How We Handle
Your Information

Introduction

Digital 520 is a US-based management consulting firm serving regulated and mission-driven organizations across financial services, healthcare, nonprofit, and technology sectors. We provide advisory, strategy, and implementation services in areas including compliance, AI governance, data privacy, digital transformation, and organizational development.

This Privacy Policy describes how Digital 520 collects, uses, shares, and protects personal information obtained through our website and in the course of our business relationships. It applies to visitors to our website, prospective clients who contact us, and individuals who engage with our digital content.

If you have questions about this policy or how we handle your information, please contact us at hello@digital520.com.

Information We Collect

We collect information in three primary ways: directly from you when you submit a form or contact us, automatically through your use of our website, and through business communications.

Contact and inquiry information — When you fill out a form on our website, request a discovery call, or reach out by email, we may collect your name, email address, phone number, company or organization name, and the content of your message.

Website usage data — We automatically collect certain technical information when you visit our site, including pages viewed, time spent on each page, browser type and version, device type, and general geographic region derived from your IP address. This data is aggregated and used to understand site performance.

Communications — We retain records of emails and other communications sent to or received from you in the ordinary course of business inquiry and client engagement.

What we do not collect — We do not collect sensitive personal information through our website, including Social Security numbers, government-issued ID numbers, financial account numbers, payment card data, health or medical records, or biometric data. Our website is not designed to receive or store this category of information.

How We Use Your Information

We use the personal information we collect for the following purposes:

• Responding to inquiries and scheduling discovery or introductory calls with prospective clients
• Delivering consulting, advisory, and implementation services to current clients, including communication, project management, and deliverable coordination
• Sending relevant updates, insights, or service announcements to individuals who have expressed interest in hearing from us — you may opt out at any time
• Analyzing website usage patterns to improve site performance, navigation, and content relevance
• Maintaining business records and complying with applicable legal, regulatory, and professional obligations

We do not use personal information for automated decision-making or profiling that produces legal or significant effects on individuals.

How We Share Your Information

Digital 520 does not sell, rent, or trade personal information. We share information only in the limited circumstances described below.

• Service providers — We use third-party tools to operate our business, including Formspree for web form processing, Calendly for appointment scheduling, and analytics platforms for site usage measurement. These providers access only the data necessary to perform their function and are subject to their own privacy policies and data protection obligations.
• Legal requirements — We may disclose personal information if required to do so by applicable law, court order, regulatory authority, or governmental request, or where disclosure is necessary to protect the rights, safety, or property of Digital 520, our clients, or the public.
• Business transfers — In the event of a merger, acquisition, reorganization, or sale of all or substantially all of our assets, personal information we hold may be transferred as part of that transaction. We will notify affected individuals as required by applicable law.

In all cases, we share only the minimum information necessary and take reasonable steps to ensure appropriate data protection measures are in place.

Cookies & Analytics

Our website uses cookies and similar technologies to understand how visitors interact with our content. Cookies are small text files stored on your device that help us measure page visits, session duration, and navigation patterns.

• We use analytics tools (such as Google Analytics or equivalent) to collect aggregated, non-personally-identifying usage data. This data helps us understand which content is most useful and how to improve site navigation.
• We do not use advertising cookies, cross-site tracking pixels, or behavioral profiling technologies on our website.
• You may disable or delete cookies at any time through your browser settings. Disabling cookies will not prevent you from accessing our site, though some functionality may be limited.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law and professional obligations.

• Contact form submissions and general inquiries are retained for up to two years from the date of receipt, unless an ongoing client relationship requires longer retention.
• Client engagement records — including project documentation, communications, and deliverables — are retained as required by applicable professional, legal, and contractual obligations, which may extend beyond the term of an engagement.
• Website analytics data is retained in aggregated form consistent with the practices of the analytics provider.

You may request deletion of your personal information at any time by contacting us at hello@digital520.com. We will respond to deletion requests within 30 days, subject to any overriding legal or professional retention obligations.

Your Rights

Depending on your location and applicable law, you may have the following rights with respect to your personal information:

• Access and portability — You have the right to request a copy of the personal information we hold about you.
• Correction — You have the right to request that we correct inaccurate or incomplete information.
• Deletion — You have the right to request that we delete your personal information, subject to applicable legal and professional retention requirements.
• Opt-out of marketing — You may opt out of receiving marketing or informational emails from Digital 520 at any time by contacting us directly or using the unsubscribe mechanism in any such communication.
• California residents (CCPA) — If you are a California resident, you have the right to know what personal information we collect and how it is used, the right to request deletion, and the right to opt out of the sale of personal information. Digital 520 does not sell personal information. To exercise CCPA rights, contact us at hello@digital520.com.
• EU and UK residents (GDPR/UK GDPR) — If you are located in the European Union or United Kingdom, you have additional rights under the GDPR and UK GDPR, including the right to object to processing, the right to restrict processing, and the right to lodge a complaint with your local supervisory authority. Our lawful basis for processing contact and inquiry data is legitimate interest; for client engagement data, our basis is the performance of a contract.

To exercise any of these rights, please contact us at hello@digital520.com. We will respond within the timeframe required by applicable law.

Data Security

We take the security of your personal information seriously and implement industry-standard administrative, technical, and physical measures to protect against unauthorized access, disclosure, alteration, or destruction.

• Data in transit is protected using TLS encryption.
• Access to personal data within our organization is limited to individuals with a legitimate business need.
• We review and update our security practices on an ongoing basis as part of our broader information security program.

No method of electronic transmission or storage is completely secure. While we work diligently to protect your information, we cannot guarantee absolute security of data transmitted over the internet or stored on our systems.

In the event of a data breach that poses a risk to the rights and freedoms of affected individuals, we will notify those individuals and, where required, the applicable regulatory authority, within the timeframe mandated by law.

Children's Privacy

Digital 520's services are directed exclusively to business professionals and organizations. Our website is not intended for individuals under the age of 18, and we do not knowingly collect personal information from minors.

If we become aware that we have inadvertently collected personal information from a person under 18, we will take prompt steps to delete that information. If you believe a minor has submitted information through our site, please contact us at hello@digital520.com.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or the services we offer. When we make changes, we will update the effective date shown at the top of this page.

For material changes — those that meaningfully affect how we collect, use, or share your personal information — we will make reasonable efforts to provide advance notice to individuals with whom we have an active business relationship, such as by direct email communication.

We encourage you to review this policy periodically to stay informed about how we handle your information.

Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or how we handle your personal information, please reach out to us directly. We are committed to addressing all inquiries promptly and transparently.