Desktop

Privacy Policy

Return to homepage
Return to homepage
Return to homepage

PRIVACY POLICY

Effective Date: November 1, 2025
Last Updated: November 8, 2025


⚠️ IMPORTANT NOTICE: This policy is currently under legal review and may be updated. Rintuit Consulting LLC maintains its commitment to transparency and compliance — finalized versions will be published shortly.


1. SCOPE AND CONTROLLER INFORMATION

This Privacy Policy ("Policy") applies to all information collected by Rintuit Consulting LLC ("Rintuit," "Company," "we," "us," or "our"), a Nevada Limited Liability Company, through:

  • Our website (rintuit.com) and all subdomains

  • Professional consulting services and engagements

  • Communications, forms, and business interactions

  • Marketing materials and business development activities

Data Controller: Rintuit Consulting LLC
Contact: privacy@rintuit.com
Registered Address: [Nevada Registered Agent Address]
Business Operations: Remote-First (U.S. Nationwide)

2. INFORMATION WE COLLECT

A. Information You Provide Directly

  • Contact Information: Name, email address, phone number, mailing address

  • Professional Information: Job title, company name, department, professional credentials

  • Business Information: Project requirements, technical specifications, security needs

  • Employment Data: Resume, work history, references (for staffing services only)

  • Communication Records: Email correspondence, form submissions, meeting notes

  • Payment Information: Billing address, purchase order numbers (payment processing handled by third-party processors)

B. Information Collected Automatically

  • Technical Data: IP address, browser type and version, device identifiers, operating system

  • Usage Analytics: Pages visited, time spent, click patterns, referral sources, search terms

  • Performance Metrics: Website load times, error reports, feature usage statistics

  • Location Data: General geographic location based on IP address (country/state level)

C. Information from Third Parties

  • Professional Networks: LinkedIn profile information (with your consent)

  • Business Partners: Referral information from trusted partners

  • Public Sources: Publicly available business information for relationship management

WE DO NOT SELL, RENT, OR TRADE YOUR PERSONAL INFORMATION TO THIRD PARTIES FOR MARKETING PURPOSES.

3. LEGAL BASIS FOR PROCESSING (GDPR/INTERNATIONAL USERS)

We process personal information based on the following legal grounds:

  • Contractual Necessity: To perform our consulting services and fulfill agreements

  • Legitimate Interests: Business operations, security, fraud prevention, and service improvement

  • Consent: Marketing communications and optional data processing (withdrawable at any time)

  • Legal Compliance: Regulatory requirements, tax obligations, and legal processes

  • Vital Interests: Protection of health, safety, or security when necessary

4. HOW WE USE YOUR INFORMATION

A. Primary Business Purposes

  • Respond to inquiries and provide requested consulting services

  • Manage client relationships, project delivery, and contract performance

  • Process payments and maintain billing records

  • Provide technical support and customer service

  • Conduct staffing and recruitment activities

B. Business Operations

  • Improve website functionality, security, and user experience

  • Analyze usage patterns and optimize service delivery

  • Maintain business records and legal compliance

  • Protect against fraud, security threats, and legal liability

  • Conduct internal audits and quality assurance

C. Communications (With Consent)

  • Send service-related updates and important notices

  • Provide industry insights and cybersecurity updates

  • Share relevant business opportunities and partnerships

  • Conduct customer satisfaction surveys

Data Minimization Principle: We collect and process only the minimum data necessary for legitimate business purposes.

5. COOKIES AND TRACKING TECHNOLOGIES

A. Types of Cookies Used

  • Essential Cookies: Required for website functionality and security

  • Analytics Cookies: Google Analytics, website performance metrics

  • Functional Cookies: User preferences, session management

  • Marketing Cookies: Only with explicit consent for authorized campaigns

B. Third-Party Analytics

We use industry-standard analytics tools including:

  • Google Analytics (with IP anonymization enabled)

  • Website performance monitoring tools

  • Security monitoring and threat detection systems

C. Cookie Management

  • You can disable non-essential cookies through browser settings

  • Cookie preferences can be updated via our cookie banner

  • Disabling cookies may limit website functionality

Cookie Retention: Most cookies expire within 12 months; essential cookies may persist longer for security purposes.

6. DATA SHARING AND DISCLOSURE

A. Authorized Service Providers

We share information with trusted third-party vendors who assist with:

  • Web hosting and cloud infrastructure (AWS, secure hosting providers)

  • Payment processing (payment processors with PCI DSS compliance)

  • Analytics and performance monitoring (Google Analytics, security tools)

  • Professional services (legal counsel, accounting, insurance providers)

Vendor Requirements: All service providers must sign data processing agreements and implement appropriate security measures.

B. Legal and Regulatory Disclosure

We may disclose information when required by:

  • Legal Process: Subpoenas, court orders, regulatory investigations

  • Law Enforcement: Valid government requests with proper legal authority

  • Regulatory Compliance: Tax obligations, employment law, industry regulations

  • Emergency Situations: Immediate threats to health, safety, or security

C. Business Transfers

In connection with mergers, acquisitions, or asset sales, personal information may be transferred as part of business assets, subject to appropriate privacy protections.

NO SALE OF DATA: We do not sell, rent, or trade personal information for commercial purposes.

