Effective Date: Jan. 1st, 2025
Sidi Solutions (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy outlines how we collect, use, store, and safeguard the information you provide while using our IT and cybersecurity services, including our assistance in obtaining compliance with industry standards such as HIPAA, PCI-DSS, SOC2, GDPR, and NIST. By using our website and services, you agree to the terms of this Privacy Policy.
1. Information We Collect
We collect different types of information from and about users of our website and services, including:
- Personal Identification Information: When you engage with us, request a consultation, or use our services, we may collect personal details such as your name, business name, job title, contact information (email address, phone number), and payment details.
- Business Information: Information related to your business, including compliance needs, cybersecurity practices, infrastructure details, and industry requirements (e.g., HIPAA, PCI-DSS, SOC2, GDPR, and NIST).
- Website Usage Information: We automatically collect information about your interactions with our website, including your IP address, browser type, and operating system, as well as other usage data through cookies and similar technologies.
2. How We Use Your Information
We use the information we collect for the following purposes:
- To provide you with IT and cybersecurity services, including consulting, compliance guidance, and support to help your business achieve and maintain compliance with relevant regulations such as HIPAA, PCI-DSS, SOC2, GDPR, and NIST.
- To communicate with you about your account, services, and any relevant updates, including compliance changes or new security threats.
- To improve our website and services, enhance customer support, and analyze website traffic and usage patterns.
- To process payments and provide billing support.
- To comply with legal obligations, regulatory requirements, or to protect our rights and interests.
3. Data Sharing and Disclosure
We may share your information in the following circumstances:
- Service Providers: We may share your personal or business information with trusted third-party vendors who provide services on our behalf, such as payment processing, cloud hosting, and security software providers. These vendors are contractually obligated to maintain the confidentiality and security of your data.
- Compliance and Legal Obligations: We may disclose your information as required by law, regulation, or legal process, including responding to lawful requests by public authorities, such as to comply with national security or law enforcement requirements.
- Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of the transaction.
4. Data Retention
We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods depend on the nature of the information and the applicable compliance requirements (e.g., HIPAA mandates data retention for specific periods).
5. Security of Your Information
We implement technical, administrative, and physical security measures to protect your personal and business information from unauthorized access, disclosure, alteration, or destruction. This includes using encryption, secure data storage solutions, firewalls, and access controls. However, please note that no data transmission or storage system is completely secure, and we cannot guarantee the absolute security of your information.
6. Your Rights and Choices
Depending on your location and applicable laws, you may have certain rights regarding the data we collect, including:
- Access: You have the right to request access to the personal information we hold about you.
- Correction: You can request that we correct any inaccuracies in your personal data.
- Deletion: In some circumstances, you may request that we delete your personal data.
- Opt-Out: You can opt-out of receiving marketing communications from us by following the unsubscribe instructions provided in the communications or by contacting us directly.
If you wish to exercise any of these rights, please contact us using the information provided below.
7. International Data Transfers
If you are located outside of the United States, please be aware that your information may be transferred to and processed in the United States, where our servers and operations are based. By using our services, you consent to the transfer of your information to the United States and to its processing in accordance with this Privacy Policy.
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies (e.g., web beacons) to improve your experience with our website, personalize content, and analyze website traffic. You can control the use of cookies through your browser settings, but disabling cookies may limit some functionalities of our website.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will notify you of any significant changes by posting the updated policy on our website with a revised “Effective Date.”
10. Contact Us
If you have any questions or concerns about this Privacy Policy, or if you would like to exercise any of your rights, please contact us at:
Sidi Solutions
Email: info@sidisolutions.com