PRIVACY POLICY

Effective Date: 11/17/2025
Last Updated: 11/18/2025

Introduction

XCorp Technologies, LLC (“XCorp,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [www.xcorptech.com], use our managed services, or otherwise interact with us.

Please read this Privacy Policy carefully. By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.

1. Information We Collect

1.1 Personal Information You Provide

We collect information that you voluntarily provide to us, including:

Contact Information:

• Full name
• Business name and title
• Email address
• Phone number
• Mailing address
• Company information

Account Information:

• Username and password
• Security questions and answers
• Preferences and settings
• Communication preferences

Business Information:

• Company size and industry
• Technology infrastructure details
• IT environment information
• Service requirements

Payment Information:

• Billing address
• Payment method details (processed through secure third-party payment processors)
• Purchase history
• Invoice information

Communications:

• Information in emails, chat messages, or phone calls with us
• Support ticket content
• Consultation notes
• Feedback and survey responses

1.2 Information Automatically Collected

When you access our website or services, we automatically collect:

Device Information:

• IP address
• Browser type and version
• Operating system
• Device identifiers
• Screen resolution

Usage Information:

• Pages visited
• Time and date of visits
• Time spent on pages
• Click patterns
• Referring website addresses
• Search queries on our website

Location Information:

• General geographic location based on IP address
• Time zone

Cookies and Tracking Technologies:

• Session cookies
• Persistent cookies
• Web beacons
• Pixel tags
• Analytics data

1.3 Information from Third Parties

We may receive information from:

• Business partners and resellers
• Service providers and vendors
• Data analytics providers
• Marketing platforms
• Social media platforms (if you connect your accounts)
• Credit reporting agencies (for business accounts)
• Public databases

1.4 Information Collected During Service Delivery

When providing managed services, we may collect:

Technical Data:

• Network logs and configurations
• System performance metrics
• Security event logs
• Error reports and diagnostics
• Software and hardware inventory
• Backup and recovery data
• Bandwidth and resource usage

Monitoring Data:

• System health metrics
• Application performance data
• Security monitoring data
• User activity logs (aggregated and anonymized where possible)

Support Data:

• Remote access session logs
• Troubleshooting documentation
• Configuration changes
• Maintenance records

2. How We Use Your Information

2.1 Service Delivery and Management

We use your information to:

• Provide, maintain, and improve our managed services
• Monitor and manage your IT infrastructure
• Perform system maintenance and updates
• Provide technical support
• Troubleshoot problems
• Implement security measures
• Create backups and disaster recovery
• Generate reports and analytics
• Optimize system performance

2.2 Business Operations

We use your information to:

• Process transactions and payments
• Send invoices and payment reminders
• Manage contracts and agreements
• Verify identity and authorization
• Maintain accurate records
• Comply with legal obligations
• Enforce our terms and policies
• Protect against fraud and abuse

2.3 Communications

We use your information to:

• Respond to inquiries and support requests
• Send service notifications and updates
• Provide system alerts and security warnings
• Send administrative communications
• Notify you of changes to services or policies
• Conduct surveys and gather feedback

2.4 Marketing and Promotions

With your consent, we use your information to:

• Send marketing communications about our services
• Provide information about new features or offerings
• Send newsletters and blog updates
• Invite you to events and webinars
• Offer promotions and special offers
• Conduct market research

You can opt out of marketing communications at any time by clicking the unsubscribe link in emails, adjusting your preferences in your account, or contacting us directly.

2.5 Analytics and Improvement

We use your information to:

• Analyze usage patterns and trends
• Improve our website and services
• Develop new features and services
• Conduct research and analysis
• Create aggregated, anonymized statistics
• Benchmark performance

2.6 Security and Legal Compliance

We use your information to:

• Detect and prevent security threats
• Investigate potential violations
• Comply with legal obligations
• Respond to legal requests
• Protect our rights and property
• Enforce our agreements

3. How We Share Your Information

3.1 We Do Not Sell Your Information

XCorp Technologies does not sell, rent, or trade your personal information to third parties for their marketing purposes.

