Privacy Policy

01 Who we are

Karmion Grid is an independent IT consulting practice based in Denver, Colorado. For the purposes of this policy, we are the party responsible for the personal information collected through this website and during our engagements. If you have any questions, the contact details are at the end of this page.

02 Information we collect

We collect only what we need. The personal information we may hold falls into a few categories:

• Information you give us directly. When you complete the contact form on our site, you provide your name, your company, your email address, and a description of what you need help with. If you engage us, we collect the information necessary to deliver and administer the work.
• Information collected automatically. When you visit the site, basic technical data such as your browser type, device, approximate region, and pages visited may be recorded to keep the site secure and to understand how it is used. See our Cookie Policy for detail.
• Information shared during an engagement. To perform an audit or advisory work, we may be given access to systems, documents, and operational data. Where that material contains personal information, we handle it under the terms of the engagement and our Data Security Notice.

03 How we use your information

We use personal information to respond to your enquiries, to provide and manage the consulting services you request, to send you information directly related to an active engagement, to maintain the security and proper functioning of our website, and to meet our legal and accounting obligations.

We do not sell your personal information. We do not use the contents of your enquiry or your engagement data to build marketing profiles, and we do not pass your details to third parties for their own marketing.

04 Legal bases for processing

Where applicable law requires a legal basis, we rely on the following: your consent, where you have given it; the performance of a contract, where processing is necessary to deliver a service you have requested; our legitimate interests in operating and securing our practice, balanced against your rights; and compliance with legal obligations.

05 Sharing and disclosure

We share personal information only where necessary and only with appropriate safeguards. This may include trusted service providers who help us operate, such as our website host and email provider, who act on our instructions; professional advisers such as accountants or lawyers; and authorities where we are required to disclose by law.

Any provider that processes personal information on our behalf is bound to use it only for the purpose we specify and to protect it appropriately.

06 Data retention

We keep personal information only for as long as it is needed for the purpose it was collected, or as long as required to meet legal, tax, and accounting obligations. Enquiry messages that do not lead to an engagement are kept for a limited period and then deleted. Engagement records are retained for the period set out in the engagement agreement and applicable law, after which they are securely destroyed.

07 Your rights

Depending on where you live, you may have rights over your personal information, including the right to access a copy of it, to correct inaccurate information, to request deletion, to object to or restrict certain processing, and to withdraw consent where processing is based on consent.

To exercise any of these rights, contact us using the details below. We will respond within the timeframe required by applicable law. We may need to verify your identity before acting on a request.

08 Security

We take reasonable and appropriate technical and organizational measures to protect personal information against loss, misuse, and unauthorized access. No method of transmission or storage is completely secure, but we work to keep the risk low and to respond quickly if an issue arises. Our broader approach is described in the Data Security Notice.

09 Children

Our website and services are intended for businesses and the professionals who run them. They are not directed at children, and we do not knowingly collect personal information from anyone under the age of sixteen.

10 Changes to this policy

We may update this Privacy Policy as our practice or the law changes. The date at the top of the page reflects the most recent revision. Where a change is significant, we will take reasonable steps to make it visible.