Privacy Policy

1. Introduction

NovaStack Consulting ("Company," "we," "us," or "our"), located at 3043 East Cairo Street, Springfield, MO 65802, is committed to protecting the privacy and security of personal information entrusted to us by our website visitors, prospective clients, and existing clients. This Privacy Policy describes how we collect, use, disclose, store, and protect your personal information when you visit our website, interact with our content, submit inquiries through our contact forms, or engage our IT consulting and advisory services.

We encourage you to read this Privacy Policy carefully to understand our practices regarding your personal data. By accessing or using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described in this policy, please do not use our website or submit any personal information to us.

This Privacy Policy applies to all information collected through our website, email communications, contact forms, consultation requests, and any other channels through which you may provide personal information to NovaStack Consulting. It does not apply to information collected by third-party websites or services that may be linked from our website.

2. Information We Collect

2.1 Information You Provide Directly

When you interact with our website and services, you may voluntarily provide us with certain personal information. This includes information submitted through our contact forms, consultation request forms, email correspondence, and during the course of advisory engagements. The types of information we may collect directly from you include:

• Full name and professional title or designation
• Email address and business email address
• Company or organization name, size, and industry
• Telephone number and preferred contact method
• Business address and geographic location
• Description of your technology challenges, requirements, and objectives
• Service interest and preferred engagement type
• Any additional information you choose to include in communications with us

2.2 Information Collected Automatically

When you visit our website, certain information is collected automatically through standard web technologies. This information helps us understand how visitors interact with our website and allows us to improve our content and user experience. Automatically collected information may include:

• Internet Protocol (IP) address and approximate geographic location derived from your IP address
• Browser type, version, and language preferences
• Operating system and device type (desktop, tablet, mobile)
• Referring website URL and search engine query terms
• Pages visited on our website, time spent on each page, and navigation paths
• Date and time of each visit and the total duration of each session
• Cookies and similar tracking technologies as described in our cookies section below

2.3 Information from Engagement Activities

During the course of advisory engagements, clients may share organizational, technical, and strategic information with us for the purpose of conducting assessments and developing recommendations. This information is treated as confidential in accordance with our engagement agreements and the confidentiality provisions outlined in our Terms of Service. We collect and process this information solely for the purpose of delivering the advisory services described in the engagement agreement.

3. How We Use Your Information

NovaStack Consulting uses the personal information we collect for the following purposes:

• To respond to your inquiries, consultation requests, and communications in a timely and professional manner
• To prepare and deliver proposals, statements of work, and engagement agreements tailored to your specific requirements
• To perform our IT consulting and advisory services, including assessments, analyses, strategy development, and deliverable preparation
• To communicate important updates regarding our services, engagement milestones, and deliverable schedules
• To improve, personalize, and optimize our website content, user interface, and overall user experience
• To analyze website traffic patterns, visitor behavior, and engagement metrics for internal business analytics purposes
• To maintain our internal records, manage client relationships, and ensure quality assurance across our advisory practice
• To comply with applicable legal and regulatory obligations, respond to lawful requests from governmental authorities, and protect our legal rights and interests
• To prevent fraudulent activity, unauthorized access, and misuse of our website and services

We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects on you. We do not sell, rent, lease, or trade your personal information to third parties for their direct marketing purposes.

4. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance your browsing experience, analyze website performance, and understand visitor behavior. Cookies are small text files that are stored on your device when you visit a website. They allow the website to recognize your device and remember certain information about your visit.

The types of cookies we may use include essential cookies that are necessary for the basic functionality of our website, performance cookies that help us understand how visitors interact with our website by collecting anonymous statistical data, and preference cookies that remember your choices and settings to provide a more personalized experience.

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies, although doing so may impact the functionality and user experience of our website. By continuing to use our website without modifying your cookie settings, you consent to the use of cookies as described in this section.

5. Data Sharing and Disclosure

NovaStack Consulting does not sell, trade, or rent your personal information to third parties. We may share your personal information only in the following limited circumstances:

• With trusted service providers who assist us in operating our website, conducting our business, or servicing you, subject to confidentiality agreements and data protection obligations
• When we believe disclosure is necessary to comply with applicable law, regulation, legal process, or enforceable governmental request
• To protect the rights, property, or safety of NovaStack Consulting, our clients, our website visitors, or the public as required or permitted by law
• In connection with a merger, acquisition, reorganization, or sale of assets, in which case your personal information may be transferred to the acquiring entity, subject to the same privacy protections described in this policy

Any third-party service providers with whom we share personal information are contractually obligated to use that information only for the purposes for which it was disclosed and to maintain appropriate security measures to protect the confidentiality and integrity of the data.

6. Data Security

NovaStack Consulting implements reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, disclosure, or destruction. These measures include the use of encryption for data in transit, access controls to limit access to personal information to authorized personnel only, regular security assessments and reviews, and secure storage systems for electronic and physical records.

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee the absolute security of your data, and you acknowledge that you provide personal information to us at your own risk. In the event of a data breach that compromises the security of your personal information, we will take appropriate measures to notify affected individuals and relevant authorities as required by applicable law.

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The retention period for different categories of information may vary based on the nature of the information, the purposes for which it was collected, and our legal obligations.

Contact form submissions and consultation inquiries are generally retained for a period of two (2) years from the date of submission. Client engagement records and associated documentation are retained for a period of seven (7) years following the completion of the engagement. Website analytics data is retained in aggregate form and is not associated with individual personal identifiers beyond twelve (12) months.

Upon expiration of the applicable retention period, we will securely delete or anonymize your personal information in accordance with our data disposal procedures. If deletion is not immediately possible due to technical constraints, we will take reasonable steps to securely store the information and isolate it from further processing until deletion is feasible.

8. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information, including:

• The right to access the personal information we hold about you and request a copy of that information
• The right to request correction or update of inaccurate or incomplete personal information
• The right to request deletion of your personal information, subject to applicable legal and contractual obligations
• The right to object to or restrict certain types of processing of your personal information
• The right to data portability, allowing you to receive your personal information in a structured, commonly used, and machine-readable format
• The right to withdraw consent at any time for processing activities based on your consent

To exercise any of these rights, please contact us using the contact information provided at the end of this policy. We will respond to your request within a reasonable timeframe, and no later than required by applicable law. We may need to verify your identity before processing your request to ensure the security of your personal information.

9. Third-Party Links

Our website may contain links to third-party websites, services, or resources that are not owned or controlled by NovaStack Consulting. This Privacy Policy applies only to information collected by NovaStack Consulting through our own website and services. We are not responsible for the privacy practices, content, or security of any third-party websites. We encourage you to review the privacy policies of any third-party websites you visit before providing any personal information.

10. Children's Privacy

Our website and services are not directed at individuals under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child under 18, we will take immediate steps to delete that information from our systems. If you believe that we may have collected information from a child, please contact us immediately using the contact information provided below.

11. Changes to This Privacy Policy

NovaStack Consulting reserves the right to update or modify this Privacy Policy at any time to reflect changes in our information practices, applicable laws, or business operations. When we make material changes to this Privacy Policy, we will update the "Last updated" date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information. Your continued use of our website and services following the posting of changes to this policy constitutes your acceptance of those changes.