Privacy Policy

Last updated: February 23, 2026

1. Introduction

Oriented Software LLC (“Oriented,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, retain, and safeguard information when you visit our website (orientedsoftware.com), engage our AI governance services, use our platform, or otherwise interact with us. This policy applies to business contacts, clients, and visitors. We process personal information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA) and the California Consumer Privacy Act (CCPA) as amended by the CPRA for California residents.

2. Information We Collect

We collect information in the following categories:

Information You Provide

  • Contact Information: Name, email address, phone number, job title, and company name when you contact us, request a Governance Readiness Assessment, subscribe to updates, or engage our services.
  • Engagement Information: Project requirements, AI system details, technical specifications, and other information shared during consultations, governance sprints, or implementation engagements.
  • Account Information: Login credentials and profile information if you create an account or use our platform (when available).
  • Communications: Content of emails, messages, and other correspondence with us.

Information Collected Automatically

  • Usage Data: Pages visited, time spent, referring URLs, and interactions with our website.
  • Technical Data: IP address, browser type and version, operating system, device type, and unique device identifiers.
  • Cookies and Similar Technologies: See Section 8 for details.

3. Purposes and Legal Bases for Processing

We process your information for the following purposes:

  • Providing and delivering our services, including assessments and implementations
  • Communicating with you about engagements, support, and updates
  • Processing and administering contracts and payments
  • Improving our website, services, and platform
  • Analyzing usage patterns and conducting analytics (where permitted)
  • Sending marketing communications (with your consent or where permitted by law)
  • Complying with legal obligations and protecting our rights
  • Detecting and preventing fraud, security incidents, and abuse

Legal bases (GDPR): We process personal data based on: (a) performance of a contract; (b) legitimate interests (e.g., service improvement, security); (c) compliance with legal obligations; or (d) your consent, where required.

4. How We Share Information

We do not sell personal information. We may share information with:

  • Service Providers: Vendors who assist with hosting, analytics, email delivery, customer relationship management, and similar functions, under contractual obligations to protect your data.
  • Professional Advisors: Lawyers, accountants, and auditors when necessary for our business operations.
  • Legal and Regulatory: Courts, regulators, or law enforcement when required by law or to protect our rights.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, subject to continued compliance with this policy.

5. Data Retention

We retain personal information only as long as necessary to fulfill the purposes described in this policy or as required by law. For example: contact and engagement data is retained for the duration of our relationship and for a reasonable period thereafter for legal and business purposes; website and analytics data may be retained in aggregate or anonymized form; and we may retain records needed for legal compliance, dispute resolution, or enforcement of our agreements. When retention periods expire, we securely delete or anonymize the data.

6. Data Security

We implement appropriate technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction. These measures include access controls, encryption where appropriate, secure development practices, and regular reviews. However, no method of transmission over the Internet or electronic storage is completely secure. We encourage you to protect your account credentials and contact us promptly if you suspect unauthorized access.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to certain exceptions.
  • Portability: Request a copy of your data in a structured, machine-readable format (where applicable).
  • Objection: Object to processing based on legitimate interests or for direct marketing.
  • Restriction: Request restriction of processing in certain circumstances.
  • Withdraw Consent: Where processing is based on consent, withdraw consent at any time.
  • Opt Out of Sale/Sharing (CCPA): We do not sell personal information. California residents may opt out of “sharing” for cross-context behavioral advertising if we engage in such sharing in the future.
  • Non-Discrimination (CCPA): We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at info@orientedsoftware.com. We will respond within the timeframes required by applicable law (e.g., 45 days under CCPA, 30 days under GDPR). We may need to verify your identity before processing requests.

EEA/UK: You have the right to lodge a complaint with a supervisory authority in your country of residence. For the UK, this is the Information Commissioner’s Office (ico.org.uk).

8. Cookies and Tracking

Our website may use cookies and similar technologies (e.g., local storage, pixels) to:

  • Essential: Enable core functionality such as navigation and security.
  • Analytics: Understand how visitors use our site (e.g., via Vercel Analytics or similar). We use aggregated data to improve our website.
  • Preferences: Remember your settings and choices.

You can control cookies through your browser settings. Disabling certain cookies may affect site functionality. Where required by law, we obtain consent before using non-essential cookies. We honor global privacy control (GPC) signals where supported.

9. International Transfers

We are based in the United States. If you are outside the U.S., your information may be transferred to and processed in the U.S. or other countries. When we transfer data from the EEA, UK, or Switzerland, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or equivalent mechanisms. You may request further information about our transfer safeguards.

10. Children

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us and we will delete it.

11. Third-Party Links

Our website may contain links to third-party sites (e.g., LinkedIn, GitHub). We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

12. California-Specific Disclosures

For California residents, we provide the following under the CCPA/CPRA:

  • Categories Collected (last 12 months): Identifiers (name, email, IP); commercial information (engagement history); internet activity (usage data); professional information (job title, company); and inferences drawn from the above.
  • Sources: Directly from you; from your browser or device; from service providers.
  • Purposes: As described in Section 3.
  • Sharing: With service providers as described in Section 4. We do not sell personal information.
  • Sensitive Personal Information: We do not collect sensitive personal information as defined under the CCPA (e.g., precise geolocation, racial/ethnic origin, health information) for purposes that require opt-in rights.

To exercise your California rights, email info@orientedsoftware.com. An authorized agent may submit requests on your behalf with proof of authorization.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable law. We will post the updated policy on this page and update the “Last updated” date. For material changes affecting how we use your personal information, we will provide notice (e.g., by email or prominent notice on the Site) where required by law. Your continued use of our Site or services after the effective date constitutes acceptance of the revised policy.

14. Contact Us

For questions about this Privacy Policy, to exercise your rights, or for data protection inquiries:

Email: info@orientedsoftware.com