Privacy Policy

Effective Date: Apr 13, 2026

DeyoGroup (“DeyoGroup,” “we,” “our,” or “us”) is committed to protecting the privacy and security of personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information in connection with our website and business operations. This policy is designed to align with industry best practices, including principles consistent with SOC 2 Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, and Privacy).

1. Scope of This Policy

This Privacy Policy applies to:

  • Visitors to our website
  • Individuals who contact us or engage with us for business purposes
  • Prospective and existing clients

This policy does not apply to data processed on behalf of our clients. In those cases, we act as a service provider or processor, and such data is governed by client agreements (e.g., Master Services Agreements or Data Processing Addenda).

2. Information We Collect

We may collect the following categories of information:

a. Information You Provide Directly

  • Name
  • Email address
  • Phone number
  • Company name
  • Any information submitted through contact forms or communications

b. Automatically Collected Information

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and usage data

c. Cookies and Tracking Technologies

We may use cookies and similar technologies to improve user experience, analyze site usage, and support security functions.

3. How We Use Information

We use collected information to:

  • Respond to inquiries and provide requested services
  • Communicate with prospective and existing clients
  • Improve our website and services
  • Maintain security and prevent fraud or misuse
  • Comply with legal and regulatory obligations

We do not sell personal information.

4. Legal Basis for Processing

Where applicable, we process personal information based on:

  • Legitimate business interests
  • Consent (where required)
  • Compliance with legal obligations

5. Data Sharing and Disclosure

We may share information with:

  • Service providers and vendors who support our operations (e.g., hosting, analytics)
  • Professional advisors (e.g., legal, accounting)
  • Authorities when required by law

All third parties are required to maintain appropriate confidentiality and security measures.

6. Data Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including:

  • Access controls based on least privilege
  • Encryption in transit where appropriate
  • Secure infrastructure and monitoring
  • Incident detection and response procedures

These practices are aligned with SOC 2 Security and Confidentiality principles.

7. Data Retention

We retain personal information only as long as necessary to:

  • Fulfill the purposes outlined in this policy
  • Comply with legal and contractual obligations
  • Resolve disputes and enforce agreements

8. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access your personal information
  • Request correction or deletion
  • Opt out of certain communications
  • Request information about how your data is used

To exercise these rights, contact us at the information below.

9. Client Data Processing

When DeyoGroup processes data on behalf of clients:

  • We act as a service provider or processor
  • We process data only per client instructions
  • We do not use client data for our own purposes
  • Data handling is governed by applicable agreements (e.g., MSA, DPA)

10. International Data Transfers

If applicable, we take appropriate measures to ensure that international data transfers comply with relevant legal requirements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date.

12. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us:

The Deyo Group Inc.

security@deyogroup.com
972-494-5615

13. California Privacy Rights (if applicable)

California residents may have additional rights under the California Consumer Privacy Act (CCPA/CPRA), including the right to request access to or deletion of personal information and to opt out of certain data sharing practices.

We do not sell personal information as defined under California law.

14. SOC 2 Alignment Statement

The DeyoGroup Inc maintains internal controls and processes designed to align with SOC 2 Trust Services Criteria, including:

  • Security: Protection against unauthorized access
  • Availability: Systems designed for operational performance and uptime
  • Processing Integrity: Accurate and authorized data processing
  • Confidentiality: Protection of sensitive information
  • Privacy: Responsible handling of personal information

While this Privacy Policy reflects these principles, it does not constitute a formal SOC 2 report or certification.