Privacy Policy – DStrategyTech

Privacy Policy
Introduction
Welcome to the Vendor Risk Management application. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application. If you do not agree with the terms of this Privacy Policy, please do not use the application.

Information We Collect
We collect personal information that you voluntarily provide to us when you register, use the application, or otherwise interact with our services. The types of personal information we may collect include:

Contact Information: Name, email address, phone number, address, and other similar contact data.
Vendor Information: Details about your vendors, including name, email, phone, address, website, industry, number of employees, revenue, location, tax ID, payment terms, classification, onboarding date, and status.
Contract Information: Details related to vendor contracts, including contract ID, vendor ID, product/service ID, start and end dates, renewal options, and contract terms.
Review and Assessment Information: Information related to vendor reviews and security assessments, including review dates, types, reviewers, overall ratings, review summaries, risk scores, assessment dates, assessment types, assessors, security ratings, and findings.
User Information (Optional): If using Azure Active Directory integration, user IDs, usernames, names, and roles.
Attachments: File names, content types, file sizes, and binary data for documents.
How We Use Your Information
We use the collected information to:

Provide, operate, and maintain our application.
Improve, personalize, and expand our application.
Understand and analyze how you use our application.
Develop new products, services, features, and functionality.
Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the application, and for marketing and promotional purposes.
Process your transactions and manage your use of the application.
Prevent fraudulent transactions, monitor against theft, and protect against criminal activity.
Comply with legal obligations and resolve any disputes.
Sharing Your Information
We do not share your personal information with third parties except in the following circumstances:

Service Providers: We may share your information with third-party service providers who perform services on our behalf, such as data storage, processing, and analysis.
Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
Security of Your Information
We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other types of misuse.

Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:

The right to access – You have the right to request copies of your personal data.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our provided contact information.

Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.