Security & Privacy

Privacy-Conscious
Infrastructure.

NoryaAI is built with privacy and security at its core. Your health data is handled with care — encrypted in transit, processed with access controls, and never sold to third parties.

Start Analysis Learn More
verified_user Encrypted Transmission shield Privacy-Focused psychology Responsible AI

AES-256

Encryption Standard

TLS 1.3

Transit Encryption

9+

Supported Languages

0

Data Sold to Third Parties

security Security Overview

How We Protect Your Data

Multiple layers of security work together to protect your health information throughout its lifecycle.

lock

Encrypted Transmission

All data is transmitted over TLS-encrypted connections. Uploaded files and generated reports are protected during transfer between your device and our servers.

TLS Encrypted
admin_panel_settings

Controlled Access

Access to user data is restricted through authentication controls and role-based permissions. Administrative access follows least-privilege principles.

Access Controls
credit_card

Secure Payment Handling

Payment processing is handled by PCI-compliant payment providers. Credit card details are never stored on NoryaAI servers.

PCI Provider
privacy_tip

Privacy-Conscious Architecture

We follow data minimization principles — collecting only what is necessary to provide the service. Health data is not used for advertising or sold to third parties.

Data Minimization
translate

Multilingual Product

Reports and analysis are delivered in 9+ languages with consistent quality controls, ensuring the same responsible presentation across all supported locales.

9+ Languages
health_and_safety

Responsible Product Boundaries

NoryaAI is an educational health technology tool. It does not provide medical diagnoses, replace clinician judgment, or offer emergency guidance.

Educational Tool
data_usage Data Flow

How Your Data Is Handled

A high-level overview of how information flows through the NoryaAI platform — from upload to report delivery.

cloud_upload
1

Upload

Lab results uploaded over encrypted connections

manufacturing
2

Processing

AI analysis with access controls and data isolation

description
3

Report

Structured report created in your chosen language

verified_user
4

Delivery

Report delivered to authenticated users only

gpp_good Your Data Rights

Your Data, Your Control

We provide tools and processes to help you manage your personal data in line with applicable regulations.

delete_forever

Data Deletion

You can request deletion of your account and associated data. Upon request, data is removed in accordance with applicable data protection regulations and any required legal retention periods.

Learn more arrow_forward
download

Access & Portability

You have the right to access the personal data we hold about you and to request it in a portable format, subject to applicable regulations.

Privacy details arrow_forward
shield

Purpose Limitation

Your health data is used only to provide the analysis service you requested. It is not used for advertising, profiling, or sold to third parties.

Privacy policy arrow_forward
admin_panel_settings Operational Safeguards

Access & Security Controls

key

Access Management

Production systems use role-based access controls. Administrative access is limited to authorized personnel and follows least-privilege principles.

dns

Infrastructure Security

The platform uses Cloudflare for edge security and DDoS protection. Application infrastructure follows standard security hardening practices.

monitor_heart

Logging & Monitoring

System activity is logged for security and operational purposes. Monitoring helps detect and respond to potential issues.

credit_card

Payment Security

All payment processing is handled by PayTR, a PCI-compliant payment provider. NoryaAI does not store credit card details.

gavel Regulatory Approach

Our Approach to Data Protection

NoryaAI follows data protection principles aligned with applicable regulations in the regions we serve.

GDPR

GDPR Alignment

European Data Protection

We follow GDPR principles including data minimization, purpose limitation, and privacy by design. Users have rights to access, rectify, and request deletion of their personal data.

check_circle Privacy by Design check_circle Data Rights check_circle Data Portability
KVKK

KVKK Alignment

Turkish Data Protection

As a company operating in Turkey, we follow the requirements of Turkey's Personal Data Protection Law (KVKK), including consent protocols and data controller obligations.

check_circle Consent Protocols check_circle Data Controller check_circle Data Deletion
info Responsible Use

Important Limitations

NoryaAI is designed as an educational health technology tool. Understanding its boundaries is important for safe and responsible use.

medical_information

Not a Medical Diagnosis

NoryaAI provides educational explanations of lab values. It does not diagnose conditions, prescribe treatments, or replace professional medical evaluation.

emergency

Not Emergency Guidance

This platform is not designed for urgent or emergency situations. If you have a medical emergency, contact your local emergency services immediately.

stethoscope

Consult Your Healthcare Provider

Always discuss your lab results with a qualified healthcare professional before making health-related decisions.

verified Trust Framework

Explore Our Trust Framework

biotech

Methodology

How we interpret blood test results

 stethoscope

Medical Review

Clinician oversight and safety

 privacy_tip

Privacy Policy

How we handle your personal data

 visibility

Transparency

How we define and present claims

 description

Terms of Use

Service terms and responsibilities

 verified

Trust Center

Our complete trust framework
apartment For Organizations

Evaluating NoryaAI for Your Organization?

Learn more about our methodology, privacy practices, medical review process, and responsible use framework.

Enterprise Information Contact Us View Methodology
help FAQ

Security Questions

How is my health data protected?

expand_more
All data is transmitted over TLS-encrypted connections. Uploaded lab results are processed with access controls in place, and reports are delivered only to authenticated users. We follow data minimization principles and do not sell health data to third parties.

Can NoryaAI staff see my lab results?

expand_more
Access to user data is restricted through role-based controls. Our team accesses user data only when necessary for technical support or system maintenance, and only to the extent needed for that purpose.

How can I delete my data?

expand_more
You can request deletion of your account and associated data at any time by contacting us. We process deletion requests in accordance with applicable data protection regulations, subject to any legally required retention periods.

Is my payment information secure?

expand_more
We do not store credit card details. All payment processing is handled by PayTR, a PCI-compliant payment provider. Transaction data is tokenized and encrypted.

Does NoryaAI share data with third parties?

expand_more
Your health data is not shared with third parties for advertising or marketing purposes. We work with service providers (hosting, payment) as necessary to deliver the service, as described in our Privacy Policy.
verified_user

Start Your Secure
Health Journey

Upload your lab results and get clear, educational health insights — with privacy and security built in.

Get Started Contact Us