Privacy Policy

1. What We Collect

1.1 Information You Provide Directly

You may provide personal information to us through various interactions:

• Contact Information: Name, email address, phone number, company name
• Account Information: Username, password, profile information
• Communication Data: Messages, support requests, feedback, and inquiries
• Payment Information: Billing address and payment method details (processed securely through third-party payment processors)
• Marketing Preferences: Your communication preferences and consent to receive marketing materials

1.2 Information We Collect Automatically

When you access our website or use our services, we automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent on pages, links clicked, and other actions taken
• Location Data: General geographic location based on IP address
• Technical Data: Log files, error reports, and performance data
• Cookie Data: Information collected through cookies and similar tracking technologies

1.3 Information from Third Parties

We may receive information about you from:

• Business partners and resellers who refer you to our services
• Public databases and data providers for business contact information
• Social media platforms when you interact with our content
• Cloud platform providers when you integrate their services with ours

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Service Delivery

• Provide, maintain, and improve our cloud management and modernization services
• Process consultation requests and provide technical support
• Manage your account and deliver requested services
• Monitor and optimize cloud infrastructure performance
• Implement security measures and detect fraud

2.2 Communication

• Respond to your inquiries and provide customer support
• Send service-related notifications and updates
• Provide technical documentation and training materials
• Send marketing communications (with your consent)
• Conduct surveys and gather feedback

2.3 Business Operations

• Process payments and manage billing
• Analyze usage patterns to improve our services
• Conduct research and development
• Ensure compliance with legal obligations
• Protect against fraud and unauthorized access

2.4 Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process your personal data based on:

• Contract Performance: Processing necessary to fulfill our service agreements
• Legitimate Interests: Processing for business operations, security, and service improvement
• Legal Compliance: Processing required by applicable laws and regulations
• Consent: Processing based on your explicit consent (which you may withdraw at any time)

3. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

• Cloud infrastructure providers (AWS, Azure, Google Cloud)
• Payment processors and financial institutions
• Customer relationship management (CRM) systems
• Analytics and monitoring services
• Email and communication platforms
• Cybersecurity and data protection services

These service providers are contractually obligated to protect your information and use it only for specified purposes.

3.2 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

3.3 Legal Requirements

We may disclose your information when required by law or in response to:

• Valid legal process (subpoenas, court orders, warrants)
• Government or regulatory requests
• Investigations of potential violations of our policies
• Detection, prevention, or investigation of fraud or security incidents
• Protection of the rights, property, or safety of Auranox Core, our users, or others

3.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4. Data Security

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction.

4.1 Technical Safeguards

• Encryption: Data encryption in transit (TLS/SSL) and at rest (AES-256)
• Access Controls: Role-based access control and multi-factor authentication
• Network Security: Firewalls, intrusion detection systems, and DDoS protection
• Vulnerability Management: Regular security assessments and penetration testing
• Monitoring: 24/7 security monitoring and incident response

4.2 Organizational Safeguards

• Employee training on data protection and security practices
• Confidentiality agreements with all personnel
• Incident response procedures and disaster recovery plans
• Regular security audits and compliance reviews
• Data minimization and privacy-by-design principles

5. Your Rights and Choices

You have certain rights regarding your personal information. The specific rights available to you may depend on your location.

5.1 Access and Portability

You have the right to:

• Request access to the personal information we hold about you
• Receive a copy of your data in a structured, commonly used format
• Transfer your data to another service provider (data portability)

5.2 Correction and Deletion

You may:

• Request correction of inaccurate or incomplete personal information
• Request deletion of your personal information (subject to legal retention requirements)
• Update your account information directly through your account settings

5.3 Restriction and Objection

You can:

• Request restriction of processing in certain circumstances
• Object to processing based on legitimate interests
• Opt out of marketing communications at any time
• Withdraw consent for processing based on consent

5.4 How to Exercise Your Rights

To exercise any of these rights, please contact us using the details in the Contact Us section below. We will respond within 30 days and may require verification of your identity before processing your request.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your interactions with our website and services.

6.1 Types of Cookies We Use

Essential Cookies

Required for website functionality, including authentication, security, and session management.

Performance Cookies

Help us understand how visitors interact with our website by collecting anonymous usage data.

Functional Cookies

Enable enhanced functionality and personalization, such as language preferences and user settings.

Marketing Cookies

Used to deliver relevant advertisements and measure the effectiveness of our marketing campaigns.

6.2 Cookie Management

You can control cookies through your browser settings. Disabling certain cookies may limit your ability to use some features of our website. Most browsers allow you to:

• View and delete cookies
• Block third-party cookies
• Block cookies from specific websites
• Block all cookies (not recommended)

6.3 Other Tracking Technologies

We may also use:

• Web Beacons: Small graphic images that help us track user behavior and email engagement
• Analytics Tools: Google Analytics and similar services to understand website usage
• Session Recording: Tools that may record user sessions for quality assurance and improvement

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

7.1 Retention Periods

• Account Information: Retained while your account is active and for a reasonable period thereafter
• Transaction Records: Retained for 7 years to comply with financial and tax regulations
• Communication Records: Retained for 3 years for customer service and legal purposes
• Technical Logs: Retained for 90 days for security and troubleshooting purposes
• Marketing Data: Retained until you opt out or for 2 years of inactivity

7.2 Deletion Procedures

When we no longer need your information, we securely delete or anonymize it using:

• Secure erasure of electronic files
• Destruction of physical documents
• Anonymization or pseudonymization where appropriate

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from the laws of your country.

8.1 Safeguards for International Transfers

When we transfer personal data internationally, we implement appropriate safeguards, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions recognizing equivalent data protection standards
• Binding Corporate Rules for transfers within our organization
• Certification schemes such as the EU-U.S. Data Privacy Framework (where applicable)

8.2 Data Processing Locations

We process data across secured facilities with appropriate safeguards in place. Specific processing locations are disclosed in your service agreement or upon request.

9. Children's Privacy

Our services are intended for businesses and enterprise users. We do not knowingly collect personal information from individuals under the age of 18.

If we learn that we have collected personal information from a child under 18, we will take steps to delete that information as quickly as possible. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

10.1 Notification of Changes

When we make material changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email (if you have an account with us)
• Display a prominent notice on our website
• Obtain your consent where required by applicable law

10.2 Your Acceptance

Your continued use of our services after changes to this Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this policy periodically.