Privacy Policy

1. Introduction

BetterQA SRL ("we", "our", or "the Company") operates the NIS2 Manager platform. This privacy policy explains how we collect, use, store, and protect your personal information when you use our services.

By using the NIS2 Manager platform, you agree to the practices described in this privacy policy.

2. Data we collect

We collect the following types of information:

2.1 Information provided directly

• Account information: name, email address, password (encrypted), company name
• Profile information: job title, phone number, address
• Assessment data: responses to NIS2 compliance questionnaires
• Uploaded documents: compliance evidence, policies, procedures

2.2 Automatically collected information

• Technical data: IP address, browser type, operating system
• Usage data: pages visited, time spent on the platform
• Cookies: for platform functionality and usage analysis

3. How we use data

We use collected information to:

• Provide and improve our services
• Generate NIS2 compliance reports
• Communicate with you about your account and services
• Send notifications about deadlines and updates
• Analyze and improve the platform
• Comply with legal obligations

4. Data storage and security

Your data is stored on secure servers located in the European Union. We implement appropriate technical and organizational measures to protect data, including:

• Data encryption in transit (TLS/SSL)
• Password encryption (bcrypt)
• Role-based data access
• Regular backups and security monitoring

5. Data sharing

We do not sell your personal data. We may share information only in the following situations:

• With service providers who help us operate the platform (hosting, email, payments)
• When you agree to sharing
• To comply with legal obligations or authority requests
• To protect our rights and safety or those of others

6. Your rights

Under GDPR, you have the following rights:

• Right of access to personal data
• Right to rectification of inaccurate data
• Right to erasure of data ("right to be forgotten")
• Right to restriction of processing
• Right to data portability
• Right to object to processing

To exercise your rights, contact us at [email protected].

7. Data retention

We retain your personal data as long as you have an active account or as necessary to provide you with services. After account closure, we retain certain data for the period necessary to fulfill legal obligations (e.g., tax records).

8. Cookies

We use essential cookies for platform functionality and analytical cookies to understand how the site is used. You can manage cookie preferences in your browser settings.

9. Policy changes

We may update this policy periodically. We will notify you of significant changes by email or by displaying an announcement on the platform.

10. Contact

For questions or requests related to privacy, contact us: