1. Introduction

This Privacy Policy describes how Emergere ("we," "us," or "our") collects, uses, and discloses your information. This policy is designed to comply with US state and federal privacy standards and aligns with our ISO 27001 and SOC 2 security frameworks.

2. Information We Collect

When you interact with the forms on our website (such as "Contact Us," "Get a Quote," or "Sign Up"), we collect the following:

• Identifiers: Name, professional email, phone number, and IP address.
• Professional Information: Company name, job title, and industry.
• Internet Activity: Metadata from your interaction with our website, including timestamps and form submission details.
• Communication Content: Any specific requirements or inquiries typed into our "Contact Us" or "Inquiry" forms.

3. Purpose of Processing (How We Use Your Data)

We process your information based on the following functional needs:

• Inquiry Fulfillment: To respond to your requests for information or technical services. 
• Platform Security: Using automated tools and backend logs to prevent unauthorized access or "denial of service" attacks on our application infrastructure.
• Operational Excellence: To analyze website performance and improve the user experience of our cloud-integrated portals.
• Compliance: To maintain audit trails required by US financial and security frameworks. 

4. Data Storage and Infrastructure

As a global technology partner, we adhere to the highest international standards for data protection - data is processed and stored using a secure modern tech stack:

• Cloud Hosting: All form data is stored within our Microsoft Azure environment, utilizing encryption at rest AES-256.
• Secure Transmission: Data sent from your browser to our FastAPI backend is protected via TLS1.2 or higher.
• Access Control: Access to your contact information is strictly limited to authorized personnel (Principle of Least Privilege) and is monitored through our centralized logging system. 
• Security Frameworks: Our data handling practices are audited against SOC 2 Type II and ISO 27001:2022 standards.
• Data Residency: While our headquarters is in Dallas, Texas, we utilize Azure's regional data centres to ensure that, where possible, your data remains within your local jurisdiction.

5. Sharing with Third Parties

We only share your information with third parties in the following limited circumstances:

• Service Providers: Sub-processors like Azure (hosting) or our CRM provider, who are contractually bound to protect your data under Data Processing Agreements (DPAs).
• Legal Requirements: If required by US law enforcement or in response to a valid legal request.

6. National Data Rights (US-Wide)

Depending on your residency (e.g., California, Virginia, or Colorado), you may have the following rights:

• Right to Access: You may request a copy of the personal data we hold about you.
• Right to Correction: You may request that we update or fix inaccurate information.
• Right to Deletion: You may request that we purge your contact information from our active databases.
• Non-Discrimination: We will not deny services or change pricing because you have exercised your privacy rights.

7. Data Retention

We retain contact form data only as long as necessary to fulfil the purpose of the inquiry or to satisfy legal, accounting, or reporting requirements. Typically, inactive contact records are purged after 6 months.

8. Contact Us

If you have questions about this policy or wish to exercise your data rights, please contact our Privacy Team:

• Email: Privacy@emergertech.com
• Address: 8105 Rasor Blvd, Suite 60, Plano, Texas 75024