Privacy Policy

Last updated: January 2025

1. INTRODUCTION

AuditsReady ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services (collectively, the "Services").

Key Points:

  • We collect personal and business information to provide our Services
  • We use third-party services (analytics, email) that may process your data
  • We comply with GDPR for European Union users
  • We do not sell your personal data
  • You have rights to access, correct, and delete your data

2. WHO WE ARE

Data Controller:

AuditsReady

Email: info@auditsready.com

Phone: +1-403-404-4643

Website: https://auditsready.com

For GDPR purposes, AuditsReady is the data controller responsible for your personal data.

3. INFORMATION WE COLLECT

3.1 Information You Provide Directly

Contact and Business Information:

  • Name, email address, phone number
  • Company name, industry, job title
  • Billing address and payment information

Customer Data (Submitted for Analysis):

  • Documents submitted via email or file transfer
  • Standard Operating Procedures (SOPs)
  • Quality management system documentation
  • Email communications regarding your project

Contact Forms:

  • Name, email, phone, company, message content
  • Service requests and inquiries
  • Newsletter subscriptions (if offered)

Note: We do not currently require account creation or passwords. All services are provided via email communication.

3.2 Information Collected Automatically

Usage Data:

  • IP address, browser type, device information
  • Pages visited, features used, time spent
  • Referral source, search queries
  • Click behavior and interaction patterns

Cookies and Tracking Technologies:

  • Analytics cookies (Google Analytics for website traffic)
  • No session or authentication cookies (no user accounts currently)

See Section 9 for detailed cookie information.

3.3 Information from Third Parties

Payment Processors:

  • Transaction data from payment providers (Stripe, etc.)
  • Does NOT include full credit card numbers (we receive only last 4 digits)

Analytics Providers:

  • Google Analytics (website traffic, demographics, behavior)

4. HOW WE USE YOUR INFORMATION

4.1 Providing Services (Legal Basis: Contract Performance)

  • Communicating with you about your project
  • Processing AI analysis of your documents
  • Generating gap analysis reports and recommendations
  • Providing consulting and customer support
  • Processing payments and billing
  • Storing documents securely during and after project completion

4.2 Improving Services (Legal Basis: Legitimate Interest)

  • Analyzing usage patterns to improve AI accuracy
  • Developing new features and functionality
  • Conducting research and analytics
  • Monitoring platform performance

4.3 Communications (Legal Basis: Consent or Legitimate Interest)

  • Sending service-related emails (receipts, account updates)
  • Marketing communications (newsletters, product updates) - WITH YOUR CONSENT
  • Responding to inquiries and support requests
  • Conducting surveys and requesting feedback

4.4 Legal and Security (Legal Basis: Legal Obligation / Legitimate Interest)

  • Preventing fraud and abuse
  • Complying with legal obligations
  • Enforcing our Terms of Service
  • Protecting rights and safety of users

4.5 Aggregate Data (Legal Basis: Legitimate Interest)

Creating anonymized, aggregate statistics about:

  • Industry trends in ISO 9001 compliance
  • Common gaps found across manufacturers
  • Platform usage patterns

This data cannot identify individual users.

5. LEGAL BASIS FOR PROCESSING (GDPR)

For users in the European Union, we process personal data based on:

  • Contract: Providing Services you've requested
  • Consent: Marketing emails, optional cookies (you can withdraw anytime)
  • Legitimate Interest: Service improvement, security, analytics
  • Legal Obligation: Tax compliance, fraud prevention

6. HOW WE SHARE YOUR INFORMATION

We do NOT sell your personal data. We share data only in these situations:

6.1 Service Providers (Data Processors)

We use third-party companies to support our Services:

  • Cloud Hosting: Secure data storage and processing
  • Analytics: Google Analytics (website behavior tracking)
  • Email Services: Resend (transactional emails)
  • Payment Processing: Stripe (secure payment processing)

These providers process data only as instructed and must maintain confidentiality.

6.2 Business Transfers

If AuditsReady is involved in a merger, acquisition, or asset sale, your information may be transferred. We will notify you before your data is transferred and becomes subject to different privacy practices.

6.3 Legal Requirements

We may disclose information if required by law, court order, or regulatory authority, or to:

  • Protect our legal rights
  • Prevent fraud or security threats
  • Comply with legal processes

6.4 With Your Consent

We will share your information with third parties when you explicitly consent.

7. DATA RETENTION

We retain your information for as long as necessary to provide Services and comply with legal obligations:

  • Contact Information: Retained for ongoing business relationship
  • Customer Data (Documents): Deleted 90 days after project completion (unless you request earlier deletion)
  • Email Communications: Retained for 90 days after project completion
  • Payment Records: Retained 7 years for tax/accounting purposes
  • Marketing Data: Until you unsubscribe or request deletion
  • Legal Retention: Some data retained longer if required by law

You may request immediate deletion by emailing info@auditsready.com with "Data Deletion Request" in the subject line.

8. YOUR PRIVACY RIGHTS

8.1 Rights Under GDPR (EU Users)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure ("Right to be Forgotten"): Request deletion of your data
  • Restrict Processing: Limit how we use your data
  • Data Portability: Receive your data in a machine-readable format
  • Object: Object to processing based on legitimate interest
  • Withdraw Consent: Stop marketing emails or optional tracking at any time
  • Lodge a Complaint: File a complaint with your local data protection authority

How to Exercise Rights: Email info@auditsready.com with "GDPR Request" in the subject line.

Response Time: We will respond within 30 days.

8.2 Rights Under CCPA (California Users)

California residents have the right to:

  • Know what personal information is collected
  • Know if personal information is sold or disclosed (we don't sell data)
  • Request deletion of personal information
  • Opt-out of data sales (not applicable - we don't sell)
  • Non-discrimination for exercising rights

8.3 Rights for All Users

Regardless of location, you can:

  • Update your contact information anytime
  • Unsubscribe from marketing emails (link in every email)
  • Request data deletion by contacting us
  • Disable cookies in your browser (may affect functionality)

9. COOKIES AND TRACKING

9.1 What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve our Services.

9.2 Cookies We Use

Essential Cookies (Always Active):

  • Security and fraud prevention
  • Load balancing

Analytics Cookies (Can Be Disabled):

  • Google Analytics: Traffic analysis, user behavior, demographics
  • Tracks: Page views, session duration, referral sources

9.3 Third-Party Cookies

  • Google Analytics: Analytics and advertising (privacy policy: https://policies.google.com/privacy)

9.4 Managing Cookies

You can control cookies through:

  • Browser settings (Chrome, Safari, Firefox, etc.)
  • Opt-out tools: https://tools.google.com/dlpage/gaoptout

Note: Disabling essential cookies may prevent you from using some features.

10. DATA SECURITY

We implement reasonable security measures to protect your information:

10.1 Technical Safeguards

  • Encryption in transit: HTTPS/TLS for website and email transmission
  • Encryption at rest: Secure file storage with encryption
  • Access controls: Limited access to customer documents
  • Secure email storage: Encrypted email storage systems

10.2 Organizational Safeguards

  • Employee training on data protection
  • Confidentiality agreements with staff and contractors
  • Incident response procedures
  • Document deletion procedures after retention period

10.3 Document Transfer

  • Primary method: Email with HTTPS/TLS encryption
  • Alternative: Secure Cloud Storage (available upon request)
  • Your responsibility: Choose the method that meets your security needs
  • Recommendations: Password-protect files with sensitive information

10.4 Email Security

  • Email limitations: Email is not a fully secure method of communication
  • Our practices: We use encrypted email storage and secure file handling procedures

10.5 Limitations

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. Email communication carries inherent risks.

11. DATA TRANSFERS

AuditsReady is based in Canada. If you access Services from outside Canada, your data may be transferred to, stored, and processed in Canada.

11.1 EU Data Transfers

For users in the European Union, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) with third-party processors
  • Adequacy decisions where applicable
  • Your explicit consent for transfers

12. CHILDREN'S PRIVACY

Our Services are not directed to individuals under 18 years old. We do not knowingly collect personal data from children. If we learn we have collected information from a child, we will delete it immediately.

If you are a parent/guardian and believe your child provided us with data, contact us at info@auditsready.com.

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Changes will be posted on this page with a new "Last Updated" date.

Material changes (affecting how we use your data) will be notified via:

  • Email to your registered address
  • Prominent notice on our website

Continued use of Services after changes constitutes acceptance.

14. CONTACT US

For questions, concerns, or to exercise your privacy rights:

AuditsReady

Email: info@auditsready.com

Phone: +1-403-404-4643

Website: https://auditsready.com

15. REGULATORY AUTHORITIES

If you believe we have not addressed your privacy concerns, you may contact:

EU Users:

Your local data protection authority (find yours: https://edpb.europa.eu/about-edpb/board/members_en)

California Users:

California Attorney General's Office (https://oag.ca.gov/privacy)

Canada Users:

Office of the Privacy Commissioner of Canada (https://www.priv.gc.ca/)