3.2 Service Providers and Vendors

We share information with trusted third-party service providers who perform services on our behalf:

Technology Vendors:

• Cloud infrastructure providers (AWS, Azure, Google Cloud)
• Software vendors and licensors
• Hardware manufacturers and suppliers
• Telecommunications providers

Business Service Providers:

• Payment processors
• Accounting and bookkeeping services
• Legal and professional advisors
• Insurance providers
• Banking institutions

Marketing and Analytics:

• Email marketing platforms
• CRM systems
• Analytics providers
• Advertising platforms
• Event management services

Support Services:

• Help desk software providers
• Collaboration tools
• Document management systems
• Remote monitoring tools

All service providers are contractually obligated to:

• Use information only for specified purposes
• Maintain appropriate security measures
• Comply with applicable privacy laws
• Not use information for their own purposes

3.3 Business Partners

We may share information with:

• Technology partners for integrated solutions
• Resellers and distributors
• Referral partners
• Co-marketing partners

3.4 Business Transfers

If XCorp Technologies is involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

3.5 Legal Requirements

We may disclose information when required by law or in good faith belief that such disclosure is necessary to:

• Comply with legal obligations, court orders, or subpoenas
• Enforce our agreements and policies
• Protect our rights, property, or safety
• Protect the rights, property, or safety of others
• Detect, prevent, or address fraud or security issues
• Cooperate with law enforcement

3.6 With Your Consent

We may share information with third parties when you explicitly consent or direct us to do so.

3.7 Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot identify you with:

• Industry analysts
• Business partners
• Investors
• Researchers
• Marketing partners
• The public

4. Data Security

4.1 Security Measures

XCorp Technologies implements comprehensive security measures to protect your information:

Technical Safeguards:

• Encryption in transit (TLS/SSL)
• Encryption at rest
• Firewalls and intrusion detection systems
• Multi-factor authentication
• Access controls and authentication
• Security monitoring and logging
• Regular security testing and audits
• Vulnerability management
• Secure software development practices

Organizational Safeguards:

• Employee security training
• Background checks for employees
• Confidentiality agreements
• Access limited to need-to-know basis
• Incident response procedures
• Business continuity planning
• Regular security policy reviews

Physical Safeguards:

• Secure data center facilities
• Physical access controls
• Environmental controls
• Equipment security

4.2 Data Breach Response

In the event of a data breach that affects your personal information, we will:

• Investigate the incident promptly
• Take steps to contain and remediate the breach
• Notify affected individuals as required by law
• Notify relevant authorities as required
• Provide information about the breach and protective measures
• Offer appropriate assistance (such as credit monitoring if applicable)

4.3 Limitations

While we implement robust security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information. You are responsible for:

• Maintaining the confidentiality of your passwords
• Securing your devices and networks
• Reporting suspected security issues promptly

5. Data Retention

5.1 Retention Periods

We retain your information for as long as necessary to:

• Provide services to you
• Fulfill the purposes described in this Privacy Policy
• Comply with legal obligations
• Resolve disputes
• Enforce our agreements

5.2 Specific Retention Periods

Active Client Data:

• Retained for the duration of our relationship plus the periods below

Account Information:

• 7 years after account closure (for business records)

Financial Records:

• 7 years after transaction (for tax and accounting purposes)

Technical Logs:

• 90 days to 2 years depending on log type and legal requirements

Marketing Data:

• Until you opt out or 3 years of inactivity

Support Communications:

• 3 years after resolution

5.3 Legal Holds

We may retain information longer when required by law or legal hold, or for legitimate business purposes such as ongoing litigation.

5.4 Deletion

When information is no longer needed, we securely delete or anonymize it. However, some information may remain in backup systems for a limited time.

6. Your Privacy Rights

6.1 Access and Portability

You have the right to:

• Request access to your personal information
• Receive a copy of your personal information
• Request information in a portable format
• Know what information we collect and how we use it

6.2 Correction and Update

You have the right to:

• Correct inaccurate information
• Update incomplete information
• Request changes to your information

6.3 Deletion

You have the right to request deletion of your personal information, subject to:

• Legal retention requirements
• Ongoing service needs
• Fraud prevention
• Legitimate business purposes

6.4 Opt-Out Rights

You have the right to:

• Opt out of marketing communications
• Opt out of certain data sharing
• Opt out of targeted advertising
• Disable non-essential cookies

6.5 Restriction of Processing

You have the right to request restriction of processing in certain circumstances.

6.6 Object to Processing

You have the right to object to certain processing of your information.

6.7 Exercising Your Rights

To exercise your privacy rights:

• Email: privacy@xcorptech.com
• Mail: XCorp Technologies, LLC, Attn: Privacy Officer, [Address]
• Phone: [Phone Number]
• Online Portal: [URL to privacy request portal]

We will respond to verified requests within 30-45 days (depending on jurisdiction). We may need to verify your identity before fulfilling your request.