7. DATA SECURITY MEASURES

As a cybersecurity consulting firm, we implement enterprise-grade security controls:

A. Technical Safeguards

  • Encryption: AES-256 encryption for data at rest, TLS 1.3 for data in transit

  • Access Controls: Multi-factor authentication, role-based access, principle of least privilege

  • Network Security: Firewalls, intrusion detection, secure VPN access

  • Monitoring: 24/7 security monitoring, threat detection, incident response procedures

B. Administrative Controls

  • Security Training: Regular cybersecurity awareness training for all personnel

  • Background Checks: Comprehensive screening for employees with data access

  • Incident Response: Documented procedures for data breaches and security incidents

  • Regular Audits: Internal and external security assessments

C. Physical Security

  • Secure Facilities: Restricted access to systems and data storage locations

  • Device Management: Encrypted laptops, secure mobile device policies

  • Disposal Procedures: Secure destruction of hardware and data storage media

Security Limitation: Despite our robust security measures, no system is 100% secure. You acknowledge that data transmission over the Internet carries inherent risks.

8. INTERNATIONAL DATA TRANSFERS

A. Cross-Border Processing

If you are located outside the United States, your information may be processed and stored in the U.S., where privacy laws may differ from your jurisdiction.

B. Adequacy and Safeguards

For international transfers, we implement appropriate safeguards including:

  • Standard Contractual Clauses (SCCs) approved by relevant authorities

  • Adequacy decisions where available

  • Binding corporate rules for intra-company transfers

  • Certification schemes and codes of conduct

C. Data Subject Rights

International users retain privacy rights under applicable laws, including GDPR, UK GDPR, and other regional privacy regulations.

9. YOUR PRIVACY RIGHTS

A. Universal Rights

  • Access: Request copies of personal information we hold about you

  • Correction: Update or correct inaccurate personal information

  • Deletion: Request deletion of personal information (subject to legal obligations)

  • Opt-Out: Unsubscribe from marketing communications at any time

B. Enhanced Rights (GDPR, CCPA, and Similar Laws)

  • Data Portability: Receive personal information in a structured, machine-readable format

  • Restriction of Processing: Limit how we use your personal information

  • Objection: Object to processing based on legitimate interests

  • Automated Decision-Making: Protection from solely automated decision-making

C. Exercising Your Rights

  • Email: privacy@rintuit.com

  • Response Time: We will respond within 30 days (or as required by applicable law)

  • Verification: We may require identity verification to protect your privacy

  • No Discrimination: Exercising privacy rights will not result in discriminatory treatment

10. DATA RETENTION

A. Retention Periods

  • Active Client Data: Duration of business relationship plus 7 years for legal compliance

  • Marketing Data: Until consent is withdrawn or 3 years of inactivity

  • Website Analytics: 26 months (Google Analytics default retention)

  • Security Logs: 1 year for incident response and forensic analysis

  • Employment Records: As required by applicable employment and tax laws

B. Deletion Procedures

When retention periods expire, we:

  • Securely delete personal information using industry-standard methods

  • Anonymize data for legitimate business analytics (where legally permissible)

  • Maintain certificates of destruction for sensitive data disposal

11. THIRD-PARTY WEBSITES AND SERVICES

Our website may contain links to third-party websites, tools, or services. We are not responsible for the privacy practices of external websites. We strongly encourage you to review the privacy policies of any third-party sites before providing personal information.

Social Media: Our social media pages are governed by the respective platform's privacy policies in addition to this Policy.

12. CHILDREN'S PRIVACY

Our Services are designed exclusively for business professionals and organizations. We do not knowingly collect personal information from individuals under 16 years of age.

If we become aware that we have collected information from a child under 16, we will:

  • Delete the information immediately

  • Notify parents/guardians where legally required

  • Implement additional safeguards to prevent future collection

13. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

A. California Consumer Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Categories and specific pieces of personal information collected

  • Right to Delete: Deletion of personal information (subject to exceptions)

  • Right to Opt-Out: Opt-out of sale or sharing of personal information

  • Right to Correct: Correction of inaccurate personal information

  • Right to Limit: Limit use of sensitive personal information

B. CCPA Disclosures

  • Sale of Information: We do not sell personal information

  • Sharing for Advertising: We do not share personal information for cross-context behavioral advertising

  • Retention: See Section 10 for detailed retention periods

  • Sources: See Section 2 for information collection sources

14. POLICY UPDATES

A. Notification of Changes

We may update this Privacy Policy to reflect:

  • Changes in applicable privacy laws

  • Updates to our business practices

  • Enhanced security measures

  • New service offerings

B. Notice Requirements

  • Material Changes: 30 days advance notice via email to registered users

  • Minor Updates: Posted on website with updated "Last Updated" date

  • Continued Use: Constitutes acceptance of updated Policy

We encourage periodic review of this Policy to stay informed about our privacy practices.

15. CONTACT INFORMATION AND COMPLAINTS

A. Privacy Contact

Privacy Officer: arigge@rintuit.com

B. Regulatory Complaints

You have the right to lodge complaints with relevant supervisory authorities:

  • EU Users: Your local Data Protection Authority

  • California Users: California Attorney General's Office

  • Other Jurisdictions: Applicable privacy regulators

C. Response Commitment

We are committed to resolving privacy concerns promptly and will:

  • Acknowledge receipt within 2 business days

  • Investigate thoroughly and provide substantive responses

  • Implement corrective measures when appropriate