Privacy Policy
Last updated: 16 June 2026
This Privacy Policy explains how Prosolviz, LLC ("Prosolviz," "we," "us," or "our") collects, uses, discloses, and protects personal information in connection with this website (www.prosolviz.com), our cybersecurity and GRC advisory services, and the Prosolviz Works software (works.prosolviz.com) (together, the "Services").
Contents
- Who we are
- Information we collect
- How and why we use it
- Text messaging (SMS)
- How we share information
- Service providers & subprocessors
- Prosolviz Works (software)
- International data transfers
- How long we keep data
- How we protect data
- Your rights (GDPR / UK GDPR)
- Your California rights (CPRA)
- Children's privacy
- Third-party links
- Changes to this policy
- How to contact us
1. Who we are
Prosolviz, LLC is an independent cybersecurity and governance, risk & compliance (GRC) advisory based in the Omaha, Nebraska area, United States. For privacy matters relating to this website and our advisory relationship, Prosolviz is the data controller. Where we process information on behalf of a business client — including customers of Prosolviz Works — we act as a processor under that client's instructions and our agreement (see section 7).
Privacy contact: privacy@prosolviz.com. We operate in the Omaha, Nebraska area; a mailing address is available on request, and our registered agent on file with the Nebraska Secretary of State accepts legal notices.
2. Information we collect
We aim to collect as little personal information as possible. Depending on how you interact with us, we may collect:
Information you give us
- Contact details and message content — for example, your name, email address, phone number, organization, and whatever you choose to write when you email, call, or text us.
- Engagement information — information you provide so we can scope and deliver advisory work or set up your Services.
Information collected automatically
- Server and security logs — when you visit the website or use the Services, our hosting and security providers automatically record technical data such as your IP address, approximate (coarse) location, browser and device type, pages requested, and timestamps, used to operate, secure, and troubleshoot the Services.
- Cookies — this website uses only strictly necessary cookies and no advertising or cross-site tracking. See our Cookie Policy.
We do not knowingly collect special categories of data (such as health or biometric data) through this website, and we ask that you not send such information to us by email or text.
3. How and why we use information (legal bases)
We use personal information to:
| Purpose | Legal basis (to the extent GDPR / UK GDPR applies) |
|---|---|
| Respond to your enquiry and provide information you request | Steps taken at your request before entering a contract; legitimate interests |
| Provide, maintain, and support our advisory services and software | Performance of a contract; legitimate interests |
| Secure the Services, prevent fraud and abuse, and keep logs | Legitimate interests (security and integrity) |
| Send service-related messages and, where applicable, texts you opted in to | Consent (for SMS); performance of a contract |
| Comply with legal, tax, and accounting obligations | Legal obligation |
Where we rely on consent (for example, SMS), you may withdraw it at any time. Where we rely on legitimate interests, you may object (see your rights below).
4. Text messaging (SMS)
If you opt in to receive text messages from us, we use your phone number only to send the messages described at sign-up. Message frequency varies. Message and data rates may apply. Reply STOP to opt out at any time and HELP for help. We do not sell or share mobile opt-in information, and your consent to texts is never a condition of purchasing anything. See our SMS Terms for full details.
5. How we share information
We share personal information only as needed to run our business and deliver the Services:
- Service providers (subprocessors) who process data on our behalf under contract — see the list below.
- Legal, safety, and compliance — when required by law or legal process, or to protect the rights, property, or safety of Prosolviz, our clients, or others.
- Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this policy.
We do not sell your personal information, and we do not share it for cross-context behavioral advertising as those terms are defined under California law.
6. Service providers & subprocessors
We rely on a small set of reputable vendors to host and operate the Services. Each is bound by contract to protect personal information and use it only to provide their service to us. "Where used" indicates whether a provider supports this website, our advisory work, and/or the Prosolviz Works software.
| Provider | Purpose | Where used |
|---|---|---|
| Cloudflare | Website hosting (Cloudflare Pages), CDN, security; in-app document rendering | Website · Works |
| Fly.io | Application hosting (United States — Chicago region) | Works |
| Tigris (on Fly.io) | Automated off-site database backups (object storage) | Works |
| Microsoft 365 | Business email & productivity; administrator sign-in; optional mailbox/calendar integration | Advisory · Works |
| Optional calendar integration and address/maps lookup | Works | |
| Anthropic (Claude) | AI features (drafting, summaries, assistant) — processes the text submitted to those features | Works |
| Twilio | Telephone and SMS messaging | Advisory · Works |
| SendGrid (Twilio) | Transactional email delivery | Advisory · Works |
| Stripe | Payment processing and payouts | Works |
| Intuit QuickBooks Online | Optional accounting/invoice sync (only if a customer connects it) | Works |
| BetterStack | Uptime monitoring and status page | Works |
This list may change as our providers do; the current list is maintained here and available on request.
