Privacy Policy

Effective Date: April 17, 2025

Everyday GRC (“we,” “us,” or “our”) respects your privacy and processes personal data in compliance with applicable privacy laws including the Act on the Protection of Personal Information (APPI), the General Data Protection Regulation (GDPR), and relevant U.S. privacy regulations such as the California Consumer Privacy Act (CCPA).

1. Information We Collect

When you interact with our site, we may collect:

• Identifiers: Name, email, phone number, company name, company website (optional)
• Message content you voluntarily submit
• Technical data: Browser type, device info, IP address, and interaction logs

2. Legal Basis & Purpose of Use

We collect and use data to:

• Respond to your inquiries and provide services (contractual necessity or legitimate interest)
• Improve site functionality (legitimate interest)
• Meet legal obligations

We may request your explicit consent where required (e.g., for future marketing).

3. Data Sharing & Subprocessors

We do not sell your personal data.

We may use trusted third-party providers (e.g., Formspree) to process data securely. Subprocessors are contractually bound to protect personal information and may be located globally under data transfer safeguards (e.g., SCCs or adequacy decisions).

4. Retention

We retain personal data only as long as necessary to fulfill the purposes above or comply with legal and regulatory requirements.

5. Cookies

We currently do not use cookies for advertising or tracking. If cookies are introduced, we will update this policy and offer opt-in mechanisms where required by law (e.g., GDPR).

6. Your Rights

Depending on your location, you may have the right to:

• Access, correct, or delete your personal data
• Object to or restrict certain processing
• Withdraw consent at any time (where applicable)
• Data portability (EU)
• Opt out of the sale or sharing of personal data (U.S.)

To exercise your rights, contact: [email protected]