Privacy Policy
Last updated: January 2025
GDPR Compliance Notice
We are committed to protecting your privacy and complying with GDPR regulations. This privacy policy explains how we collect, use, and protect your personal data.
1. Data Controller
Dorcha, based in Boston, MA, is the data controller for personal data processed through this website and our services.
2. Information We Collect
We collect information you provide directly to us, such as when you contact us or subscribe to our newsletter:
- Name and contact information
- Company information
- Communication preferences
- Website usage data (with consent)
- Service usage data for our AI security platform
3. Legal Basis for Processing
We process your personal data based on:
- Consent: For marketing communications and analytics
- Legitimate Interest: For business communications and service improvement
- Contract Performance: For providing our services
- Legal Obligation: For compliance with applicable laws
4. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our services
- Process transactions and send related information
- Send technical notices, updates, and support messages
- Respond to your comments and questions
- Communicate with you about products, services, and events
- Monitor and analyze trends and usage
- Detect, investigate, and prevent security incidents
5. Your Rights Under GDPR
You have the right to:
- Access: Request access to your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data
- Restriction: Request restriction of processing
- Portability: Request data portability
- Objection: Object to processing of your data
- Withdraw Consent: Withdraw consent at any time
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication
- Employee training on data protection
7. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required or permitted by law.
8. Cookies and Tracking
We use cookies and similar tracking technologies to improve your experience on our website. You can control cookie settings through your browser preferences.
9. Third-Party Services
We may use third-party services for analytics, hosting, and other functions. These services have their own privacy policies, and we encourage you to review them.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.
11. Children's Privacy
Our services are not intended for children under 16. We do not knowingly collect personal information from children under 16.
12. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.
13. Contact Us
For any privacy-related questions or to exercise your rights, contact us at:
Email: privacy@getdorcha.com
Address: Dorcha, Boston, MA
Data Protection Officer: dpo@getdorcha.com