Privacy Policy

Updated: 2026-04-15

1. Scope

This Privacy Policy describes how DiBlanco Premier™ CRM collects, uses, stores, and protects information when you access or use our systems, portals, and services.

2. Information We Process

  • Account and identity data: identifiers required for authentication and authorization.
  • Operational and security data: session metadata, access events, and security signals used for fraud prevention and compliance.
  • Client-provided content: documents and records uploaded or generated within the platform.

We apply data minimization and do not publish sensitive personal information on public pages.

3. Purposes of Processing

  • Provide and operate the service, including authentication and access control.
  • Maintain security, monitoring, audit logging, and incident response.
  • Comply with applicable legal and regulatory obligations.

4. Legal Bases (GDPR)

  • Contract: to provide requested services.
  • Legitimate interests: security, fraud prevention, and service integrity.
  • Legal obligation: compliance and recordkeeping where required.

5. CCPA/CPRA Notice (California)

We do not sell personal information. Where applicable, you may have rights to know, access, correct, or delete certain personal information, and to limit the use of sensitive personal information, subject to legal exceptions and security requirements.

6. GLBA and Confidentiality

We implement administrative, technical, and physical safeguards designed to protect nonpublic personal information, consistent with GLBA and industry best practices.

7. Security Controls

  • Encryption in transit and at rest (where applicable).
  • Role-based access control and multi-factor authentication.
  • Audit logging and monitoring for security and compliance.

No method of transmission or storage is 100% secure; however, we apply defense-in-depth and fail-closed security principles.

8. Retention

We retain information only as long as necessary for operational, security, and compliance purposes, and as required by applicable law and contractual obligations.

9. International Transfers

If information is transferred across borders, we apply appropriate safeguards consistent with applicable law.

10. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of your information. Requests are subject to identity verification, security constraints, and legal exceptions.

11. Changes

We may update this policy. Continued use of the service constitutes acceptance of updates.