Data Protection

Last updated: March 28, 2026

1. Design Principle

Data protection is not a compliance afterthought at Normalize — it is an architectural constraint. The system is designed to be structurally incapable of retaining or reading the content of files beyond what the normalization workflow strictly requires. This page describes how that is implemented in practice.

2. Content-Blind Processing

The Normalize engine operates without awareness of the semantic content of your data. It samples your file to infer column structure, types, and format metadata, then presents this as a suggestion. You — the user — review the suggestion, adjust the configuration of any column, and confirm how the data should be interpreted. You also control the output: date formats, number styles, null handling, and export type (CSV, JSON, or Parquet). The engine uses only what you have confirmed to direct how cells are parsed — it does not inspect, index, or record what the data contains.

The normalization engine is fully open source and auditable at github.com/htvictoire/normalize. Anyone can verify exactly what the engine does with a file.

3. Ephemeral Storage

3.1 Source files

Uploaded source files are written to Cloudflare R2 object storage (European region) solely to make them available to the processing backend. Once normalization is complete, the source file is deleted immediately. It is never copied, indexed, or retained beyond the processing lifecycle.

3.2 Normalized output

The normalized output artifacts (normalized dataset (in the format you selected), trace file, and manifest) are stored on Cloudflare R2 for a maximum of 1 hour from the time normalization completes, giving you a window to download your results. After 1 hour, all artifacts are automatically and permanently deleted by the storage layer. No manual intervention is required — deletion is enforced at the infrastructure level.

Future versions of Normalize will allow authenticated users to configure their own retention window. Until then, the 1-hour maximum applies universally.

4. Infrastructure and Data Residency

All data processed by Normalize remains within the European Economic Area:

Processing backend: Microsoft Azure, European region.
File storage: Cloudflare R2, European region.

No data is transferred outside the EEA at any point in the normalization workflow. There are no cross-border transfers to address.

5. No User Data Collected

Normalize currently operates without user accounts. There is no login, no profile, no persistent session, and no tracking. We do not collect names, email addresses, or any personal identifier from users of the service. We do not run third-party analytics. We do not use advertising cookies or tracking pixels.

Standard server-side request logs (IP address, timestamp, HTTP method, response code) may be retained briefly for security and abuse-prevention purposes and are not used for any other purpose.

6. Your Files May Contain Personal Data

If the files you upload contain personal data about third parties (e.g., customer records, employee data, transaction logs), you are the data controller for that data. Normalize acts as a data processor on your behalf for the duration of the normalization workflow only.

It is your responsibility to ensure you have a lawful basis for processing that data and that uploading it to a third-party service is consistent with your obligations to the individuals concerned.

7. Sub-Processors

Normalize relies on two infrastructure sub-processors, both operating in the EU and subject to GDPR-compliant Data Processing Agreements:

Microsoft Azure — backend compute (EU region).
Cloudflare R2 — ephemeral file storage (EU region).

Neither sub-processor has access to file contents for any purpose other than storing and serving the objects as directed by Normalize.

8. Security

All data in transit is encrypted via TLS 1.2 or higher.
All data at rest on R2 is encrypted by Cloudflare.
Access to infrastructure is restricted to the minimum required for the service to operate.
The normalization engine is open source, enabling independent security review of the processing logic.

9. Your Rights

Because Normalize does not collect personal data about its users and does not retain file contents beyond the processing window, most data subject rights (access, rectification, erasure, portability) are structurally satisfied by design — there is no personal data about you held by the service after your session ends.

If you have a specific concern or believe data about you is being retained contrary to what is described here, contact us via our contact form.

10. Changes to This Page

This page will be updated to reflect changes in infrastructure, retention policies, or legal obligations. When user accounts are introduced, this page will be updated to address the additional processing that entails, prior to that feature going live.