Privacy Policy

---

ECISYS Public Website Privacy Policy

Last updated: 1 August 2025

Ellington Consulting International Inc. ("ECISYS," "we," "our," or "us") respects your privacy and is committed to protecting the Personal Data you share with us. This Privacy Policy ("Policy") describes how ECISYS collects, uses, discloses, and safeguards information when you access or interact with our publicly available website located at ecisys.com and any sub‑domains we own (collectively, the "Website"). It also explains the rights and choices you may have with respect to your Personal Data.

This Policy applies only to information collected through the Website for marketing, informational, and recruitment purposes. It does not apply to data processed through any ECISYS enterprise products, customer portals, or services, which are governed by separate agreements and privacy notices.

Term

Meaning

Personal Data

Information that identifies, relates to, describes, or could reasonably be linked to an individual ("data subject"), directly or indirectly.

Usage Data

Technical information automatically collected when you browse the Website (e.g., IP address, device identifiers, pages viewed, time on page).

Cookies & Similar Technologies

Small files or scripts that store information on a visitor’s device to enable functionality, analytics, and personalization.

Controller

The entity that determines the purposes and means of processing Personal Data. For this Website, ECISYS is the Controller.

Processor

A third party that processes Personal Data on behalf of a Controller (e.g., cloud‑hosting providers, analytics vendors).

●  Contact forms — name, business email, phone, company, job title, and your message.

●  Newsletter sign‑ups — email address and marketing preferences.

●  Event or webinar registrations — identifiers plus professional information, such as role and industry.

●  Careers inquiries — resume/CV, cover letter, and any additional details you choose to submit.

Please do not provide any sensitive information (e.g., Social Security numbers, health data) in free‑text fields.

When you visit the Website, we (or authorized third parties) may automatically collect Usage Data via:

●  Server logs & security tools (IP address, browser type, referring URLs, error logs).

●  Analytics cookies (page views, time on site, scrolling activity).

●  Functional cookies to remember language or region choices.

●  Advertising pixels (only if you expressly consent via the cookie banner).

We may combine the information above with limited business‑profile data we receive from reputable data brokers (e.g., industry, company size) to better understand our audience and tailor content. You may opt out at any time (see Section 9).

We process Personal Data for the following purposes:

1. Website Operation & Security — to display pages, ensure uptime, detect fraud, and protect against malicious activity.
2. Customer & Partner Communications — to respond to inquiries, schedule demos, and provide requested collateral.
3. Marketing & Personalization — to send newsletters, event invitations, or product updates only where permitted by law or with your consent.
4. Analytics & Improvement — to measure traffic patterns, diagnose performance issues, and enhance content relevance.
5. Recruiting — to evaluate job applications and communicate about career opportunities.
6. Legal & Compliance — to comply with applicable laws, enforce our terms, or protect rights, safety, and property.

We will not sell  Personal Data or share it for cross‑context behavioral advertising without your explicit right to opt out (see Section 11).

If you are in the European Economic Area (EEA) or United Kingdom, our processing is legitimized by one or more of the following:

●  Consent (e.g., marketing emails, analytics cookies).

●  Legitimate Interests (e.g., network security, business analytics) balanced against your rights and freedoms.

●  Contract Performance when you ask us to take steps at your request (e.g., pre‑contractual discussions).

●  Legal Obligation to which ECISYS is subject.

Where we rely on consent, you may withdraw it at any time without affecting lawfulness of prior processing.

We categorize cookies as essential, performance/analytics, personalization, and advertising. Our cookie banner lets you accept or decline non‑essential cookies individually or in bulk. You can also disable or delete cookies via browser settings; however, certain features may not function.

A detailed cookie table, listing each cookie name, provider, purpose, duration, and opt‑out mechanism, is available at ecisys.com/cookie‑notice.

We disclose Personal Data only:

●  Service Providers — cloud hosting, email delivery, analytics, event-management, or customer‑relationship management platforms that must process data strictly per our instructions.

●  Business Transfers — in connection with a merger, acquisition, financing, or sale of all or part of our assets (with notice to you where required).

●  Legal & Safety — to competent authorities when legally obliged or to protect ECISYS, our users, or the public.

