Illuminator Global Technologies Logo - Best Software Development CompanyIlluminator Global Technologies

Privacy Policy

Last updated: August 17, 2025

Illuminator Global Technologies and its controlled affiliates ("Illuminator", "we", "us", or "our") respect your privacy and are committed to protecting personal and business information collected during the provision of our Services. This policy describes how we collect, use, share, retain and protect data and the choices available to individuals.

A. Roles, Controller & Processor

Depending on the relationship and the processing activity, Illuminator may act as a Controller (deciding purposes and means) or as a Processor (processing data on behalf of a Customer). For customer engagements, the contract or Data Processing Addendum (DPA) sets out roles, responsibilities and instructions.

B. Data We Collect & Sources

We collect data directly from individuals and organizations, from our customers, and from third-party sources. Types include:

  • Identity & Contact: name, title, company, address, phone, email.
  • Commercial & Contractual: customer identifiers, contract documents, statements of work, billing and payment details, tax identifiers.
  • HR & Recruitment: CVs, interview notes, employment records, payroll information for staff and contractors.
  • Technical & Usage: IP addresses, device identifiers, logs, cookies, session data, telemetry and error reports.
  • Sensitive categories (limited): where required for background checks or legal compliance, we may process limited sensitive data (e.g., criminal record checks) subject to strict legal basis and safeguards.

C. Legal Bases & Legitimate Interests

Where applicable law requires, we rely on legal bases including contract performance, legal compliance, consent, and legitimate interests (e.g., operating the Services, protecting security, preventing fraud, and improving the business). When relying on legitimate interests we conduct balancing assessments and provide opt-outs where required by law.

D. Use Cases & Purposes

  • Provide, support and operate the Services and customer implementations.
  • Billing, collections, financial reporting and tax compliance.
  • Recruitment, employment administration and contractor management.
  • Security, investigations, fraud detection, and incident response.
  • Marketing and communications (with consent where required).
  • Legal and regulatory obligations, dispute management and audit.

E. Data Sharing, Subprocessors & International Transfers

We share data with authorized subprocessors and vendors that provide hosting, analytics, customer support, payment processing, e-mail delivery and legal services. These parties are contractually obligated to protect data and only process it for specified purposes.

International & cross-border transfers occur as part of global operations. We rely on appropriate safeguards (e.g., Standard Contractual Clauses, adequacy decisions, or other lawful mechanisms). Customers may request our list of subprocessors and transfer mechanisms via the Privacy Team contact below.

F. Retention Policy (Illustrative)

Retention periods depend on data type, contractual obligations and legal requirements. Typical retention ranges:

  • Transactional & billing records: 7 years (or as required by tax law)
  • Service logs & telemetry: 1 year (unless required longer for security/forensics)
  • Recruitment records: up to 2 years after recruitment process closes
  • Customer project artifacts and archives: as specified in customer agreements

G. Security & Certifications

We maintain technical and organizational measures such as encryption in transit and at rest, access controls, multi-factor authentication, network segmentation, vulnerability management and regular audits. Where applicable we align to industry standards (e.g., ISO 27001, SOC 2) and will share evidence of controls under NDA or contractual audit rights.

H. Data Breach & Incident Response

We operate an Incident Response Program. In the event of a security incident affecting personal data, we will investigate, contain, remediate and notify affected parties and regulators as required by law and as set out in customer agreements. Notification timelines will follow legal requirements and contractual commitments.

I. Data Subject Rights (GDPR, CCPA and similar)

Where applicable, individuals have rights including access, correction, deletion, restriction, portability, objection and the right to withdraw consent. Specific regional rights include:

  • GDPR (EU/EEA/UK): Right to access, rectification, deletion, restriction, objection, portability, and lodge a complaint with supervisory authority.
  • CCPA/CPRA (California): Right to know, delete, opt-out of sale/sharing, and non-discrimination. Requests can be submitted via the contact details below.

J. Automated Decision-Making & Profiling

We may use automated systems for analytics, fraud detection and service personalization. We do not use solely automated decision-making that produces legal or similarly significant effects for individuals without human review, unless expressly agreed and disclosed in customer agreements.

K. Children & Minors

Our Services are not directed at children under applicable legal minimum ages. We do not knowingly collect personal data from minors; if we become aware we will take steps to delete it.

L. How to Exercise Rights or Raise Concerns

To exercise data subject rights, request subprocessors, transfer mechanisms, or for privacy-related inquiries, contact our Privacy Team:

admin@illuminatorglobal.site
Data Protection Officer (if appointed): contact via the same address or by certified mail to our registered office as listed in contractual documents.

M. Data Processing Addendum (DPA)

For customers requiring detailed processing terms, we offer a DPA which describes processing instructions, subprocessors, security measures, audit rights, incident response obligations and international transfer mechanisms. Contact your account lead or admin@illuminatorglobal.site to request the DPA.

N. Changes to this Policy

We may update this policy periodically to reflect changes in law, technology, or business practices. Material changes will be communicated to customers and site users as required by law and contractual obligations. Continued use of our Services following notice constitutes acceptance of the updated policy.

O. Regulatory & Supervisory Complaints

You may lodge complaints with applicable supervisory authorities (e.g., data protection regulators in your jurisdiction). We will cooperate with such authorities and comply with any lawful orders.

P. Contact & Legal Notices

Privacy Team: admin@illuminatorglobal.site
Legal Notices: admin@illuminatorglobal.site

Note: This page provides an enterprise-level overview and does not replace contractual DPAs or specific customer schedules. For contract-specific data handling, rely on the executed contract and DPA.