Privacy Policy

2.1 Information You Provide Voluntarily

We only collect information that you voluntarily provide to us, including:

Personal Information:

• Name
• Email address
• Phone number
• Location/geographic information
• Job title and professional role

Retained for 7 years or might be beyond based on business needs

Business Information:

• Company name
• Business address
• Industry/area of work
• Business requirements and specifications

Retained for 7 years or might be beyond based on business needs

Financial Information for Payment Processing:

• Billing address
• Payment method information (processed by third-party payment processors)

Important: We do not retain credit card numbers, bank account details, or other financial data

2.2 Information We Do NOT Collect

We do not collect:

• End-user data from your platform or marketplace
• Browsing behavior or website analytics from casual visitors
• Personal information from users of your integrated solutions
• Cookies for tracking purposes (except essential functional cookies)
• Social media information unless you voluntarily connect your accounts

2.3 Technical Information

We may collect limited technical information necessary for service delivery:

• System performance data for our integrated solutions
• Error logs and diagnostic information
• Integration configuration details
• For Cloud Services: Operational metadata such as room names, participant counts, and service identifiers

This technical information does not include personal data of your end users.

3.1 Primary Uses

We use your information for:

• Service Delivery: Providing and customizing our Real Time Communication Solutions
• Communication: Responding to inquiries and providing customer support
• Contract Management: Processing agreements and managing business relationships
• Payment Processing: Handling invoices and payments (through third-party processors)
• Cloud Service Operations: For subscription services, processing technical metadata necessary for service delivery

3.2 Marketing and Sales

With your consent, we may use your contact information for:

• Sending information about our services and updates
• Marketing communications about relevant solutions
• Industry insights and technical updates
• Invitations to webinars or events

3.3 Legal and Business Operations

We may use your information to:

• Comply with legal obligations
• Protect our rights and property
• Resolve disputes
• Enforce our agreements

4.1 Limited Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

Service Providers:

• Third-party payment processors for transaction handling
• Professional services providers (legal, accounting) under confidentiality agreements
• Cloud hosting providers for data storage (with appropriate security measures)

Legal Requirements:

• When required by law or court order
• To protect our rights, property, or safety
• To prevent fraud or security threats

4.2 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.

5.1 Security Measures

We implement appropriate technical and organizational measures to protect your information:

• Access controls and authentication requirements
• Regular security assessments and updates
• Employee training on data protection
• Necessary measures to protect user data

5.2 Third-Party Security

We work only with reputable third-party service providers who maintain appropriate security standards and comply with applicable privacy laws.

5.3 Data Breach Response

In the event of a data breach, we will:

• Investigate and contain the breach promptly
• Notify affected individuals as required by law
• Cooperate with relevant authorities
• Take steps to prevent future breaches

6.1 Retention Periods

Personal Information: Retained for as long as necessary for business purposes, typically:

• Active customer relationships: Duration of relationship plus 7 years
• Marketing contacts: Until you opt out or request deletion
• Financial records: 7 years as required by law

Technical Data: Retained for operational purposes, typically 2-3 years

6.2 Data Deletion

We will delete your information when:

• You request deletion (subject to legal obligations)
• The retention period expires
• The information is no longer needed for business purposes

7.1 Access and Correction

You have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request an explanation of how we use your information

7.2 Marketing Communications

You may:

• Opt out of marketing emails using the unsubscribe link
• Contact us to update your communication preferences
• Request to be removed from our marketing lists

7.3 Data Portability and Deletion

You may:

• Request a copy of your personal information in a portable format
• Request deletion of your personal information (subject to legal obligations)
• Withdraw consent for processing where consent is the legal basis

8.1 Limited Cookie Use

We use minimal cookies and tracking technologies:

Essential Cookies:

• Session management cookies for website functionality
• Authentication cookies for secure access
• Load balancing cookies for technical performance

Analytics:

• Google Analytics for website performance analysis
• HubSpot Analytics for marketing and sales insights
• Data is processed by third-party providers under privacy agreements

8.2 Cookie Management

You can:

• Control cookie settings through your browser
• Disable non-essential cookies without affecting core functionality
• Clear cookies at any time through browser settings

8.3 Third-Party Analytics

We use third-party analytics services including Google Analytics and HubSpot Analytics. These services may use cookies for tracking and analysis purposes under their respective privacy policies.

9.1 Legal Basis for Processing

We process your information based on:

Legitimate Business Interests:

• Providing and improving our services
• Communication regarding our business relationship
• Technical support and service delivery

Contractual Necessity:

• Fulfilling our service agreements
• Processing payments and managing accounts
• Delivering contracted solutions

Consent:

• Marketing communications (where required)
• Optional data collection for service enhancement

Legal Compliance:

• Maintaining records as required by law
• Responding to legal requests and obligations

10.1 Data Location

Primary Data Storage:

• Customer business information stored in Microsoft Azure cloud infrastructure
• Technical data may be processed in various locations for service delivery

10.2 Transfer Safeguards

When data crosses borders, we ensure:

• Appropriate safeguards are in place
• Service providers meet international privacy standards
• Data processing agreements include privacy protections

11.1 Limited Automated Processing

We do not use automated decision-making that significantly affects you. Any automated processing is limited to:

• Technical system optimization
• Basic security threat detection
• Service performance monitoring

11.2 Human Review

All significant business decisions involving your information are subject to human review and oversight.

