Menu
Close Menu
Menu
Scroll Down
Back to home

Privacy Policy

Applies to: denvento.com and its subdomains
This Privacy Policy explains how the Website operator collects, uses, discloses, transfers, and protects personal data when you access denvento.com, interact with our forms and pages, receive our communications, or otherwise use features made available on or through the Website.

1. Identity and Contact Details

Controller: Website operator for denvento.com
Contact for privacy matters: [email protected]

Postal contact: [Insert mailing address for privacy requests]

EU/UK matters: If you are located in the EEA or UK and require an EU/UK representative or Data Protection Officer (DPO), contact [email protected]; we will provide the appropriate contact information once appointed.

2. Scope and Applicability

This Policy applies to personal data processed via the Services, including visits to the Website, form submissions (e.g., contact, newsletter), account areas if offered, and our marketing communications.

Important: This Policy does not apply to third-party websites, platforms, or services that may be linked from the Website or to any separate contractual services that have their own data processing terms (e.g., a Data Processing Addendum "DPA" for project work).

3. Categories of Personal Data We Collect

Data you provide directly: Identification and contact details (name, email address, phone number, job title, company), account details if you register (username; hashed password if applicable), form contents and correspondence (messages, attachments, preferences), billing identifiers if relevant to paid features.
Data collected automatically: Device and usage data (IP address, browser/OS type and version, device identifiers, language, referrer URL, pages viewed, buttons clicked, date/time, session duration), log and diagnostic data for security and performance, approximate location inferred from IP address.
Data from third parties: Lead and analytics service providers, publicly available sources, event organizers, and your organization if it authorizes your use of the Services.
We do not intentionally collect special categories of data (e.g., health, religion) nor information about children. Payment card data is handled by our payment provider and not stored by us.

4. Purposes and Legal Bases (GDPR/UK GDPR)

Where required, we rely on one or more legal bases for processing:

Provide and operate the Services: Running the Website, responding to inquiries, enabling account features. Legal basis: contract performance and legitimate interests.
Security and abuse prevention: Fraud/threat detection, access controls, logging. Legal basis: legitimate interests; legal obligations where applicable.
Customer support: Handling requests, troubleshooting, service notices. Legal basis: contract performance and legitimate interests.
Analytics and improvement: Understanding usage, improving content and navigation. Legal basis: legitimate interests; consent where required.
Marketing communications: Newsletters, updates, offers sent to subscribers. Legal basis: consent (opt-in), or legitimate interests for existing customers.
Compliance and enforcement: Record keeping, audits, regulatory requests, legal claims. Legal basis: legal obligation; legitimate interests.
Consent withdrawal: Where we rely on consent, you may withdraw it at any time; withdrawal does not affect processing already carried out.

5. How We Use Personal Data

We use personal data to:

  • deliver, maintain, and personalize the Services
  • communicate with you and respond to your requests
  • protect the Services, users, and our rights
  • measure and improve Website performance and content
  • provide newsletters and updates where you subscribe
  • comply with applicable laws and enforce our terms

We may create aggregated or anonymized data for statistical reporting; such data is not considered personal data.

6. Sharing and Disclosures

We do not sell personal information. We share personal data only as follows and with appropriate safeguards:
  • Service providers / processors: hosting, email delivery, analytics, security, customer support, log and performance monitoring
  • Professional advisers: legal, tax, or audit advisers bound by confidentiality
  • Legal and safety: where required by law, regulation, subpoena, or to protect rights, safety, and property
  • Corporate transactions: in connection with mergers, acquisitions, financing, or sale of assets
  • Affiliates: entities under common control operating under this Policy

We may disclose aggregated or de-identified information that does not identify you.

7. Cookies and Similar Technologies

We use cookies, pixels, and local storage to operate the Website, remember preferences, perform analytics, and (where permitted) tailor communications.

  • Strictly necessary cookies: operate without consent to provide core functionality
  • Analytics/marketing cookies: operate only with your consent where required

You can manage your choices via your browser settings and (if present) our on-site Cookie Settings tool. If you block cookies, some features may not function.

Do Not Track: At this time, the Website does not respond to "DNT" signals due to a lack of common standards; you can control tracking via the methods above.

8. International Data Transfers

Where personal data is transferred outside your country (for example, from the EEA/UK to a country without an adequacy decision), we use appropriate safeguards such as Standard Contractual Clauses (SCCs) and the UK IDTA/Addendum, along with technical and organizational measures (encryption in transit, access controls, least-privilege).

Redacted copies of relevant transfer mechanisms can be provided upon request where legally permissible.

9. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes in this Policy, including to meet legal, accounting, or reporting obligations. Typical retention periods are:

  • Contact and inquiry records: up to 24 months after last interaction
  • Account records (if offered): for the life of the account and up to 6 years after closure
  • Support and ticketing data: up to 6 years after resolution
  • Marketing subscriptions: until you opt out or after 24 months of inactivity
  • Web logs and diagnostics: up to 12 months, unless needed for security or investigations

Where feasible, we anonymize or aggregate data sooner for analytics. If legal holds apply, retention may be extended.

10. Security Measures

We implement administrative, technical, and organizational measures appropriate to the risk, including: encrypted transport (TLS), access controls with least-privilege principles, credential and key management, monitoring and logging, vulnerability management, and staff confidentiality commitments.

Security notice: No method of transmission or storage is 100% secure; if a data breach occurs that affects you, we will notify you as required by law.

11. Your Rights

Your rights depend on your location and applicable law. Subject to conditions and verification, you may have the right to:

Access your personal data and obtain a copy
Rectify inaccurate or incomplete data
Erase data in certain circumstances
Restrict processing in certain circumstances
Object to processing based on legitimate interests
Data portability in structured format
Withdraw consent at any time

How to exercise your rights:

Email [email protected] with sufficient details to verify your identity and describe your request. If you authorize someone to act on your behalf, we may require proof of authorization and identity.

Supervisory authorities:

EEA/UK users can lodge a complaint with their local data protection authority. You may also contact us first; we will do our best to resolve your concern.

12. Children's Privacy

The Services are not directed to individuals under 16 (or the minimum age required by your local law). We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact [email protected] and we will take steps to delete it.

13. Region-Specific Information

California (CPRA):

  • We do not "sell" personal information and do not "share" it for cross-context behavioral advertising
  • We do not use or disclose sensitive personal information for purposes requiring a "Limit the Use" link
  • California residents may exercise access, deletion, and correction rights and may use an authorized agent

Other U.S. state laws:

Similar rights may exist in states such as Virginia, Colorado, Connecticut, and others; submit requests to [email protected].

14. Roles and Processing on Your Instructions

For personal data we determine the purposes and means of processing (e.g., Website operation, direct marketing), we act as a controller. If, in separate contractual engagements, we process personal data on your documented instructions (e.g., within your systems), we act as a processor under a mutually executed Data Processing Addendum (DPA).

That DPA governs sub-processors, security, and cross-border transfers for those activities.

15. Third-Party Websites and Services

The Services may link to third-party websites or integrate third-party resources. Those providers have their own privacy terms. We are not responsible for their practices; review their privacy notices before providing personal data.

16. Changes to This Policy

We may update this Policy from time to time. The "Last updated" date shows the latest revision. If changes materially affect your rights, we will provide additional notice where required by law (e.g., via the Website or email).

Get in Touch
Close
Terms of Service Privacy Policy Disclaimer of Liability Marketing & Communication Consent