1. Introduction

At Oregon Software ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us in connection with our custom software development, nearshore development, and related services.

By using our services or accessing our website, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you provide directly to us, including:

• Name, email address, phone number, and company information
• Project requirements and technical specifications
• Payment information and billing details
• Communication records and correspondence
• Professional background and experience details

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain information, including:

• IP address and location information
• Browser type and version
• Pages visited and time spent on our site
• Device information and operating system
• Referral sources and navigation patterns

2.3 Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze site usage, and assist in our marketing efforts. You can control cookie preferences through your browser settings.

3. How We Use Your Information

We use the information we collect for various purposes, including:

• Providing custom software development services and project management
• Communicating with you about your projects and our services
• Processing payments and maintaining billing records
• Improving our website and services through analytics
• Sending marketing communications (with your consent)
• Complying with legal obligations and protecting our rights
• Conducting security monitoring and fraud prevention

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third-party service providers who assist in our operations (under strict confidentiality agreements)
• Legal Requirements: When required by law, court order, or government regulation
• Business Protection: To protect our rights, property, or safety, or that of our clients
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Consent: With your explicit consent for specific purposes

5. Data Security

We implement industry-standard security measures to protect your personal information:

• Encryption of sensitive data in transit and at rest
• Regular security audits and vulnerability assessments
• Access controls and employee training on data protection
• Secure development practices and code review processes
• Regular backups and disaster recovery procedures
• Compliance with industry standards (SOC 2, GDPR, CCPA)

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Specifically:

• Client project data is retained for the duration of the project plus 7 years for legal and tax purposes
• Marketing contact information is retained until you unsubscribe or request deletion
• Website analytics data is typically retained for 26 months
• Security logs are retained for 1 year for compliance purposes

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal requirements)
• Portability: Request transfer of your data in a structured format
• Opt-out: Unsubscribe from marketing communications at any time
• Restriction: Request limitation of processing in certain circumstances

To exercise these rights, please contact us using the information provided below.

8. International Data Transfers

As a software development company with nearshore operations, your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses approved by regulatory authorities
• Adequacy decisions by relevant data protection authorities
• Binding corporate rules for intra-group transfers
• Certification schemes and codes of conduct

9. Third-Party Services

Our website and services may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

We use the following categories of third-party services:

• Analytics services (Google Analytics)
• Customer relationship management (CRM) systems
• Project management and collaboration tools
• Payment processors and financial services
• Cloud hosting and infrastructure providers

10. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this policy
• Notify you via email if you have an account with us
• Post a prominent notice on our website
• Provide additional notice for significant changes

Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiries within 30 days of receipt.

13. Compliance and Certifications

Oregon Software is committed to maintaining the highest standards of data protection and privacy. Our compliance includes:

• GDPR Compliance: For European Union users
• CCPA Compliance: For California residents
• SOC 2 Type II Certification: For security and privacy controls
• ISO 27001: Information security management systems
• Regular Security Audits: Conducted by independent third parties