Privacy Policy, DevOptiv | IT Services and Consulting Company

DevOptiv Inc. ("DevOptiv," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, store, and protect information when you visit https://devoptiv.com and use our software development, cloud operations, and digital marketing services (collectively, the "Services").

This policy includes our SMS/text messaging practices in compliance with the Telephone Consumer Protection Act (TCPA), RingCentral's SMS/MMS Content Policies, the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA).

1. Who We Are

Legal Entity

DevOptiv Inc.

Address

BayWood Dr, Stittsville, ON K2S 1K5, Canada

Email

[email protected] | [email protected]

Phone

+1 (657) 686-6729

Website

https://devoptiv.com

Data Protection Officer

[email protected]

2. Information We Collect

2.1 Categories of Personal Information (CCPA Compliance)

Category	Examples	Collected
Identifiers	NameEmailPhone numberIP addressAccount credentials	Yes
Personal Records	NameContact informationBilling address	Yes
Protected Characteristics	AgeGender (if voluntarily provided)	No
Commercial Information	Service inquiriesProposalsContractsPayment history	Yes
Biometric Information	FingerprintsFace scans	No
Internet Activity	Pages visitedSearch queriesClickstream dataReferring URL	Yes
Geolocation Data	Approximate location from IP address	Yes
Sensory Data	AudioVideo recordings	No
Professional/Employment	Job titleCompany nameIndustryBusiness size	Yes
Non Public Education	Education records	No
Inferences	Profiles reflecting preferencesService needs	Yes

2.2 Service Specific Data

For Software Development & Cloud Ops:- Technical specifications and system requirements, Cloud infrastructure credentials (encrypted), DevOps tool configurations and access logs, Error logs and debugging information

For SEO/Marketing Services:- Website analytics data and performance metrics, Search engine ranking data, Content management system (CMS) access credentials, Marketing campaign performance data

For SMS Communications:- Mobile phone number, Opt-in timestamp and method (web form, keyword, written agreement), Message delivery status and engagement metrics, Opt-out requests and timestamps (retained for 5+ years per TCPA)

3. How We Collect Data

Direct Collection:- Web forms, phone calls, emails, SMS opt-ins, contracts

Automated Collection:- Cookies, Google Analytics, server logs, error tracking tools

Third Parties:- HubSpot (CRM), RingCentral (SMS), AWS/Azure (cloud hosting), Google Ads (marketing)

4. How We Use Your Data

Purpose	Legal Basis	Categories Used
Software Development	Contract	ADItechnical specs
Cloud Operations & DevOps	Contract	AFGcloud credentials
SEO & Marketing Services	Contract/Consent	AFIK
Client Communication	Legitimate Interest	ABI
SMS Program Delivery	Consent	A (phone)SMS data
Marketing Communications	Consent	AFI
Payment Processing	Contract	AD
Security & Fraud Prevention	Legitimate Interest	AFG
Legal Compliance	Legal Obligation	All categories

5. SMS / Text Messaging Policy (TCPA & RingCentral Compliant)

5.1 Prior Express Written Consent

We obtain prior express written consent before sending any SMS messages. Consent is never implied, pre-checked, or a condition of purchase.

Consent Disclosure (Displayed at Collection): By providing your mobile number, you consent to receive SMS messages from DevOptiv regarding project updates, cloud operations alerts, and marketing insights. Message frequency: up to 4 messages per month. Message and data rates may apply. Reply STOP to cancel, HELP for assistance. We only send messages between 8:00 AM - 9:00 PM your local time. View our Privacy Policy and Terms of Service.

Consent Methods: Unchecked checkbox on web forms, Keyword opt-in (e.g., texting "DEVOPTIV" to our number), Written agreement (contracts/proposals)

5.2 Prohibited Content (RingCentral TCR Requirements)

Prohibited Content: Per RingCentral's SMS/MMS Content Policies, we strictly prohibit and do not send: Loan, mortgage, or credit repair advertisements, Work from home or multilevel marketing promotions, Political advertisements or campaigning, Alcohol, tobacco, or firearms promotions, Pharmaceutical or drug advertisements, Gambling, sweepstakes, or lottery content, Content using purchased or third-party lead lists