7. Prosolviz Works (software)
Prosolviz Works is our software for small and trades businesses. When a business uses Works, that business is the controller of the personal information it puts into the product (its own customers, jobs, invoices, and communications), and Prosolviz acts as a processor handling that information under the business's instructions and our services agreement. Key points:
- Tenant isolation — each business's data is kept in its own separate database.
- Hosting & encryption — hosted in the United States (Chicago region), encrypted in transit (HTTPS) and at rest, with automated off-site backups.
- Integrations are opt-in — email/calendar (Microsoft or Google), payments (Stripe), and accounting (QuickBooks) connect only when the business enables them. AI features process the content submitted to them and are subject to plan limits.
- Data processing agreement — a DPA is available on request for business customers, and a dedicated Prosolviz Works terms of service and subprocessor list are being finalized.
8. International data transfers
We are based in the United States, and our providers process data in the United States and other countries. Prosolviz serves clients in the United States and does not target individuals in the European Economic Area or the United Kingdom. If personal information is nonetheless transferred from those regions, we and our providers rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum where applicable).
9. How long we keep data
- Client & engagement records — for the duration of the engagement and for up to seven (7) years afterward, consistent with tax, accounting, and professional record-keeping practice.
- Website enquiries from non-clients — up to 24 months, then deleted.
- Server and security logs — up to 6 months.
- Prosolviz Works customer data — retained per the business customer's instructions and our services agreement, and deleted or returned on termination as described in the DPA.
10. How we protect data
Security is core to what we do. We apply administrative, technical, and organizational safeguards appropriate to the data we handle — including least-privilege access controls, multi-factor authentication on our administrative accounts, encryption in transit (HTTPS) and at rest, tenant isolation in Prosolviz Works, automated off-site backups, and routine automated security scanning. No method of transmission or storage is completely secure, but we work to protect your information and respond promptly if an issue arises.
11. Your rights (GDPR / UK GDPR)
Prosolviz is US-based and does not target the EEA or the UK. To the extent the GDPR or UK GDPR applies to you, you have the right to: access your personal data; have inaccurate data corrected; have data erased; restrict or object to processing; data portability; and, where we rely on consent, to withdraw it. You may also lodge a complaint with your local supervisory authority, though we'd appreciate the chance to address your concern first. To exercise any right, email privacy@prosolviz.com; we will respond within the time required by law.
12. Your California privacy rights (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act, as amended by the CPRA, gives you specific rights regarding your personal information.
Categories of personal information we collect
| Category | Examples | Collected? |
|---|---|---|
| Identifiers | Name, email, phone, IP address | Yes |
| Customer records | Contact and billing details you provide | Yes, if you become a client |
| Commercial information | Services enquired about or purchased | Yes, if applicable |
| Internet/network activity | Server logs, pages requested | Yes (limited) |
| Geolocation | Coarse location derived from IP | Yes (coarse only) |
| Professional information | Organization, role, if you share it | Yes, if you share it |
| Sensitive personal information | — | Not collected via this site |
Your rights
- Right to know the categories and specific pieces of personal information we have collected, the sources, the purposes, and any disclosures.
- Right to delete personal information we collected from you, subject to legal exceptions.
- Right to correct inaccurate personal information.
- Right to opt out of sale or sharing — we do not sell or share your personal information, so there is nothing to opt out of, but the right stands.
- Right to limit use of sensitive personal information — we do not collect sensitive personal information through this site or use it for purposes that trigger this right.
- Right to non-discrimination — we will not deny services, charge different prices, or provide a different quality of service because you exercised a privacy right.
To exercise these rights, email privacy@prosolviz.com with "California Privacy Request" in the subject line. We will verify your request by confirming details we already hold. You may use an authorized agent with proof of authorization.
13. Children's privacy
The Services are intended for businesses and adults. We do not knowingly collect personal information from children under 16. If you believe a child has provided us personal information, contact us and we will delete it.
14. Third-party links
Our website may link to third-party sites (for example, our providers). We are not responsible for their privacy practices; please review their policies.
15. Changes to this policy
We may update this policy from time to time. We will revise the "Last updated" date above and, for material changes, take additional steps as required by law.
16. How to contact us
Prosolviz, LLC
Omaha, Nebraska area, United States
Email: privacy@prosolviz.com
Phone: (402) 765-4782