Data Handling

We collect professional contact details and property data (T-12, Rent Roll) necessary to perform NOI audits. We do not collect sensitive personal information such as financial account numbers or personal identifiers beyond business-related data.

Your data is used exclusively to deliver your audit service, communicate regarding your engagement, and process payments. Data is never sold, rented, or shared for marketing purposes. Audit data is anonymized for internal benchmarking after 36 months.

We implement industry-standard security measures: end-to-end encryption for data in transit, AES-256 encryption for data at rest, secure cloud storage with access logging, and strict access controls. All analysts undergo confidentiality training.

Audit-related data is retained for three years for service delivery and legal compliance. Clients may request deletion of their data after audit completion, subject to legal retention requirements.

You have the right to access, correct, or request deletion of your personal data. For any requests, please contact legal@northquestgroup.com. Requests are processed within 30 days.

We use Stripe for payment processing (PCI DSS compliant) and AWS for secure hosting (SOC 2 compliant). All third-party partners adhere to strict data protection standards.

We may update this policy periodically. Continued use of our services after updates constitutes acceptance of the revised terms.