.png?width=400&height=219&name=guidance%20from%20experts%20(4).png)
Introduction
At edgefi ("we", "our", or "us"), we are committed to protecting the privacy and security of your personal information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us in any way. This policy aligns with SOC2 Type 2 and NIST Cybersecurity Framework (CSF) principles to ensure the highest standards of data protection and privacy.
Information We Collect
Personal Information
We may collect the following types of personal information:
- Contact information (name, email address, phone number, company name)
- Account credentials if you create an account with us
- Billing and payment information
- Service usage information and preferences
- Communications with us (including support requests, feedback, and survey responses)
Automatically Collected Information
When you visit our website or use our services, we may automatically collect:
- Device information (IP address, browser type, operating system)
- Usage data (pages visited, time spent on pages, links clicked)
- Cookies and similar tracking technologies (as detailed in our Cookie Policy)
- Location information based on IP address
How We Use Your Information
We use your information for the following purposes:
- Providing and maintaining our services
- Processing transactions and fulfilling orders
- Responding to your inquiries and support requests
- Sending service notifications and updates
- Improving our website and services
- Marketing and promotional communications (with consent)
- Analyzing usage patterns and trends
- Preventing fraud and ensuring security
- Complying with legal obligations
Information Security
In alignment with SOC2 Type 2 and NIST CSF frameworks, we implement appropriate technical, administrative, and physical safeguards to protect your personal information from unauthorized access, disclosure, alteration, and destruction. Our security measures include:
- Encryption of sensitive data in transit and at rest
- Access controls and authentication mechanisms
- Regular security assessments and penetration testing
- Security monitoring and incident response procedures
- Employee training on security and privacy best practices
- Vendor risk management program
- Business continuity and disaster recovery plans
While we take reasonable measures to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We continuously evaluate and improve our security practices to maintain the trust you place in us.
Data Sharing and Disclosure
We may share your information with:
- Service providers and business partners who help us deliver our services
- Legal and regulatory authorities when required by law
- Professional advisors (such as auditors, lawyers, and consultants)
- Business transferees in the event of a merger, acquisition, or sale of assets
We require all third parties to respect the security of your information and to treat it in accordance with applicable laws. We do not allow our third-party service providers to use your personal information for their own purposes.
Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information, including:
- Right to access your personal information
- Right to correct inaccurate or incomplete information
- Right to delete your personal information
- Right to restrict or object to processing
- Right to data portability
- Right to withdraw consent
- Right to lodge a complaint with a supervisory authority
To exercise these rights, please contact us using the information provided at the end of this policy. We will respond to your request in accordance with applicable laws.
Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure, and applicable legal requirements.
International Data Transfers
We may transfer your personal information to countries outside your country of residence, including to countries that may not provide the same level of data protection as your country. When we do so, we ensure appropriate safeguards are in place to protect your information and comply with applicable data protection laws.
Children's Privacy
Our website and services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have collected personal information from a child under 16, please contact us immediately so we can take appropriate steps to remove such information.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post the revised policy on our website with an updated "Last Updated" date. We encourage you to review this Privacy Policy periodically.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
Email: privacy@edgefi.com
Address: edgefi Privacy Team, 1234 Tech Avenue, Suite 500, Portland, OR 97201
Phone: (503) 555-0123
We are committed to addressing your concerns and resolving any issues regarding your privacy rights.
