Privacy Policy

Effective Date: 07/02/2025
Last Updated: 07/02/2025
Website: https://www.akrosstech.com
Company: Akrostech Consulting LLC (“Akrostech,” “we,” “us,” or “our”)

1. Scope and acceptance

This Privacy Policy describes how Akrostech collects, uses, discloses, transfers, and protects personal information (“Personal Data”) when you visit or use our website, submit forms, register for services, communicate with us (including via SMS), or otherwise interact with us. By using our website or services you accept the terms of this Policy.

2. Definitions

  • Personal Data / Personal Information: any information relating to an identified or identifiable natural person (e.g., name, email, phone number).

  • Sensitive Personal Data / Sensitive Personal Information: special categories (GDPR) or “sensitive” under local law (e.g., racial or ethnic origin, health, biometric data, certain financial information). We will only process sensitive categories where we have an explicit legal basis and, where required, explicit consent.

  • Processing: collection, use, storage, disclosure, transfer, erasure, or any operation performed on Personal Data.

  • Controller / Data Fiduciary: the entity that determines purposes and means of processing (Akrostech, unless otherwise stated).

  • Processor / Data Processor / Service Provider: a third party who processes Personal Data on our behalf under contract.

  • SMS Opt-in List: the list of mobile numbers and related consent metadata for people who have explicitly consented to receive SMS communications from Akrostech.

3. What Personal Data we collect

We collect Personal Data you provide directly and data collected automatically:

Data you give us (examples)

  • Identity & contact: name, job title, company, email, postal address, phone/mobile number.

  • Payment & billing: payment card or bank details only when you pay; note: payments are processed by third-party payment processors (see Section 9).

  • Communications: messages, inquiries, support tickets, and the content you send.

  • SMS opt-in: mobile number, timestamp of consent, method of consent, message consent text and metadata.

  • Job applicants: resume/CV, employment history, references, education (only where applicable).

Data collected automatically

  • Technical: IP address, device identifiers, browser type and version, operating system, timestamped logs.

  • Usage: pages visited, referral URLs, cookie identifiers, interaction events.

4. How we collect Personal Data

  • Directly from you (forms, account creation, email, phone, SMS opt-in).

  • From service providers acting on our behalf (hosting, analytics, payment processors) — only where needed and under contract.

  • From public sources (where permitted).

  • Via cookies and similar technologies (see Section 10).

5. Purposes of processing & lawful bases

We process Personal Data to perform the contract with you, comply with legal obligations, pursue legitimate business interests (balanced with user rights), and/or where we have your consent:

Examples:

  • Provide, maintain, and improve services and website functionality (contract / legitimate interest).

  • Respond to inquiries, support requests, and communications (contract/legitimate interest).

  • Billing, invoicing, and payment processing (contract / legal obligation).

  • Send service messages, transactional updates, and SMS messages you opt into (consent for marketing; contract/legitimate interest for transactional messages).

  • Fraud prevention, security, auditing, and compliance (legal obligation / legitimate interest).

  • Marketing and promotional communications — only if you have given explicit, opt-in consent (where required by law).

If we rely on legitimate interest, we will perform and document a balancing test and will provide notice and an opt-out where required by law.

6. SMS communications — explicit policy and non-sharing commitment

Akrostech treats SMS consent and SMS opt-in lists with the highest protection:

  • SMS consent :
     We will not share your opt-in to an SMS campaign with any third party for purposes unrelated to providing you with the services of that campaign. We may share your Personal Data, including your SMS opt-in or consent status, with third parties that help us provide our messaging services, including but not limited to platform providers, phone companies, and any other vendors who assist us in the delivery of text messages
     
     All of the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

  • Opt-out process.
    You may choose to stop receiving text messages from Akrostech Consulting at any time. To opt out, simply reply to any text message you receive from us or send to (332) 287-0846 with the word ‘STOP’ or ‘UNSUBSCRIBE.’ Once we receive your opt-out request, we will promptly remove your number from our messaging list. 

7. Sharing Personal Data — strict limits and examples

We do not sell, rent, or trade Personal Data for marketing purposes. We do not share SMS opt-ins with third parties for marketing or resale purposes.

