Privacy Statement

INTRODUCTION

CX Advisors is a professional services agency. We do not operate Software-as-a-Service (SaaS) products or proprietary digital networks.

We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Statement describes our policies and practices regarding collection and use of your personal data, and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Statement as we undertake new personal data practices or adopt new privacy policies.

HOW WE COLLECT AND USE YOUR PERSONAL INFORMATION

We collect personal information about our website visitors and clients. With a few exceptions, this information is generally limited to:

  • Name

  • Job Title

  • Employer Name

  • Work Address

  • Work Email

  • Work Phone Number

We use this information to provide prospects and clients with our services.

We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services.

From time to time, we receive personal information about individuals from third parties. Typically, information collected from third parties will include further details on your employer or industry. We may also collect your personal data from a third-party website (e.g. LinkedIn).

USE OF OUR WEBSITE

As is true of most other websites, our website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of our website, including a history of the pages you view. We use this information to help us design our site to better suit our visitors’ needs.

WHEN AND HOW WE SHARE INFORMATION WITH THIRD PARTIES

We do not otherwise reveal your personal data to non-company personnel or businesses for their independent use unless you request or authorize it, or the information is provided to comply with the law. We restrict access to confidential information using the principle of least privilege. Permissions and access rights not expressly granted are, by default, prohibited. Personnel are only granted the specific access required to perform their operational functions. Access to confidential client records is restricted and can only be shared with external parties with mutual approval.

TRANSFERRING PERSONAL DATA TO THE U.S.

We are headquartered in the United States. Information we collect about you will be processed in the United States. By using our services, you acknowledge that your personal information will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR.

Depending on the circumstance, we also collect and transfer to the U.S. personal data with consent; to perform a contract with you; or to fulfill a compelling legitimate interest in a manner that does not outweigh your rights and freedoms. We endeavor to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with our company and the practices described in this Privacy Statement. We also enter into data processing agreements with vendors whenever feasible and appropriate.

DATA SUBJECT RIGHTS

You may request information about the purpose of the processing, the categories of personal data concerned, and who else outside the company might have received the data. All personal data that the company controls may be deleted upon a verified request from Data Subjects or their authorized agents.

SECURITY OF YOUR INFORMATION

We employ strict asset management protocols and access controls to prevent unauthorized disclosure, modification, and/or removal of your personal data.

DATA STORAGE AND RETENTION

Your personal data is stored on the servers of the cloud-based services that we engage with. The company retains service data for the duration of our business relationship, and for a period thereafter, to analyze the data for operations, historical, and archiving purposes. Specific retention periods for project-related assets and personally identifiable information are governed by our internal Data Retention Matrix, with most project data being purged within 90 days of contract conclusion. We will retain prospect data until such time as it no longer has business value and is purged from our systems. All personal data that we control may be deleted upon verified request from Data Subjects or their authorized agents.

QUESTIONS, CONCERNS, OR COMPLAINTS

We have appointed an internal Security Delegate who is responsible for evaluating risks, coordinating information security policies, and addressing access and security events. If you have questions, concerns, complaints, or would like to exercise your rights, please contact us at security@cxadvisors.com.