We require all recipients to protect Personal Data in accordance with this Policy and applicable laws.

We are headquartered in the United States. When we transfer Personal Data from the EEA/UK or Switzerland to the U.S. or other jurisdictions that may not offer the same level of protection, we implement appropriate safeguards, such as:

●  Standard Contractual Clauses (SCCs) approved by the European Commission and UK Information Commissioner.

●  Participation in the EU‑U.S. Data Privacy Framework (once self‑certification is approved).

●  Marketing Communications — Click the "unsubscribe" link in any email or contact privacy@ecisys.com.

●  Cookies — Adjust preferences in the cookie banner or browser.

●  Interest‑Based Advertising — Opt out via the Digital Advertising Alliance (optout.aboutads.info) or Network Advertising Initiative (optout.networkadvertising.org).

●  Do Not Track Signals — Our Website currently does not respond to DNT/browser signals; we instead honor the choices presented in our cookie consent tool.

Depending on where you live, you may have certain rights regarding your Personal Data—for example, the right to request access, correction, deletion, or to limit certain processing. To exercise any such right, please email privacy@ecisys.com or call us at +1 (800) 555‑0199. We will verify your identity and respond within the timeframe required by law.

In addition to the general rights above, residents of specific U.S. states have the following rights under their state privacy laws:

State Law

Your Key Individual Rights

California – CCPA/CPRA

Know the categories and specific pieces of Personal Data we collect, the sources and purposes; request deletion or correction; receive a portable copy; opt out of the "sale" or "sharing" of Personal Data; limit use/disclosure of sensitive Personal Data; and freedom from retaliation for exercising rights. We honor Global Privacy Control (GPC) signals as a valid opt‑out.

Nevada – SB 220 (NRS 603A)

Opt out of any future sale of covered information. Submit requests via privacy@ecisys.com with the subject line "Nevada Opt‑Out".

Virginia – VCDPA

Access, correct, delete, or obtain a copy of Personal Data; opt out of targeted advertising, sale of Personal Data, or profiling that produces significant effects; appeal a refusal to act on a request.

Colorado – CPA

Access, correct, delete, obtain a portable copy; opt out of targeted advertising, sale, or profiling. An appeals process is available if we deny a request.

Connecticut – CTDPA

Similar rights to access, correct, delete, portability, and opt out of targeted advertising or sale of Personal Data.

Utah – UCPA

Access, delete, or obtain a portable copy; opt out of targeted advertising or sale of Personal Data. Utah residents may designate an authorized agent to submit opt‑out requests.

ECISYS does not sell Personal Data as that term is defined under these laws, nor do we engage in cross‑context behavioral advertising without providing the required opt‑out mechanisms.

We retain Personal Data only for as long as necessary to: (i) fulfil the purposes outlined in this Policy, (ii) comply with legal obligations, (iii) resolve disputes, and (iv) enforce our agreements. Retention periods vary based on data category and processing context.

We implement administrative, technical, and physical safeguards proportional to the risks, including:

●  Transport Layer Security (TLS) encryption for data in transit.

●  Regular vulnerability scanning and penetration testing.

●  Employee security awareness training.

No Internet transmission or storage system is 100% secure; we therefore cannot guarantee absolute security.

The Website may include links to external sites or social‑media widgets (e.g., LinkedIn share button). Your interactions with those features are governed by the privacy statements of the respective providers, not this Policy.

Ellington Consulting International Inc.
Attn: Privacy Office
123 Main Street
Stamford, CT 06902 USA
Email: privacy@ecisys.com
Phone: +1 (800) 555‑0199

If you believe we have not adequately resolved a privacy concern, you may lodge a complaint with your local supervisory authority (e.g., in the EEA, your Data Protection Authority; in the UK, the Information Commissioner’s Office).

We may revise this Policy from time to time. If we make material changes, we will notify you by (i) posting the updated version with a new "Last updated" date, and/or (ii) displaying a prominent banner or sending an email where legally required. Your continued use of the Website after such modifications constitutes acceptance of the revised Policy.

This Policy supersedes all prior versions and applies exclusively to the public Website located at ecisys.com.