Privacy Policy

Effective Date: January 1, 2025

Last Updated: August 26, 2025

1. Introduction and scope

Nuvarez LLC (“Nuvarez,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy describes how we collect, use, process, store, and protect your information when you visit our website, use our services, or interact with us.

This policy applies to all personal information we collect through our website, consulting services, communications, and business operations. By using our services, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us, including but not limited to:

  • Contact Information: Name, email address, phone number, mailing address
  • Professional Information: Company name, job title, industry, business requirements
  • Communication Records: Records of correspondence, meeting notes, service requests
  • Financial Information: Billing addresses, payment information (processed through secure third-party payment processors)
  • Account Information: Username, password, and account preferences
2.2 Automatically Collected Information

We automatically collect certain technical information through cookies, web beacons, and analytics tools:

  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, click-through rates, navigation patterns
  • Location Data: General geographic location based on IP address
  • Technical Data: Connection information, timestamps, referring URLs
2.3 Third-Party Information

We may receive information about you from third-party sources, including:

  • Business contact databases and professional networking platforms
  • Marketing partners and lead generation services
  • Public records and professional directories

3. Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Consent: When you have given explicit consent for specific processing activities
  • Contract Performance: To fulfill our contractual obligations and provide requested services
  • Legitimate Interests: To operate our business, improve our services, and communicate with clients
  • Legal Compliance: To comply with applicable laws, regulations, and legal obligations

4. How We Use Your Information

We use your information for the following purposes:

4.1 Service Delivery
  • Providing consulting services and responding to inquiries
  • Managing client relationships and project delivery
  • Conducting risk assessments and compliance audits
  • Delivering reports and recommendations
4.2 Business Operations
  • Website operation and maintenance
  • Service improvement and development
  • Internal analytics and performance monitoring
  • Quality assurance and training purposes
4.3 Communications
  • Responding to inquiries and providing customer support
  • Sending service-related notifications and updates
  • Marketing communications (with your consent)
  • Industry insights and thought leadership content
4.4 Legal and Compliance
  • Compliance with legal obligations and regulatory requirements
  • Fraud prevention and security monitoring
  • Dispute resolution and legal proceedings
  • Audit and regulatory examination support

5. Information Sharing and Disclosure

5.1 Third-Party Service Providers

We may share your information with trusted third-party service providers who assist us in:

  • Website hosting and technical infrastructure
  • Customer relationship management (CRM) systems
  • Email marketing and communication platforms
  • Payment processing and financial services
  • Analytics and performance monitoring
  • Cloud storage and data backup services

All third-party providers are contractually bound to maintain confidentiality and security standards consistent with this policy.

5.2 Business Transfers

In the event of a merger, acquisition, or sale of business assets, your information may be transferred as part of the transaction, subject to equivalent privacy protections.

5.3 Legal Requirements

We may disclose your information when required by law, regulation, legal process, or governmental request, or when necessary to:

  • Protect our rights, property, or safety
  • Enforce our terms of service
  • Prevent fraud or security threats
  • Comply with audit or regulatory requirements
5.4 No Sale of Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5.4 No Sale of Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

6. Data Security and Protection

6.1 Security Measures

We implement comprehensive technical, administrative, and physical security measures to protect your information, including:

  • Encryption: Data encryption in transit and at rest using industry-standard protocols
  • Access Controls: Role-based access controls and multi-factor authentication
  • Network Security: Firewalls, intrusion detection systems, and secure network architecture
  • Regular Audits: Periodic security assessments and vulnerability testing
  • Employee Training: Regular security awareness and data protection training
  • Incident Response: Documented procedures for security incident detection and response
6.2 Data Centers and Infrastructure

Our data is stored in secure, SOC 2 Type II certified data centers with:

  • 24/7 physical security monitoring
  • Environmental controls and backup power systems
  • Redundant network connections and data backup systems
  • Compliance with industry security standards
6.3 Data Backup and Recovery

We maintain secure backup systems and disaster recovery procedures to ensure data availability and business continuity.

7. Data Retention and Deletion

7.1 Retention Periods

We retain your personal information only as long as necessary for the purposes outlined in this policy or as required by law:

  • Client Information: Retained for the duration of the business relationship plus 7 years for audit and legal purposes
  • Website Analytics: Retained for 25 months
  • Communication Records: Retained for 3 years after last contact
  • Financial Records: Retained for 7 years per regulatory requirements
7.2 Data Deletion

Upon expiration of retention periods, we securely delete or anonymize your information using industry-standard methods.

8. International Data Transfers

If we transfer your information outside your country of residence, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by relevant authorities
  • Adequacy decisions by regulatory bodies
  • Other lawful transfer mechanisms as required by applicable law

9. Your Rights and Choices

9.1 Access and Control

You have the right to:

  • Access: Request copies of your personal information
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Portability: Request transfer of your information in a structured, machine-readable format
  • Objection: Object to certain processing activities
  • Restriction: Request restriction of processing under certain circumstances
9.2 Marketing Communications

You may opt out of marketing communications at any time by:

  • Using the unsubscribe link in our emails
  • Contacting us directly at info@nuvarez.com
  • Updating your preferences in your account settings
9.3 Cookies and Tracking

You can control cookies through your browser settings, though some website functionality may be affected.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Ensure website functionality and security
  • Analyze website usage and performance
  • Personalize your experience
  • Deliver relevant content and advertisements

For detailed information about our cookie usage, please refer to our Cookie Policy.

11. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will promptly delete such information.

12. Privacy by Design

We incorporate privacy considerations into our business processes and technology design, including:

  • Data minimization principles
  • Purpose limitation
  • Privacy impact assessments
  • Regular privacy training for employees
  • Ongoing compliance monitoring

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. We will:

  • Post updated versions on our website with the effective date
  • Notify you of material changes via email or prominent website notice
  • Maintain previous versions for your reference

14. Compliance and Certifications

Nuvarez maintains compliance with applicable privacy and security frameworks, including:

  • SOC 2 Type II certification
  • ISO 27001 information security management standards
  • Applicable data protection regulations

15. Contact Information

15.1 Privacy Inquiries

For questions about this Privacy Policy or to exercise your rights, contact us at:

Email: privacy@nuvarez.com
Phone: [Insert Phone Number]
Mail: Nuvarez LLC
Attn: Privacy Officer
[Insert Address]

15.2 Data Protection Officer

Our Data Protection Officer can be reached at: dpo@nuvarez.com

15.3 Response Time

We will respond to privacy requests within 30 days of receipt.

Document Control

  • Document ID: NUV-POL-001
  • Version: 2.0
  • Owner: Privacy Officer
  • Next Review Date: October 26, 2025