Legal Documentation

Privacy Policy

Effective Date: January 1, 2024  |  Last Updated: January 1, 2024

1

Introduction and Our Commitment to Privacy

Nexus Monterrosa LLC ("Company," "we," "our," or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website, engage our consulting services, or otherwise interact with us.

As a boutique consultancy specializing in operational efficiency and structural optimization, we understand the sensitive nature of the business information our clients share with us. We treat all personal and business information with the highest level of confidentiality and security.

This Privacy Policy applies to:

  • Our website at nexusmonterrosa.com and any associated subdomains
  • All consulting services and client engagements
  • Email communications, contact forms, and newsletter subscriptions
  • Any other interactions with our business

Your Consent: By using our website or engaging our services, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with our practices, please do not use our services or provide your information.

2

Information We Collect

We collect various types of information depending on how you interact with us. This section details the categories of information we may collect and the sources from which we obtain them.

2.1 Information You Provide Directly

When you interact with us, you may voluntarily provide information including:

  • Contact Information: Name, email address, phone number, company name, job title, and mailing address.
  • Inquiry Information: Details about your business challenges, operational needs, and project requirements submitted through contact forms or during consultations.
  • Account Information: If you create a client portal account, we collect login credentials and profile information.
  • Payment Information: Billing address and payment details. Note: We do not store complete credit card numbers; payment processing is handled by secure third-party payment processors.
  • Communications: Content of emails, messages, and other communications you send to us.
  • Survey and Feedback Responses: Information you provide in response to client satisfaction surveys, testimonials, or feedback requests.

2.2 Information Collected During Engagements

When you engage our consulting services, we may collect and process:

  • Business Operational Data: Information about your business processes, workflows, organizational structure, and operational metrics necessary to perform our services.
  • Employee Information: Names, roles, and contact information of your team members involved in the engagement.
  • Financial Data: Revenue information, cost structures, and other financial metrics relevant to operational analysis.
  • Strategic Documents: Business plans, strategy documents, and other materials shared for analysis purposes.
  • Interview and Meeting Notes: Information gathered during stakeholder interviews and working sessions.

Important: All client business information received during engagements is treated as confidential and is protected by both this Privacy Policy and the confidentiality provisions in our service agreements.

2.3 Information Collected Automatically

When you visit our website, certain information is collected automatically through cookies and similar technologies:

  • Device Information: IP address, browser type and version, operating system, device identifiers, and screen resolution.
  • Usage Information: Pages visited, time spent on pages, click patterns, referring URLs, and navigation paths through our site.
  • Location Information: General geographic location based on IP address (country, state/region, city).
  • Log Data: Server logs that record website access, including timestamps, error logs, and access patterns.

2.4 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Business networking platforms and professional databases
  • Referral partners who recommend our services
  • Publicly available business information sources
  • Social media platforms (if you interact with our social media presence)
  • Analytics providers and marketing partners
3

How We Use Your Information

We use the information we collect for various purposes, all aimed at delivering valuable services and improving your experience. The following table outlines the primary purposes and legal bases for our data processing activities:

Purpose Legal Basis
Providing consulting services Contract performance
Responding to inquiries Legitimate interest / Contract
Processing payments Contract performance
Sending service updates Contract performance
Marketing communications Consent / Legitimate interest
Website analytics Legitimate interest
Legal compliance Legal obligation

Detailed Use Cases:

  • Service Delivery: To perform diagnostic audits, develop recommendations, create deliverables, and provide ongoing support as part of our consulting engagements.
  • Communication: To respond to your inquiries, send project updates, share deliverables, and maintain ongoing client relationships.
  • Business Operations: To manage contracts, process invoices, maintain records, and conduct internal reporting and analysis.
  • Service Improvement: To analyze engagement outcomes, refine our methodologies, and develop new service offerings that better meet client needs.
  • Marketing: To send newsletters, industry insights, and information about our services (with your consent where required).
  • Website Enhancement: To understand how visitors use our website and improve its functionality and content.
  • Security: To protect our systems, detect fraud, and ensure the security of our digital infrastructure.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests.
4

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and collect usage information. This section explains our use of these technologies.

What Are Cookies? Cookies are small text files placed on your device when you visit a website. They help the website remember your preferences, understand how you use the site, and improve your experience.

Types of Cookies We Use:

  • Essential Cookies: Required for basic website functionality, such as page navigation and security features. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our website by collecting information about pages visited, time spent, and navigation patterns. We use Google Analytics and similar tools.
  • Functional Cookies: Remember your preferences and choices (such as language or region) to provide enhanced, personalized features.
  • Marketing Cookies: Track your activity across websites to deliver relevant advertisements and measure campaign effectiveness.

Managing Cookies: Most web browsers allow you to control cookies through their settings. You can typically set your browser to refuse cookies, delete existing cookies, or alert you when cookies are being sent. Please note that disabling certain cookies may impact website functionality.

Do Not Track: Some browsers have "Do Not Track" features that signal to websites that you do not want your browsing activity tracked. We currently do not respond to "Do Not Track" signals, but you can manage tracking through cookie settings and opt-out mechanisms described above.