12.1 Right to Information

You have the right to receive clear information about:

• What personal information we collect
• How we use your information
• Who we share it with
• How long we retain it

12.2 Right of Access

You can request:

• Confirmation of what personal information we hold
• A copy of your personal information
• Details about our processing activities

12.3 Right to Rectification

You can:

• Request correction of inaccurate information
• Request completion of incomplete information
• Update your contact preferences

12.4 Right to Erasure

You can request deletion of your information when:

• It's no longer necessary for the original purpose
• You withdraw consent (where consent is the legal basis)
• Information has been unlawfully processed
• Legal obligations require deletion

12.5 Right to Restrict Processing

You can request restriction of processing when:

• You contest the accuracy of the information
• Processing is unlawful but you don't want deletion
• We no longer need the information but you need it for legal claims

12.6 Right to Object

You can object to processing based on:

• Legitimate interests (including marketing)
• Direct marketing communications
• Processing for research or statistical purposes

12.7 Exercising Your Rights

To exercise your rights:

• Contact us using the information provided in Section 22
• Provide sufficient information to verify your identity
• Specify which rights you wish to exercise
• We will respond within 30 days (may be extended for complex requests).

13.1 Privacy Principles

Our approach to privacy includes:

• Collecting only necessary information
• Implementing privacy-protective technologies
• Regular privacy impact assessments
• Staff training on privacy principles

13.2 Default Settings

Our default settings prioritize privacy:

• Minimal data collection by default
• Opt-in rather than opt-out for marketing
• Privacy-protective configurations
• Regular review of privacy settings

14.1 Incident Response Plan

We maintain a comprehensive incident response plan that includes:

• Immediate containment procedures
• Risk assessment protocols
• Investigation procedures
• Communication plans

14.2 Breach Notification Timeline

In case of a data breach:

• Internal notification within 8 hours of discovery
• Risk assessment within 24-48 hours
• Regulatory notification within 72 hours (if required)
• Individual notification without undue delay (if high risk)

14.3 Breach Communication

We will provide clear information about:

• Nature of the breach
• Likely consequences
• Measures taken to address the breach
• Steps you can take to protect yourself

15.2 GDPR Considerations

For customers in the European Union:

• We act as a data processor for customer data
• Appropriate safeguards are in place for data transfers
• Data Processing Agreements available upon request
• EU representative can be appointed if required

15.3 Adequacy Decisions

We rely on adequacy decisions and appropriate safeguards when transferring data internationally, including:

• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules (where applicable)
• Certification mechanisms

16.1 Healthcare Integration

If our services are integrated with healthcare platforms:

• We do not access or process protected health information (PHI)
• HIPAA compliance is the responsibility of the healthcare provider
• Technical safeguards meet healthcare industry standards

16.2 Educational Use

For educational platform integrations:

• We do not collect educational records
• FERPA compliance is the responsibility of the educational institution
• Additional privacy protections for student data

16.3 Financial Services

For financial platform integrations:

• We do not process financial transaction data
• Compliance with financial privacy regulations is the customer's responsibility
• Enhanced security measures for financial industry standards

18.1 Detailed Retention Periods

Customer Business Information:

• Active contracts: Duration of relationship
• Completed projects: 7 years or might be beyond from completion
• Financial records: 7 years or might be beyond from last transaction
• Marketing contacts: Until opt-out or requested to delete

Technical Data:

• Performance logs: Retained for specific time or beyond based on need
• Security logs: Retained for specific time or beyond based on need
• Error reports: Retained for specific time or beyond based on need
• Configuration data: Duration of service relationship or beyond based on need

Communication Records:

• Email correspondence: Until requested to delete
• Support tickets: Until requested to delete
• Contract negotiations: Until requested to delete

18.2 Automatic Deletion

We implement automatic deletion procedures for:

• Expired retention periods
• Closed customer accounts (after grace period)
• Inactive marketing contacts
• Unnecessary technical data

19.1 Regular Assessments

We conduct privacy impact assessments for:

• New service offerings
• Changes to data processing activities
• Implementation of new technologies
• Significant business changes

19.2 Risk Mitigation

Assessment results inform:

• Privacy control implementation
• Data minimization strategies
• Security enhancement measures
• Process improvements

20.1 Vendor Management

We carefully select service providers based on:

• Privacy and security standards
• Compliance with applicable laws
• Contractual privacy protections
• Regular security assessments

20.2 Current Third-Party Categories

Payment Processing:

• Credit card processors
• Banking partners
• Invoice management systems

Infrastructure:

• Cloud hosting providers (Microsoft Azure)
• Security service providers
• Backup and recovery services

Professional Services:

• Legal counsel
• Accounting services
• Business consultants

Marketing and Analytics:

• HubSpot (marketing automation and analytics)
• Google Analytics (website analytics)

All third-party relationships include appropriate data protection agreements.

22.1 Version History

• Version 1.0: July 10, 2025 - Initial publication

22.2 Policy Review Schedule

We review this Privacy Policy:

• Annually for compliance updates
• Following significant business changes
• When new privacy laws take effect
• After security incidents or breaches

22.3 Archive Access

Previous versions of this policy are available upon request for:

• Legal compliance purposes
• Historical reference
• Audit requirements