Who we are
We are Noppera-Bo Technologies Ltd. We are an Irish registered company that specialises in the development of machine learning-supported redaction technologies for video and other media to help organisations meet their obligations under Data Privacy laws such as GDPR.
Noppera-Bo Technologies is a joint venture between Castlebridge, a business information strategy company specialising in data governance, data privacy, and data ethics and Altada, a Data Science and software engineering company specialising in metadata technologies and AI.
You can contact us:
- By post: Noppera-Bo Technologies Ltd, c/o Altada, Pembroke Hall, 40, Fitzwilliam Square West, Dublin 2
- By email: firstname.lastname@example.org
How we use Personal Data
There are three distinct contexts in which Noppera processes personal data of individuals.
- To Provide Services to Customers
When data has been uploaded to our redaction engine for processing, we process personal data identified in the uploaded media files for the purposes of applying relevant processes to ensure the media is processed in accordance with our user’s needs. In these cases, we are a Data Processor acting on behalf of a Data Controller
- To manage Customer Relationships
When you register an expression of interest in our service or sign up for our service as a customer we will process data about you for the purposes of registering you, managing our relationship with you, and processing payments from you for our services.
- As employers
If you join our team as an employee or as a contractor we will process data about you for the purposes of managing that relationship and complying with our legal obligations as employers.
Categories of Personal Data Processed
We process a range of categories of personal data depending on why you are interacting with us.
- Media Redaction
- Video or other media formats uploaded to our platform can include personal data relating to individuals (that’s why we exist). The videos may also contain special category data such as injuries (information relating to health) or information relating to or revealing political opinions, religious beliefs, or philosophical beliefs. In certain circumstances information relating to the commission of criminal offences may be provided to our platform for processing.
- Customer Relationship Management
- We will process contact information about you when you inquire about our services, and we will process information about you and nominated staff members for the purposes of creating user accounts, logging access to the service, and processing payments for the use of our services.
- Employees and Contractors
- We process general information about employees necessary for us to comply with our legal obligations. These will include: Contact Information, Information relating to Right to Work in the EU/Ireland, information relating to medical fitness to work, PPSN/Social Insurance details etc.
- Where contractors are engaged by Noppera-Bo Technologies Ltd, personal information of the contractor allocated to projects will be processed for the purposes of processing time sheets, processing payments, and other purposes related to managing the contractor engagement.
Sharing your Personal Information
What information we share depends on the context of your interaction with us.
- Data Subject in uploaded media
- We don’t share your data with anyone other than the Data Controller who used our services to process their media. We don’t retain copies of any media that is uploaded to our platform. We don’t engage in the process of interaction between Data Controllers and Law Enforcement bodies, except where our technical input is requested to advise on the format/output of our processing.
- If you are a customer, we will share personal data about you with taxation authorities where required as part of filing of returns or responding to queries from the authorities.
- Customer data will also be disclosed in the event that this business is purchased by another company to enable them to operate the business and manage customer relationships and fulfill contractual and regulatory obligations.
- Employee information will be disclosed to taxation or social welfare authorities as requested or as required to comply with our legal obligations.Employee information will also be disclosed and shared in the event that Noppera-Bo Technologies Ltd is acquired by another company to enable them to manage their obligations to employees and their regulatory obligations.
- Employee information will be shared with third parties such as pension providers where staff have opted-in to a company provided pension scheme or similar arrangement.
How long we will keep your information
How long we keep personal data depends on the context of your interaction with us and why we obtained your information. As a general rule, the following guidelines are applied by Noppera-Bo Technologies to the retention of personal data:
- Uploaded Media
- We do not retain uploaded media after the customer has downloaded their processed media files. We have no purpose to keep this data and our “zero-touch” philosophy means we prefer not to hold media on behalf of customers.
- Prospects and leads: we will retain information for 2 years, including records of any permissions to market to you
- Active customers: we will retain data about you for as long as you are a customer.
- Ceased/Inactive customers: we will retain information for up to six years after the date of your last interaction with us for the purposes of audit and pursuit of any monies owed to us. In the event you reactivate your account during that period, you will be treated as an Active customer.
Our 3rd Party Processors
We have designed our products to operate with minimal reliance on 3rd party processors. The joint venture partners in Noppera-Bo Technologies Ltd provide some services to the company which may involve the processing of personal data.
- General website:
- Noppera Product
- Hosted on Amazon WebServices, in EU data centres for Demo/Trial customersHosting on IBM Power9 servers in IBM EU Data Centres for Production instances (private server instances available)
Appropriate Data Processor Agreements are in place between Noppera-Bo Technologies Ltd and our parent companies, Castlebridge and Altada, to cover any processing of personal data which may be undertaken by these entities.
We apply standard protocols and policies to ensure the security of data on this site and as part of our products and services. This includes both organisational and technical controls for information security.
Even though we try our best we can
not guarantee the security of information. However, we promise to notify
suitable authorities of data breaches. We will also notify you if there is a
threat to your rights or interests. We will do everything we reasonably can to
prevent security breaches and to assist authorities should any breaches occur.
If you have an account with us, note
that you have to keep your username and password secret.
Under EU Data Protection law, as transposed in to Irish law by the Data Protection Act 2018, individuals have the following rights:
- The right to be informed about the processing of their data
- A right to receive a copy of their data, and information relating to its processing, on written request
- A right to have any errors about them in data corrected or to have information appended to their file to correct inaccuracies or address incomplete information
- Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
- Right to object to processing – meaning in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
- Right to object to automated Processing – meaning you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. This right you can exercise whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
- Right to data portability – you have the right to obtain your Personal Data in a machine-readable format or if it is feasible, as a direct transfer from one Processor to another.
- Right to lodge a complaint – in the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled please contact us.
- Right for the help of supervisory authority – meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
- Right to withdraw consent – you have the right withdraw any given consent for Processing of your Personal Data
Note that these are not absolute rights and may be curtailed depending on the applicable circumstances.
To exercise your rights, please contact email@example.com
Contacting the Data Protection Commission
You can contact the Irish Data Protection Commission: