Privacy Policy

At PowerData® ("we," "us," or "our"), we are committed to protecting your privacy and handling your personal information with care and transparency. We have built our services with privacy by design principles, meaning privacy protection is embedded into every aspect of our operations from the ground up. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

1. Our Privacy by Design Approach

PowerData® is built on privacy by design principles, which means:

Data Minimization: We collect only the personal information that is absolutely necessary to provide our services. We adhere to strict data minimization principles - every piece of information we request has a specific, documented business purpose.

Privacy by Default: Your information is automatically protected with the strongest privacy settings. You don't need to configure privacy settings or opt-out of data collection - privacy protection is the default state of our systems.

Proactive Data Management: We actively delete information we no longer need rather than retaining data indefinitely. Our systems are designed to minimize data retention and automatically purge outdated information.

Purpose Limitation: We use your information solely for the purposes we've communicated to you. We don't repurpose your data for secondary uses without your explicit consent.

2. Information We Collect

Personal Information You Provide

We collect only the minimal personal information necessary to provide our services, including:

Contact Information: Name, email address, phone number, and company details (collected only when you choose to provide them through our contact forms)
Service Communications: Information you provide when requesting support or services
Account Information: Basic details required to maintain your service relationship

Data Minimization in Practice: Our contact forms request only essential information. We don't collect unnecessary details like personal demographics, browsing history, or behavioral data that isn't directly related to service delivery.

Information Collected Automatically

Website: Our marketing website collects minimal technical information only when necessary for basic functionality and security.

SaaS Application: Our software application collects technical information necessary for proper functionality, including:

Browser type and version (to ensure compatibility and proper display)
Device characteristics needed for responsive design
Session information for application functionality
IP address for security and access control

What We Don't Collect: We do not use tracking pixels, behavioral analytics, social media tracking, or other technologies designed to build profiles of your online activity or track you across websites.

Service Data

Client-Owned Data: When you use our SaaS platform, you upload, input, or create data within our system ("Service Data"). This data belongs to you - we provide the platform and tools for you to work with your own information.

Data Processing Role: We function as a data processor, storing and processing your data so you can access and work with it through our platform. The data remains under your ownership and control throughout this process.

Derivative Work: Any analysis, reports, or derivative work you create using our platform belongs to you. We facilitate the creation of this work but do not claim ownership of your results.

Storage for Service Delivery: We retain your service data throughout your active subscription because providing secure, accessible data storage is a core component of our service offering.

3. How We Use Your Information

Purpose Limitation: We use information strictly for the specific purposes outlined below and do not repurpose your data for unrelated activities:

Service Provision: To provide, maintain, and improve our platform using only the data necessary for functionality
Data Processing: To process your data according to your instructions through our platform (you control what happens to your data)
Direct Communication: To respond to your specific inquiries and provide requested customer support
Contractual Obligations: To fulfill our service agreements and maintain your data accessibility
Essential Security: To protect your data and our platform against security threats and unauthorized access
Legal Compliance: To meet applicable legal requirements (only when legally required)

What We Don't Do: We do not use your information for marketing to third parties, behavioral advertising, data analytics for non-service purposes, or any secondary uses without your explicit consent.

We process personal information based on the following legal bases:

Contractual necessity for service provision
Legitimate business interests
Legal compliance requirements
Your explicit consent where required

4. Information Sharing and Disclosure

No Data Sales: We do not sell, rent, trade, or monetize your personal information in any way. Your data is not our business model.

Minimal Sharing: We share your information only in these limited circumstances:

Service Providers

We engage minimal, carefully selected third-party service providers to support our operations:

Cloud Infrastructure: We use enterprise-grade cloud hosting services that meet SOC 2 Type II, ISO/IEC 27001, compliance standards. Our infrastructure provider does not have access to identify whose data is stored on their servers. Your data is encrypted and anonymized at the infrastructure level.

