Privacy Policy

1. Overview

InContext Solutions ("InContext," "we," "us," or "our") is committed to protecting the privacy of individuals who interact with our services, websites, and platforms. This Privacy Policy explains how we collect, use, store, share, and protect personal data, and describes the choices available to you regarding your information.

This policy applies to:

• Website visitors who access our websites and online platforms
• Customers who use InContext Solutions products and services
• Partners who collaborate with us through business relationships
• Prospective customers who engage with our sales and marketing activities

This is a public-facing privacy notice provided in accordance with the EU General Data Protection Regulation (GDPR) Articles 13 and 14, the California Consumer Privacy Act (CCPA), and other applicable privacy laws. It is distinct from our internal compliance framework.

2. Information We Collect

Information You Provide Directly

We collect personal data that you voluntarily provide to us, including:

• Contact information — Name, email address, phone number, mailing address, and job title
• Account credentials — Username, password, and authentication details when you create an account
• Business information — Company name, industry, role, and project requirements provided in the course of our business relationship
• Communications — Messages, feedback, survey responses, and other correspondence you send to us
• Payment information — Billing details processed through our secure payment providers

Information Collected Automatically

When you interact with our websites and services, we automatically collect certain data, including:

• Usage data — Pages visited, features used, actions taken within our platforms, time spent on pages, and referring URLs
• Device and browser information — IP address, browser type and version, operating system, screen resolution, and device identifiers
• Cookies and tracking technologies — Data collected through cookies, web beacons, pixels, and similar technologies (see Section 9 for details)
• Log data — Server logs recording access times, error reports, and system activity

3. How We Use Your Information

We use the personal data we collect for the following purposes:

• Providing and improving services — Delivering, maintaining, and enhancing our products and platforms
• Account management — Creating and administering your account, authenticating your identity, and managing your subscription
• Customer support — Responding to your inquiries, troubleshooting issues, and providing technical assistance
• Security and fraud prevention — Detecting, investigating, and preventing unauthorized access, fraud, and other security threats
• Legal compliance — Meeting our obligations under applicable laws, regulations, and legal processes
• Marketing communications — Sending product updates, newsletters, and promotional materials where you have opted in or where we have a legitimate interest to do so. You may opt out of marketing communications at any time by using the unsubscribe link in any email or by contacting us directly.
• Analytics and service improvement — Analyzing usage patterns, conducting research, and improving the functionality, performance, and user experience of our services

4. Legal Bases for Processing

Under the GDPR, we process personal data only where we have a lawful basis to do so. The legal bases we rely on include:

• Consent — You have given us clear permission to process your personal data for a specific purpose. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
• Contract performance — Processing is necessary to fulfill a contract with you or to take steps at your request before entering into a contract. This includes providing our services, managing your account, and processing transactions.
• Legitimate interests — Processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Our legitimate interests include improving our services, ensuring security, and conducting direct marketing to existing customers.
• Legal obligation — Processing is necessary to comply with a legal requirement to which we are subject, such as tax reporting, regulatory obligations, or responding to lawful requests from authorities.

5. Information Sharing and Disclosure

We share personal data only in the following circumstances:

• Service providers and subprocessors — We engage trusted third-party companies to perform services on our behalf, such as cloud hosting, analytics, payment processing, and customer support. These providers are contractually bound to process personal data only as instructed by us and to maintain appropriate security measures.
• Legal and regulatory authorities — We may disclose personal data where required by law, regulation, legal process, or enforceable governmental request, or where disclosure is necessary to protect our rights, safety, or property.
• Business transfers — In the event of a merger, acquisition, reorganization, or sale of assets, personal data may be transferred as part of that transaction. We will notify you of any such change and the choices available to you.
• With your consent — We may share your information with third parties where you have given us explicit consent to do so.

InContext Solutions does not sell personal data. We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Our retention practices are guided by the following principles:

• Account and service data — Retained for the duration of your account or business relationship, plus a reasonable period thereafter to allow for reactivation or to address post-termination inquiries
• Transaction and billing records — Retained for the period required by applicable tax and financial reporting laws, typically seven years
• Marketing and communications data — Retained until you withdraw consent or opt out, after which data is promptly suppressed or deleted
• Usage and analytics data — Retained in aggregated or anonymized form for service improvement; identifiable usage data is retained for no longer than 24 months
• Legal and compliance records — Retained for the period required to comply with legal obligations or to establish, exercise, or defend legal claims

When determining retention periods, we consider the volume, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes of processing, and whether those purposes can be achieved through other means.

