Privacy Policy

Your Privacy Matters

We are committed to protecting your privacy and maintaining the security of your personal information. This policy explains how we collect, use, and safeguard your data.

Last Updated: March 15, 2024

Transparency

Clear, understandable policies about how we handle your data

Security

Enterprise-grade security measures to protect your information

Control

You maintain control over your personal information and privacy settings

Security Certifications

We maintain the highest standards of data protection and security

SOC 2 Type II

Security, availability, and confidentiality controls

GDPR Compliant

European data protection regulation compliance

CCPA Compliant

California Consumer Privacy Act compliance

FISMA Moderate

Federal information security standards

Information We Collect

Personal Information

  • Name, email address, phone number, and job title
  • Organization name and address
  • User account credentials and preferences
  • Communication preferences and contact history

Section 3 Data

  • Worker information including eligibility status
  • Contractor details and compliance records
  • Project information and labor hour tracking
  • Training records and certifications

Technical Information

  • IP addresses and device information
  • Browser type and operating system
  • Usage patterns and feature interactions
  • Log files and system performance data
How We Use Your Information

Service Delivery

  • Provide Section 3 compliance management services
  • Generate reports and analytics
  • Process and respond to communications
  • Maintain and improve platform functionality

Legal Compliance

  • Comply with HUD reporting requirements
  • Meet federal and state regulatory obligations
  • Respond to legal requests and investigations
  • Maintain audit trails and compliance records

Communication

  • Send service updates and notifications
  • Provide customer support and training
  • Share compliance alerts and deadlines
  • Deliver requested information and resources
Information Sharing and Disclosure

We DO NOT sell your personal information

  • Your data is never sold to third parties
  • We do not engage in data brokering activities
  • Personal information is not used for advertising
  • We maintain strict data confidentiality

Limited Sharing Scenarios

  • HUD reporting as required by law
  • Service providers under strict confidentiality agreements
  • Legal compliance when required by court order
  • Business transfers with equivalent privacy protections

Data Processing Partners

  • Cloud hosting providers (AWS, Microsoft Azure)
  • Email service providers for communications
  • Analytics services for platform improvement
  • Security monitoring and threat detection services
Data Security and Protection

Technical Safeguards

  • End-to-end encryption for data in transit and at rest
  • Multi-factor authentication for all user accounts
  • Regular security audits and penetration testing
  • SOC 2 Type II compliance and certification

Access Controls

  • Role-based access control (RBAC) system
  • Principle of least privilege access
  • Regular access reviews and deprovisioning
  • Audit logging of all data access activities

Infrastructure Security

  • Secure cloud hosting with enterprise-grade protection
  • Network segmentation and firewall protection
  • Intrusion detection and prevention systems
  • Regular security updates and patch management
Your Privacy Rights

Access and Control

  • Right to access your personal information
  • Right to correct inaccurate or incomplete data
  • Right to delete your personal information
  • Right to data portability and export

Communication Preferences

  • Opt-out of marketing communications
  • Control notification preferences
  • Choose communication channels
  • Update contact information anytime

State-Specific Rights

  • California Consumer Privacy Act (CCPA) rights
  • Virginia Consumer Data Protection Act (VCDPA) rights
  • Other applicable state privacy law rights
  • Right to non-discrimination for exercising privacy rights
Data Retention and Deletion

Retention Periods

  • Active account data: Retained while account is active
  • Compliance records: 7 years as required by HUD
  • Communication logs: 3 years for support purposes
  • Technical logs: 1 year for security and performance

Deletion Process

  • Secure deletion using industry-standard methods
  • Verification of complete data removal
  • Retention of legally required records only
  • Notification of deletion completion

Questions About Your Privacy?

Our privacy team is here to help you understand and exercise your rights.

Privacy Officer: privacy@rapidcompliance.net

Response time: Within 30 days as required by law

Important Notice

This privacy policy may be updated periodically to reflect changes in our practices or legal requirements. We will notify you of any material changes via email or through our platform. Your continued use of our services after such changes constitutes acceptance of the updated policy.