- 832.753.7557
- info@jurisec.com
Home / Privacy Statement
Effective from: 1st February 2026
JuriSec Technologies (“JuriSec,” “we,” “our,” or “us”) provides policy and regulatory compliance services powered by legal expertise and AI-driven tooling. Protecting your personal data is core to our mission. This privacy policy explains what data we collect, why we collect it, how we use it, and what choices and rights you have regarding your information.
This Policy applies to personal data collected through our websites, portals, applications, services, emails, events, and interactions (collectively, “Services”). It is designed to comply with applicable local laws where we operate and with internationally recognized standards including the EU General Data Protection Regulation (GDPR) where relevant. Where local law imposes additional requirements, we follow those rules as applicable.
If you are located in a jurisdiction with additional rights (for example the EU), we explain those rights below.
JuriSec Technologies is the data controller for personal data processed in connection with our Services, unless otherwise stated.
Contact: 832.753.7557
Data Protection Officer (DPO) / Privacy Lead
Email: info@jurisec.com
If you have privacy questions, wish to exercise your rights, or want to make a complaint, contact us at the address above.
This Policy covers personal data about:
We avoid collecting unnecessary personal data. Sensitive personal data is processed only where strictly necessary and with additional safeguards.
We collect the following categories of personal data depending on the context:
Full name, job title, organization, business address, telephone number, business email.
Communications, meeting notes, contract and invoice data, service usage logs, subscription preferences.
IP address, browser and device information, cookies and similar tracking technologies, login metadata, system logs.
Audit trails, access logs, incident records, vendor risk information, compliance documentation and evidence.
Organization details, role and responsibilities, regulatory identifiers, professional credentials.
CVs, interview notes, references — processed under separate HR rules.
We do not intentionally collect special category (sensitive) personal data unless required (and then only with explicit legal basis and safeguards).
We obtain data from:
We use cookies and tracking technologies in accordance with our Cookie Notice. You can control cookie preferences via your browser and our cookie banner.
We process personal data for specific, limited purposes and on lawful grounds:
To deliver consulting, advisory, technical services, training, reports, and to perform contractual obligations.
To meet tax, accounting, sanctions screening, audit, and law enforcement requirements.
Examples include: improving Services, security and fraud prevention, managing relationships, marketing to business contacts, and ensuring the integrity of our technology. We balance legitimate interests against individual privacy rights.
Where required (for example marketing emails in some jurisdictions), we rely on consent. You can withdraw consent any time.
Processing is necessary for recruitment, payroll, and employment relationship management (where applicable).
We retain records for legitimate legal or regulatory defense and for compliance with retention obligations.
We use AI and analytics as part of our Services (e.g., regulatory mapping, risk scoring, and automation of compliance tasks). Where AI processes personal data, we design systems with human oversight and explainability: outputs are subject to professional review and human decision-making. We do not rely solely on automated decisions that produce legal or similarly significant effects without human review. If you are subject to automated decisions and the law requires additional safeguards, we will provide information and options as required.
We may share personal data with:
We require contractual safeguards, confidentiality obligations, and security controls from all third parties. We do not sell personal data.
Because we operate globally, personal data may be transferred to, and processed in, jurisdictions outside your country. Where transfers occur, we implement appropriate safeguards such as:
If you would like details on a specific transfer or safeguards used, contact the DPO.
We retain personal data only as long as necessary for the purpose collected, to satisfy contractual, legal, or regulatory obligations, or to resolve disputes. Typical retention examples:
When we no longer need data, we securely delete, anonymize, or aggregate it. If legal obligations require longer retention, we will retain records accordingly.
We apply industry-standard organizational, technical, and physical safeguards to protect data, including:
We follow recognized frameworks (for example, NIST, ISO 27001/27002, SOC2 practices) to design and maintain our security posture. No system is perfectly secure, but we make continuous investments to reduce risk.
If a personal data breach occurs that poses a risk to individuals’ rights and freedoms, we will:
If you suspect a breach affecting your data, contact our DPO immediately.
We use cookies and similar technologies to operate the website, analyze usage, and support marketing. Our cookie banner explains categories (essential, analytics, functional, marketing). You can manage preferences or disable non-essential cookies via the banner or your browser settings. Disabling cookies may affect some functionality.
Depending on your jurisdiction, you may have some or all of the following rights:
To exercise rights, contact privacy@jurisec.tech. We will verify your identity and respond within legal timeframes (e.g., one month under GDPR), extendable where permitted by law.
For data subject requests we generally:
If we cannot fully comply with a request, we will explain reasons and any available remedies.
If you provide personal data about another person, you must inform them of this Policy and ensure you have the right to share their data with us. We rely on the person providing the data to ensure lawful collection.
Our Services are intended for business and adult use. We do not knowingly collect personal data from minors for these Services. If we become aware that we have collected personal data from a minor in violation of this Policy, we will delete it.
We may send newsletters, product updates, and event invitations to business contacts where we have consent or a legitimate interest. Each communication offers easy opt-out mechanisms. Even if you opt out, we may send service-related messages necessary for contractual performance.
Our Services may link to third-party websites and platforms. This Policy does not apply to third-party sites. We recommend reviewing their privacy policies before sharing personal data. We use reputable third-party subprocessors and require contractual protections.
We maintain a list of subprocessors (service providers) who process data on our behalf. We perform due diligence, require contractual data protection terms, and periodically audit critical vendors.
If you wish to request the current list of subprocessors, contact 832.753.7557
We comply with lawful requests from law enforcement and government authorities where required. Where disclosure is compelled, we seek to limit the scope and notify affected individuals unless legally prohibited. For requests from outside our domicile, we rely on applicable legal mechanisms and safeguards.
We may update this Policy as laws, technology, or services change. We will post updates on our website with the revised effective date. For material changes, we will provide prominent notice or email notification to users where appropriate.
If you are unsatisfied with our response, you may lodge a complaint with your local supervisory authority (for example, a data protection authority in your country or the European Data Protection Board if you are in the EU). We will cooperate with authorities and provide required information.
JuriSec is committed to following applicable local privacy laws where we operate. This Policy is drafted to align with commonly applicable requirements including GDPR principles (lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, accountability). For specific jurisdictional requirements (for example local data protection statutes), we apply additional controls and legal bases as necessary.
For transfers from the EU to other countries, we rely on appropriate safeguards (standard contractual clauses, adequacy decisions, or other lawful transfer mechanisms).
We recognize the specific risks of AI. To protect data used in model development or inference, we:
For AI-related questions or to request documentation about model inputs and controls, contact 832.753.7557
To request access, portability, or deletion:
We recognize the sensitive and privileged nature of certain client information. Where privileged, confidential, or client-protected data is involved, we treat that information with enhanced safeguards, segregation, and contractual protections. We will not access or process privileged material beyond what is required to deliver agreed Services and as permitted by applicable professional rules.
If you are an applicant or employee, some sections of this Policy apply alongside our employment privacy notices which set out how we process HR and payroll data.
Where applicable, this Policy should be read alongside:
This Policy explains our practices. It is not a contract and does not create legal rights for third parties. For a formal DPA or contractual terms, please contact your JuriSec engagement lead.
Need legal advice? This policy does not replace legal counsel. For jurisdiction-specific compliance obligations, consult qualified counsel.
Questions, complaints, or requests: info@jurisec.com
Phone: 832.753.7557