You may request deletion of your personal data at any time (see Section 8). Deletion requests are fulfilled subject to any overriding legal obligations that require continued retention.

7. Data Security

InContext Solutions implements appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Encryption of personal data in transit and at rest
• Access controls ensuring that personal data is accessible only to authorized personnel with a legitimate business need
• Monitoring and logging of access to systems containing personal data
• Regular security assessments and vulnerability testing
• Employee training on data protection and security practices
• Incident response procedures to detect, respond to, and recover from security events

While no method of transmission or storage is completely secure, we continuously review and enhance our security measures to protect your information. For further details on our security framework, refer to our published security policies.

8. Your Rights

Rights Under the GDPR

If you are located in the European Economic Area or the United Kingdom, you have the following rights regarding your personal data:

• Right of access — You may request confirmation of whether we process your personal data and obtain a copy of that data.
• Right to rectification — You may request correction of inaccurate personal data or completion of incomplete data.
• Right to erasure — You may request deletion of your personal data where it is no longer necessary, where consent has been withdrawn, or where processing is unlawful.
• Right to restriction — You may request that we restrict processing of your personal data in certain circumstances, such as while we verify the accuracy of contested data.
• Right to data portability — You may request to receive your personal data in a structured, commonly used, machine-readable format, and to have it transmitted to another controller where technically feasible.
• Right to object — You may object to processing based on legitimate interests or direct marketing at any time.

GDPR rights requests are responded to within 30 calendar days of receipt. This period may be extended by up to 60 additional days for complex requests, in which case you will be informed of the extension and the reasons for it.

Rights Under the CCPA

If you are a California resident, you have the following rights:

• Right to know — You may request information about the categories and specific pieces of personal data we have collected, the purposes of collection, and the categories of third parties with whom we share data.
• Right to delete — You may request deletion of personal data we have collected from you, subject to certain exceptions.
• Right to opt out — You have the right to opt out of the sale of personal data. As stated above, InContext Solutions does not sell personal data.
• Right to non-discrimination — We will not discriminate against you for exercising any of your CCPA rights.

CCPA rights requests are responded to within 45 calendar days of receipt. This period may be extended by an additional 45 days where reasonably necessary, provided you are notified of the extension.

9. Cookies and Tracking Technologies

Our websites use cookies and similar tracking technologies to enhance your experience and analyze usage.

Types of Cookies We Use

• Essential cookies — Required for the basic operation of our websites, such as session management and security. These cookies cannot be disabled.
• Analytics cookies — Help us understand how visitors interact with our websites by collecting anonymous usage statistics. We use these insights to improve site functionality and content.
• Functional cookies — Enable enhanced features and personalization, such as remembering your preferences and settings.

Cookie Management

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies, although doing so may affect the functionality of our websites. Where required by law, we will obtain your consent before placing non-essential cookies.

Third-Party Cookies

Some cookies on our websites are placed by third-party service providers that assist us with analytics and functionality. These third parties process data in accordance with their own privacy policies. We review our third-party cookie providers to ensure they maintain appropriate data protection standards.

10. International Data Transfers

InContext Solutions is headquartered in the United States and processes personal data in multiple jurisdictions. Where personal data is transferred from the European Economic Area, the United Kingdom, or other jurisdictions with data transfer restrictions, we ensure that appropriate safeguards are in place:

• Adequacy decisions — Where the European Commission has determined that the recipient country provides an adequate level of data protection
• Standard Contractual Clauses (SCCs) — EU-approved contractual terms that bind the data importer to appropriate data protection obligations

Our primary cloud infrastructure is hosted on Microsoft Azure, with data center regions selected to meet the residency and regulatory requirements of the data we process. We assess the legal framework of each recipient country and apply supplementary measures where necessary.

11. Children's Privacy

Our services are directed at businesses and professionals and are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will take prompt steps to delete that data. If you believe a child has provided us with personal data, please contact us at the address in Section 13.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes, we will:

• Post the updated policy on our website with a revised effective date
• Notify affected individuals through email or a prominent notice on our platforms where appropriate

We encourage you to review this policy periodically to stay informed about how we protect your information. Your continued use of our services after the effective date of a revised policy constitutes acceptance of the updated terms.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us:

Revision History