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

Essential Cookies:

• Required for website functionality
• Session management
• Security features
• Cannot be disabled

Functional Cookies:

• Remember your preferences
• Language settings
• Display preferences

Analytics Cookies:

• Google Analytics
• Usage statistics
• Performance monitoring
• User behavior analysis

Marketing Cookies:

• Track visits across websites
• Measure ad effectiveness
• Personalize advertising
• Social media integration

7.2 Third-Party Cookies

We use the following third-party services that may set cookies:

• Google Analytics
• Google Tag Manager
• LinkedIn Insights
• HubSpot
• [Other services]

7.3 Managing Cookies

You can control cookies through:

• Browser Settings: Most browsers allow you to block or delete cookies
• Cookie Consent Tool: Use our cookie banner to manage preferences
• Opt-Out Tools:
  • Google Analytics Opt-Out: https://tools.google.com/dlpage/gaoptout
  • NAI Opt-Out: http://optout.networkadvertising.org/
  • DAA Opt-Out: http://optout.aboutads.info/

Note: Disabling essential cookies may affect website functionality.

7.4 Do Not Track

Our website does not currently respond to “Do Not Track” browser signals. We will update this policy if our practices change.

8. Children’s Privacy

XCorp Technologies’ services are intended for businesses and are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we discover that we have collected information from a child under 16, we will delete it immediately. If you believe we have collected information from a child, please contact us at privacy@xcorptech.com.

9. International Data Transfers

9.1 Data Location

Your information may be transferred to and processed in the United States or other countries where XCorp Technologies or our service providers operate. These countries may have different data protection laws than your country.

9.2 Transfer Safeguards

When transferring data internationally, we implement appropriate safeguards such as:

• Standard contractual clauses
• Data processing agreements
• Adequacy decisions
• Privacy Shield frameworks (where applicable)
• Binding corporate rules

9.3 European Economic Area (EEA)

For users in the EEA, we comply with GDPR requirements, including:

• Lawful basis for processing
• Data protection impact assessments
• Privacy by design principles
• Appropriate transfer mechanisms
• DPO contact information (if applicable)

10. California Privacy Rights

10.1 CCPA Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know:

• Categories of personal information collected
• Categories of sources
• Business purposes for collection
• Categories of third parties with whom we share information
• Specific pieces of information collected

Right to Delete:

• Request deletion of personal information (subject to exceptions)

Right to Opt-Out:

• Opt out of sale of personal information (we do not sell personal information)

Right to Non-Discrimination:

• Equal service and pricing regardless of privacy choices

Right to Correct:

• Request correction of inaccurate information

10.2 “Shine the Light” Law

California residents may request information about disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

10.3 Exercising CCPA Rights

California residents can exercise rights by:

• Email: privacy@xcorptech.com
• Toll-Free: 1-800-XXX-XXXX
• Online Form: [URL]

We will verify your identity and respond within 45 days.

11. Nevada Privacy Rights

Nevada residents have the right to opt out of the sale of personal information. XCorp Technologies does not sell personal information. If our practices change, we will update this policy and provide opt-out mechanisms as required.

12. Other State Privacy Rights

Residents of other states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Utah, etc.) have rights similar to those described above. Please contact us to exercise your rights.

13. Business Client Data

13.1 Data Processor Role

When providing managed services, XCorp Technologies often acts as a data processor on behalf of our business clients (data controllers). In these cases:

• Clients determine the purposes and means of processing
• We process data only according to client instructions
• Data Processing Agreements govern our relationship
• Client privacy policies apply to end-user data

13.2 Client Responsibilities

Business clients are responsible for:

• Providing privacy notices to their end users
• Obtaining necessary consents
• Ensuring lawful processing
• Responding to end-user privacy requests
• Compliance with applicable privacy laws

13.3 Subprocessors

We maintain a list of subprocessors used in delivering managed services, available upon request.

14. Changes to This Privacy Policy

14.1 Updates

We may update this Privacy Policy periodically to reflect:

• Changes in our practices
• Legal or regulatory requirements
• New technologies
• Feedback from users

14.2 Notification

We will notify you of material changes by:

• Posting the updated policy on our website
• Updating the “Last Updated” date
• Sending email notifications (for significant changes)
• In-app notifications
• Banner notifications on our website

14.3 Continued Use

Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy. If you disagree with changes, please discontinue use of our services.

14.4 Prior Versions

We maintain archived versions of prior Privacy Policies. Contact us to request previous versions.

15. Contact Information

15.1 Privacy Questions

For questions about this Privacy Policy or our privacy practices:

XCorp Technologies, LLC
Attn: Privacy Officer
[Street Address]
[City, State ZIP]

Email: privacy@xcorptech.com
Phone: [Phone Number]
Privacy Portal: [URL]

15.2 Data Protection Officer

If required by law, our Data Protection Officer can be reached at:
Email: dpo@xcorptech.com

15.3 Response Time

We will respond to privacy inquiries within 30 days (or as required by applicable law).

16. Supervisory Authority

If you are located in the EEA or UK, you have the right to lodge a complaint with your local supervisory authority if you believe our processing of your personal information violates applicable law.

BY USING OUR WEBSITE OR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND AGREE TO ITS TERMS.