5.3 Message Types & Frequency

We may send:

Service Updates: Development milestones, deployment notifications
Cloud Operations: Infrastructure alerts, maintenance windows, security notifications
SEO/Marketing: Campaign performance summaries, optimization recommendations
Meeting Reminders: Consultation calls, project reviews
Security Alerts: Unauthorized access warnings, credential reset confirmations
Frequency: Maximum 4 messages per month
Quiet Hours: 8:00 AM - 9:00 PM recipient local time only
Throughput: Maximum 50 messages per minute per number

5.4 Opt-Out Rights

STOP: Reply STOP to any message for immediate unsubscribe. One confirmation message sent without promotional content.
HELP: Reply HELP for assistance or contact [email protected]
Email: Send "SMS Opt-Out" to [email protected]
Processing Time: Immediate for STOP replies; 10 business days maximum for other methods

5.5 SMS Data Protection

Phone numbers and consent records stored in HubSpot CRM with restricted access
SMS opt-in data and phone numbers collected for text messaging will NEVER be sold, shared, leased, or disclosed to any third parties or affiliates for marketing, promotional, or any other purposes. This data is used solely for delivering the SMS communications you consented to receive from DevOptiv Inc.
Consent records retained for minimum 5 years as required by TCPA
Message logs retained for 12 months for delivery verification

5.6 SMS Consent & Terms

If you consent to receive SMS from DevOptiv Inc., you agree to receive service updates, cloud operations alerts, SEO/marketing campaign summaries, meeting reminders, and security notifications via SMS from us.

Reply STOP to opt out at any time
Reply HELP for support, or email [email protected]
Message & data rates may apply
Message frequency may vary (up to 4 messages per month)
SMS opt-in data and phone numbers will not be shared with any third parties or affiliates for marketing purposes

View our full Privacy Policy at https://devoptiv.com/privacy-policy

6. Data Sharing & Subprocessors

6.1 Service Providers

Provider	Service	Data Shared	Safeguards
HubSpot	CRM, Marketing Automation, Email	Contact info, engagement data, SMS consent status	GDPR Article 28 DPA, EU-US Data Privacy Framework
RingCentral	SMS Gateway	Phone numbers, message content	TCPA compliance, encryption
AWS/Azure	Cloud Hosting	All service data	SOC 2 Type II, ISO 27001, encryption
Google Analytics	Web Analytics	IP address (anonymized), behavior	GDPR-compliant configuration
Stripe	Payment Processing	Payment info (tokenized)	PCI-DSS Level 1

6.2 Data Processing Agreements (GDPR Article 28)

All subprocessors (HubSpot, RingCentral, cloud providers) process data only on our documented instructions under Data Processing Agreements that include:

Confidentiality obligations for personnel
Security measures per Article 32
Subprocessor authorization and notification requirements
Assistance with data subject rights requests
Return/deletion of data upon termination
Audit rights and compliance cooperation

Standard Contractual Clauses (SCCs): We use EU Commission-approved SCCs (2021 versions) for international transfers to the US and Canada.

6.3 No Sale of Personal Information

We do not sell your personal information to third parties as defined under CCPA/CPRA.

We explicitly confirm that mobile opt-in data, including phone numbers collected via SMS consent forms or any other opt-in method, will NEVER be sold, shared, leased, or disclosed to third parties or affiliates for marketing or promotional purposes.

SMS opt-in consent is used solely for delivering messages from DevOptiv Inc. to the individual who has provided consent.

7. Cookies & Tracking

Category	Purpose	Duration	Consent Required
Essential	Authentication, security, site functionality	Session - 1 year	No
Analytics	Google Analytics, performance monitoring	1-2 years	Yes
Marketing	SEO tracking, ad conversion (Google Ads)	90 days - 1 year	Yes
Functional	Language preferences, CMS settings	1 year	Yes

Control: Manage preferences via our cookie banner or browser settings. We honor Do Not Track signals for analytics.

8. Data Retention

Data Type	Retention Period	Legal Basis
Client account information	Duration of contract + 7 years	Tax/accounting laws
SMS consent records	5 years minimum	TCPA compliance
Cloud operations logs	12 months	Security, debugging
SEO campaign data	3 years after campaign end	Contract performance
Marketing data	Until opt-out + 1 year	Consent management
Deleted accounts	30 days post-deletion, then permanent	Data minimization

Upon expiration, data is securely deleted or irreversibly anonymized.

