Privacy Policy

Last Updated: December 15, 2024

1. Introduction

IAMCompass ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our identity and access management assessment services and website.

2. Information We Collect

2.1 Personal Information

We collect information you provide directly to us, including:

  • Name and job title
  • Company name and size
  • Email address
  • Phone number (optional)
  • Assessment responses and results

2.2 Automatically Collected Information

When you use our services, we automatically collect:

  • IP address and location data
  • Browser type and version
  • Device information
  • Usage data and analytics
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use the collected information for:

  • Providing and improving our assessment services
  • Generating personalized IAM maturity reports
  • Communicating with you about our services
  • Sending relevant industry insights and updates (with consent)
  • Analyzing usage patterns to enhance user experience
  • Complying with legal obligations

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information:

  • With service providers who assist in our operations
  • When required by law or legal process
  • To protect our rights, privacy, safety, or property
  • With your explicit consent
  • In connection with a business transaction (merger, acquisition, etc.)

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • SSL/TLS encryption for data transmission
  • Encrypted storage of sensitive information
  • Regular security audits and assessments
  • Access controls and authentication mechanisms
  • Employee training on data protection

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Assessment data is typically retained for 3 years to allow for progress tracking and comparison.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a portable format
  • Opt-out: Unsubscribe from marketing communications
  • Restriction: Limit how we use your information

To exercise these rights, contact us at privacy@iamcompass.com

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze site traffic and usage patterns
  • Personalize content and recommendations
  • Improve our services and user experience

You can control cookies through your browser settings, but disabling them may limit functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses and adequacy decisions.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

11. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for the privacy practices of these external sites and encourage you to review their privacy policies.

12. Updates to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date.

13. Contact Information

For questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: privacy@iamcompass.com

Address: IAMCompass, 1, Deflon St., Nicosia, Cyprus

Phone: +357 96 99 11 87

14. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale of personal information (which we do not do).

15. European Privacy Rights

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local supervisory authority.