We may disclose Personal Data only in the limited cases below:

  1. To service providers (processors) who perform services for us (hosting, email delivery, payment processing, SMS gateway vendors, analytics). Such processors are contractually bound to process Personal Data only on our documented instructions, to keep it confidential, and to employ appropriate security measures.

  2. To comply with legal obligations (court order, subpoena, law enforcement request), to enforce our Terms of Service, or to protect the rights, property, or safety of Akrostech, our users, or the public.

  3. Corporate transactions: in connection with a sale, merger, reorganization, or acquisition, Personal Data may be transferred as an asset. In such events, we will require the acquiring entity to honor this Policy and any consents obtained, and where feasible we will provide notice and an opportunity to opt out of certain secondary uses.

  4. With your explicit consent for a specified purpose. If you authorize sharing with a third party, we will share only the data you authorize and we will document the consent.

When we disclose Personal Data to processors, we require written contracts that include confidentiality, security, deletion/return obligations, and restrictions on onward transfers.

8. International transfers and safeguards

Akrostech operates internationally. Personal Data may be stored or accessed in countries other than where you reside (for example: U.S. and India). Such transfers may occur only where legitimate and protected by appropriate safeguards, such as:

  • an adequacy decision by the European Commission or competent authority, or

  • standard contractual clauses (SCCs) or other contractual transfer mechanisms approved for international transfers, or

  • binding corporate rules or other law-compliant measures.

You have the right to request information about the safeguards in place for transfers of your Personal Data. (See European Commission guidance on SCCs and international transfers.)

9. Third-party services, analytics & cookies

  • We use certain third-party services (e.g., hosting, payment gateways, analytics, email delivery). Some of those services will collect technical and usage information directly (for example, analytics providers). We require these vendors to act as processors and not to use Personal Data for their own marketing purposes.

  • We use cookies and similar technologies to operate the site, improve experience, and analyze site usage. Non-essential cookies (analytics, advertising) are used only after obtaining required consent where the law requires it (see Section 10).

10. Cookies & tracking (user control)

We provide a cookie banner and preferences tool at first visit: you may accept or decline non-essential cookies. You can manage your cookie preferences through the banner or via your browser settings. For EU/EEA visitors, we obtain prior consent for non-essential cookies in accordance with ePrivacy rules.

11. Data retention & deletion

  • We retain Personal Data only as long as necessary to fulfill the purposes described in this Policy, or as required by law. Retention periods differ by data type (transactional records may be retained longer for tax or audit obligations).

  • When Personal Data is no longer necessary, we will securely delete or anonymize it.

  • To request deletion or to exercise other rights (see Section 13), contact us at the address below. Certain data may be retained to the extent required by law, to protect legitimate interests (e.g., fraud prevention), or to defend legal claims.

12. Security

We implement administrative, technical, and physical safeguards appropriate to the type of data and the risk involved, including encryption in transit, access controls, periodic security testing, and staff training. While we strive to protect Personal Data, no security measure is perfect — if a breach affecting Personal Data occurs, we will follow the notification procedures required by applicable law and notify affected individuals and regulators as required (e.g., GDPR 72-hour notification rule).

13. Data subject rights (your rights) — summary & how to exercise

Depending on your jurisdiction, you may have the following rights:

Under GDPR (EU/EEA):

  • Right of access; right to rectification; right to erasure (“right to be forgotten”); right to restriction of processing; right to portability; right to object to processing (including profiling); right to withdraw consent; right to lodge a complaint with a supervisory authority. (GDPR requires data controllers to respond within set timeframes and to report certain breaches within 72 hours.) European Commission

Under California law (CCPA/CPRA):

  • Right to know what Personal Data is collected and disclosed; right to delete; right to correct; right to opt-out of sale or sharing (we do not sell/share — see Section 7); right to limit the use and disclosure of sensitive personal information; right to non-discrimination for exercising privacy rights. California Attorney General

Under India’s DPDP (where applicable):

  • Rights include access, correction, grievance mechanism, and other rights as provided by the Act; the Act applies to digital personal data in India and processing targeted to India. MeitY

How to exercise:

To exercise any of the above rights, contact us at:

Privacy / Data Protection Contact
Akrostech Consulting LLC
Email: contact@akrostec h.info
Phone: (332) 287-0846
Website: www.akrosstech.com