9. Data Security & Breach Notification

9.1 Security Measures

Encryption: AES-256 at rest, TLS 1.3 in transit
Access Controls: Role-based access (RBAC), multi-factor authentication (MFA)
Monitoring: 24/7 security operations center (SOC), intrusion detection
Audits: Quarterly vulnerability assessments, annual penetration testing

9.2 Breach Notification

In the event of a personal data breach:

Supervisory Authorities: Within 72 hours of discovery (GDPR Article 33)
Affected Individuals: Without undue delay if high risk to rights/freedom
Clients (B2B): Within 24 hours for breaches affecting client data
Content: Nature of breach, data categories involved, likely consequences, measures taken, DPO contact

10. Your Privacy Rights

10.1 GDPR Rights (EEA/UK Residents)

Access, rectify, or erase your personal data
Restrict or object to processing
Data portability (machine-readable format)
Withdraw consent (without affecting prior lawful processing)
Lodge complaint with supervisory authority (e.g., UK ICO)

10.2 CCPA/CPRA Rights (California Residents)

Right to Know: Categories and specific pieces of personal information collected
Right to Delete: Request deletion (subject to service provision/legal obligations)
Right to Correct: Update inaccurate information
Right to Opt-Out: Of "sale" or "sharing" (we do not sell data)
Right to Limit: Use of sensitive personal information
Right to Non-Discrimination: For exercising privacy rights

Authorized Agents: You may designate an agent to submit requests. We will verify their authority before processing.

Exercising Rights: Contact [email protected] or call +1 (657) 686-6729. We respond within 45 days (extendable with notice).

11. International Data Transfers

Your data may be processed in Canada, the United States, and other jurisdictions. When transferring from the EEA, UK, or Switzerland:

We use Standard Contractual Clauses (SCCs) (2021 versions)
HubSpot and AWS participate in the EU-US Data Privacy Framework
We implement supplementary technical measures (encryption) where required

12. Children's Privacy

We do not knowingly collect data from individuals under 16. If discovered, we will delete such data immediately. Contact [email protected] to report.

13. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for their privacy practices. Please review their policies separately.

14. Policy Updates

We may update this policy to reflect legal, regulatory, or operational changes. Material changes affecting your rights will be notified via:

Email to registered users (30 days notice)
Prominent banner on Site (30 days notice)
SMS notification to opted-in users (for SMS-related changes)

Continued use after changes constitutes acceptance.

15. Contact Us

DevOptiv Inc.

BayWood Dr, Stittsville, ON K2S 1K5, Canada

Email: [email protected] | [email protected]

Phone: +1 (657) 686-6729

Website: https://devoptiv.com

For SMS Support: Reply HELP to any message or contact [email protected] with subject "SMS Support"

Appendix A: SMS Campaign Registration (TCR/10DLC)

Required for RingCentral 10DLC Registration:

Field	Value
Brand Name	DevOptiv Inc.
Legal Entity	DevOptiv Inc.
Website	https://devoptiv.com
Privacy Policy URL	https://devoptiv.com/privacy-policy
Contact Email	[email protected]
Contact Phone	+1 (657) 686-6729
Campaign Use Case	Software development, cloud operations, and SEO marketing services communications
Message Content	Service updates, cloud ops alerts, SEO campaign updates, meeting reminders, security notifications
Message Frequency	Up to 4 messages per month
Opt-In Method	Web form (unchecked checkbox), keyword text-to-join, written contract
Opt-Out	Reply STOP
Help	Reply HELP or email [email protected]

Prohibited Content Certification:

This campaign does NOT and will NOT transmit prohibited content including: SHAFT (Sex, Hate, Alcohol, Firearms, Tobacco), gambling, sweepstakes, lottery, loan advertisements, credit repair, work-from-home schemes, political content, or pharmaceutical promotions. We do not use purchased lead lists.

Data Privacy Certification:

SMS opt-in data and phone numbers are used solely for message delivery and compliance record-keeping. This data is not sold, shared, or disclosed to third parties for marketing purposes.