All Employees: Take personal accountability for quality in their work and follow documented procedures.
Quality and Compliance Teams: Conduct reviews, audits, and training to uphold company-wide standards.
9. Integration with Other Policies
Quality at Niricson is supported by a unified policy ecosystem that includes:
Information and Data Protection Policy (DPP.001.000)
Acceptable Use Policy
Technical Support & Service Level Policy
Together, these ensure that quality is reinforced through secure, ethical, and consistent operations.
10. Review and Governance
This policy is reviewed annually or as required by operational or regulatory changes.
Quality objectives and performance indicators are evaluated regularly to ensure continued alignment with Niricson’s mission and client expectations.
11. Contact
For questions about Niricson’s Quality Policy or to provide feedback, please contact:
📧 info@niricson.com
Cookie & Tracking Technologies Policy
Last Updated: 22 April 2025
1. Overview
This Cookie Policy explains how Niricson Software Inc. (“Niricson”, “we”, “our”, or “us”) uses cookies and similar technologies on our website and associated digital services, including the AUTOSPEX® platform.
We use cookies to enhance user experience, analyze website performance, and ensure secure, reliable access to our services. This policy describes what these technologies are, why we use them, and how you can manage your preferences.
2. What Are Cookies?
Cookies are small text files that are placed on your computer or mobile device when you visit a website.
They are widely used to make websites function efficiently, provide information to website owners, and improve overall user experience.
Cookies may be:
Session cookies – deleted when you close your browser.
Persistent cookies – remain on your device for a defined period or until deleted.
First-party cookies – set by Niricson’s website.
Third-party cookies – set by external services integrated into our site (e.g., analytics or video embeds).
3. Why We Use Cookies
Niricson uses cookies and related technologies for several purposes:
Essential Functionality: To enable core website operations such as page navigation, secure login, and access to protected content.
Analytics and Performance: To understand how visitors use our site, improve navigation, and enhance the user experience.
Security: To help detect and prevent unauthorized access or potential cybersecurity threats.
Preferences: To remember user settings such as language, region, or cookie choices.
Marketing (limited): To measure engagement with our content and improve communications such as newsletters or webinar registrations.
We do not use cookies to sell personal information or track individuals across unrelated websites.
4. Types of Cookies We Use
| Category | Purpose | Example Tools |
|---|---|---|
| Strictly Necessary | Required for the operation of the site (e.g., login, navigation, session management). | Internal authentication and session cookies |
| Performance & Analytics | Collect anonymous usage data to help us improve site structure and performance. | Google Analytics, HubSpot Analytics |
| Functionality | Remember user preferences and enhance browsing experience. | Language, theme, or cookie consent preferences |
| Security | Support fraud prevention, system protection, and platform stability. | Cloud infrastructure session controls |
| Third-Party Media | Enable embedded content such as videos or interactive maps. | YouTube, Vimeo, or embedded tools |
5. Managing Your Cookie Preferences
You can control or disable cookies through your browser settings. Most browsers allow you to:
Delete existing cookies.
Block new cookies from being placed.
Receive a notification before cookies are stored.
However, disabling certain cookies may affect the functionality or performance of the website and could limit access to some features or secure areas.
For detailed guidance, refer to your browser’s help documentation.
6. Consent
When you first visit our website, a banner will appear allowing you to:
Accept all cookies,
Reject non-essential cookies, or
Manage cookie preferences.
By continuing to use our site after selecting your preferences, you consent to the use of cookies in accordance with this policy.
You may change or withdraw your consent at any time by adjusting your cookie settings or clearing stored cookies in your browser.
7. Third-Party Services
Our website may include content or features provided by trusted third-party providers (such as analytics or video hosting services). These third parties may use their own cookies or tracking technologies.
We encourage users to review the privacy and cookie policies of these providers for more information about their data practices.
8. Data Protection and Privacy
Information collected through cookies and similar technologies may constitute personal data.
Niricson handles all such data in accordance with our Privacy Policy
9. Updates to This Policy
We may update this Cookie Policy periodically to reflect changes in technology, regulation, or our operations.
The “Last Updated” date at the top of this page will indicate when the latest version took effect.
10. Contact
If you have questions about our use of cookies or data privacy practices, please contact:
📧 info@niricson.com
