Legal and data governance

Privacy Policy

This Privacy Policy explains how CravenIT Solutions collects, uses, protects, and manages personal data in connection with our website, discovery process, and service delivery operations.

Privacy Contact Review Your Rights

General Rules Terms & Conditions

Interpretation and Definitions

Capitalized terms in this document carry defined meanings regardless of singular or plural usage.

For this policy, the Company is CravenIT Solutions, LLC, operating from Florida, United States.

Account: A unique account created to access services or service features.
Company: CravenIT Solutions, LLC (referred to as We, Us, or Our).
Cookies: Small data files stored on a device for technical, security, and experience-related purposes.
Device: Any device that can access our website or services, including desktop and mobile devices.
Personal Data: Information that identifies or can reasonably identify an individual person.
Usage Data: Technical and interaction data collected automatically when using the website.
Service Providers: Vendors or subprocessors that process data on our behalf for permitted business purposes.

Data We Collect

Identity and contact data (such as name, email, phone).
Project and service inquiry data submitted through forms or communications.
Technical usage data such as IP address, device/browser metadata, and page interaction timestamps.
Operational records required for account support, service fulfillment, and contractual administration.

Children's Privacy

Our services are not directed to children under 13, and we do not knowingly collect personal data from children under 13 without lawful parental authorization.

How We Use Personal Data

Provide, operate, and improve our services.
Respond to inquiries, discovery requests, and support communications.
Manage service delivery, security operations, and incident response workflows.
Comply with legal obligations and enforce agreements.
Conduct internal analytics and service quality monitoring.

Lawful Bases for Processing

Performance of a contract or pre-contractual steps requested by you.
Legitimate interests in operating, securing, and improving services.
Compliance with legal obligations.
Consent where required by law (including consent controls for optional cookies where applicable).

Cookies and Tracking Technologies

We use cookies and related technologies for service integrity, user preference persistence, and measurement where implemented.

Necessary cookies: Required for core website functionality, session integrity, and security-related operation.
Preference cookies: Remember user settings and improve repeat-visit usability where implemented.
Measurement cookies: Support aggregate analytics to understand service usage and improve performance.

You can manage cookie settings through browser controls and the cookie preference center when available.

Security of Personal Data

Role-based access controls and least-privilege access boundaries.
Encryption in transit (TLS) and platform-level encryption at rest where available.
Administrative authentication controls including strong credentials and MFA-capable workflows.
Ongoing patching, dependency maintenance, and vulnerability remediation practices.
Monitoring, logging, and triage procedures for security and service incidents.
Controlled backup and restoration practices aligned with service scope.

No method of transmission or storage is guaranteed to be 100% secure, but we apply commercially reasonable safeguards appropriate to service scope and risk.

Retention and International Transfers

Data is retained only as long as needed for service delivery, legal compliance, dispute resolution, and enforcement of agreements.
Retention periods vary by data category, business purpose, and statutory requirements.
When data is no longer required, we delete, anonymize, or securely archive it according to operational controls.

Personal data may be processed in the United States and other jurisdictions where our providers operate. Where required, we apply contractual and organizational safeguards for cross-border transfers.

Your Privacy Rights

Request access to personal data we hold about you.
Request correction of inaccurate or incomplete personal data.
Request deletion, subject to legal and contractual retention obligations.
Object to or restrict certain processing where rights are provided by law.
Request export/portability where technically feasible and legally required.
Withdraw consent where processing depends on consent.

To submit a request, contact us through our website contact channel with enough detail to verify your request and relationship to the data.

Compliance and Contractual Governance

This Privacy Policy is part of our legal framework with the General Rules and Terms & Conditions.
Where required for enterprise engagements, additional instruments such as NDAs and DPAs are executed contractually.
Regulatory or industry-specific obligations (for example HIPAA, GLBA, or similar frameworks) apply only when explicitly documented in signed agreements.
If a confirmed security incident affects personal data, notification is handled without undue delay when required by applicable law.
Signed service agreements control project-specific privacy and security obligations for paid delivery engagements.

Policy Updates and Contact

We may update this Privacy Policy from time to time. Material updates become effective when posted to this page unless otherwise required by law.

External Links

Our website may include links to third-party sites. We do not control third-party privacy practices and recommend reviewing their policies before providing personal data.

For privacy questions, rights requests, or legal concerns, contact us through the official channels on our contact page.

Last updated: May 26, 2026