How we treat sensitive information.

Information shared under an NDA — draft reports, loss figures, crew records, customer identifiers — is handled under the terms of that NDA and the data processing instrument attached to the engagement letter. Residency, retention, access, and deletion obligations are set there.

Where we work on systems inside a utility's own infrastructure, we follow the utility's access policy, change-management process, and audit trail. Our preferred posture is to leave no parallel copies of operational data outside the utility's controlled environment unless an engagement explicitly requires it.

Briefing requests submitted through this site arrive in the firm's mailbox and are reviewed by a named partner. They are not forwarded to third parties. We do not run marketing analytics, tracking pixels, or retargeting on this site.

For formal RFPs, we provide an information-security questionnaire, reference architectures for proposed systems, and control narratives under NDA — as part of structured diligence, not as anonymous downloads from this marketing site.

If you believe information shared with us has been mishandled, or have a responsible-disclosure issue about this website, write to hello@noorinsight.com. We treat good-faith reports seriously and ask that testing avoid disruption or unauthorised access.