Essential Service Providers: Other service providers are limited to:

Payment processing (when applicable)
Essential security services
Customer support platforms

Privacy Protection: All service providers are contractually bound to protect information and cannot access identifiable customer data. We do not share customer identity information with infrastructure providers.

Infrastructure Details: Specific infrastructure provider information is available to customers upon request for compliance and due diligence purposes.

Legal Requirements

We may disclose your information when required by law, court order, or government request, or to protect our legal rights and interests.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to equivalent privacy protections.

4. Data Security and Protection

We implement comprehensive security measures to protect your personal information, including:

Technical Safeguards

End-to-end encryption of data in transit and at rest
Infrastructure-level anonymization - our cloud provider cannot identify data ownership
Access controls and authentication mechanisms with role-based permissions
Secure development practices throughout our software lifecycle

Administrative Safeguards

Employee training on data protection and privacy
Background checks for personnel with access to personal data
Incident response procedures
Data retention and disposal policies

Physical Safeguards

Cloud infrastructure hosted with enterprise-grade physical security
Secure disposal of any physical devices containing personal data
Remote work security protocols for distributed team access

5. Data Retention and Deletion

Proactive Data Management: We practice proactive data deletion rather than indefinite data retention.

Automatic Deletion: Our systems are designed to automatically delete personal information when it's no longer needed for its original purpose. Your data is not our product or business model.

Specific Retention Periods:

Contact form submissions: Deleted after 3 years of no interaction
Service Data: Retained while you maintain an active account (this is your data stored on our platform)
Account closure: Service data deleted within 30 days upon account termination (unless something else agreed)
System logs: Automatically deleted after 1 year maximum
Marketing communications: Immediate deletion upon opt-out request

Data Minimization Over Time: We regularly review and purge data that is no longer necessary for service delivery, ensuring our data footprint remains minimal and purposeful.

6. International Data Transfers

If we transfer your personal information outside your country of residence, we ensure appropriate safeguards are in place, such as:

Adequacy decisions by relevant authorities
Standard contractual clauses
Binding corporate rules
Your explicit consent
By default, data is kept in country unless you provide specific consent.

7. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Access: Request information about the personal data we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information (subject to legal requirements)
Portability: Your data is your and can be exported at any point
Restriction: Request limitation of processing in certain circumstances
Objection: Object to processing based on legitimate interests
Opt-out: Unsubscribe from marketing communications

To exercise these rights, contact us at privacy@powerdata.com. We will respond to your request within the timeframes required by applicable law.

8. Cookies and Tracking Technologies

Website: Our marketing website does not use cookies to track traffic or visitor behavior. We do not use analytics cookies, tracking pixels, or other technologies to monitor your browsing activity on our website.

SaaS Application: Our software application uses essential cookies and browser detection solely for functionality purposes, including:

Session management to keep you logged in
User interface preferences and settings
Browser compatibility detection to properly display the application
Security tokens to protect against unauthorized access

No Behavioral Tracking: We do not use cookies or tracking technologies to:

Build advertising profiles
Track your behavior across other websites
Collect analytics data for marketing purposes
Share data with advertising networks

Functional Necessity: All cookies used in our SaaS application are strictly necessary for the software to function properly and provide the service you've requested.

9. Third-Party Links and Services

Our website may contain links to third-party websites or services. This Privacy Policy does not apply to these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

10. Children's Privacy

Our services are not directed to individuals under the age of 13 (or 16 in the European Union). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete such information promptly.

11. Regional Privacy Rights

California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, sold, or disclosed, and the right to opt-out of the sale of personal information.

European Union Residents (GDPR)

EU residents have rights under the General Data Protection Regulation, including the rights listed in Section 7 above. Our legal basis for processing is typically contractual necessity or legitimate business interests.

12. Contact Information

For privacy-related questions, concerns, or to exercise your rights, please contact us at privacy@powerdata.com

For general inquiries: support@powerdata.com

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

Posting the updated policy on our website
Sending email notification to registered users
Providing notice through our services

Your continued use of our services after the effective date of changes constitutes acceptance of the updated policy.