5

Information Sharing and Disclosure

We take the confidentiality of your information seriously. We do not sell your personal information to third parties. However, we may share information in the following circumstances:

  • Service Providers: We engage trusted third-party service providers who perform services on our behalf, such as hosting providers, payment processors, email services, and analytics platforms. These providers are bound by contractual obligations to protect your information and use it only for the purposes we specify.
  • Professional Advisors: We may share information with our attorneys, accountants, auditors, and other professional advisors in connection with the professional services they provide to us.
  • Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you before your information becomes subject to a different privacy policy.
  • Legal Requirements: We may disclose information when required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • With Your Consent: We may share information with third parties when you explicitly consent to such sharing.
  • Aggregate or De-identified Information: We may share aggregate or de-identified information that cannot reasonably be used to identify you for research, analysis, or marketing purposes.

Client Engagement Data: Information collected during consulting engagements is subject to strict confidentiality provisions in our service agreements. Such information is never shared with third parties except as explicitly authorized by the client or required by law.

6

Data Security

We implement comprehensive security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. Our security program includes:

Technical Safeguards:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Secure, access-controlled cloud infrastructure
  • Regular security assessments and vulnerability testing
  • Intrusion detection and monitoring systems
  • Multi-factor authentication for system access
  • Regular software updates and security patches

Organizational Safeguards:

  • Employee training on data protection and security practices
  • Access controls limiting data access to authorized personnel only
  • Confidentiality agreements with all employees and contractors
  • Incident response procedures for potential security breaches
  • Regular review and updating of security policies
  • Vendor security assessments for third-party service providers

Breach Notification: In the event of a data breach that affects your personal information, we will notify you in accordance with applicable laws. Such notification will include a description of the breach, the types of information involved, and steps we are taking to address the situation.

While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information to the best of our ability.

7

Data Retention

We retain your information for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary based on the type of information:

  • Client Engagement Records: Retained for seven (7) years after engagement completion for legal, tax, and professional liability purposes.
  • Contact and Communication Records: Retained for three (3) years after last contact for prospective clients, or as long as the business relationship continues for active clients.
  • Financial Records: Retained for seven (7) years in accordance with tax and accounting requirements.
  • Marketing Preferences: Retained until you unsubscribe or request deletion.
  • Website Analytics Data: Typically retained for twenty-six (26) months.
  • Cookie Data: Varies by cookie type, from session-only to up to two (2) years.

When information is no longer needed, we securely delete or anonymize it. In some cases, we may retain anonymized or aggregate data indefinitely for research and analytical purposes.

8

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information. We are committed to honoring these rights and providing you with control over your data.

Rights Available to All Users:

  • Access: Request information about what personal data we hold about you and receive a copy of that data.
  • Correction: Request correction of inaccurate or incomplete personal information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements and legitimate business needs.
  • Opt-Out of Marketing: Unsubscribe from marketing communications at any time by clicking the unsubscribe link in emails or contacting us directly.
  • Cookie Preferences: Manage your cookie preferences through your browser settings.

Additional Rights for California Residents (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by businesses
  • Right to opt-out of the sale of personal information (Note: We do not sell personal information)
  • Right to non-discrimination for exercising privacy rights

Additional Rights for EEA/UK Residents (GDPR):

  • Right to restrict processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

Exercising Your Rights: To exercise any of these rights, please contact us using the contact information provided at the end of this policy. We will respond to your request within the timeframes required by applicable law (typically 30-45 days). We may need to verify your identity before processing your request.

9

International Data Transfers

Nexus Monterrosa LLC is based in the United States, and our primary data processing activities occur within the United States. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States.

The data protection laws of the United States may differ from those in your jurisdiction. By using our services or providing your information to us, you consent to this transfer, storage, and processing in the United States.

For transfers of personal data from the European Economic Area (EEA) or United Kingdom (UK), we implement appropriate safeguards as required by applicable law, which may include Standard Contractual Clauses approved by the European Commission or other valid transfer mechanisms.

10

Third-Party Links and Services

Our website may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to third-party services, and we are not responsible for the privacy practices of any third party.

We encourage you to review the privacy policies of any third-party services you visit. When you click on a third-party link, you will be directed to that third party's site, and their privacy policy will govern the collection and use of your information.

Third-party services we may link to or integrate with include, but are not limited to:

  • Social media platforms (LinkedIn, Twitter, etc.)
  • Calendar scheduling tools
  • Payment processing services
  • Video conferencing platforms
  • Cloud storage services
11

Children's Privacy

Our services are designed for businesses and business professionals. We do not knowingly collect personal information from children under the age of 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. If we discover that we have collected personal information from a child under 16, we will promptly delete that information.

12

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Post the updated policy on our website
  • For significant changes, provide notice through email (for clients and subscribers) or a prominent notice on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information. Your continued use of our services after any changes to this policy constitutes acceptance of the updated policy.

13

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Team using the information below. We are committed to addressing your concerns and will respond to your inquiry as promptly as possible.

When contacting us about a privacy matter, please include sufficient information for us to identify you and understand your request. For data subject requests, we may need to verify your identity before processing your request.

Privacy Inquiries & Data Requests

Email
support@nexusmonterrosa.com
Phone
+1 916 987 7305
Address
4724 Selkirk Way
Fair Oaks, CA 95628