Legal Architecture

Privacy Policy and Protocol

Privacy Policy

IntelGRC Privacy Framework

IntelGRC (“we”, “our”, “us”) is committed to protecting the privacy, confidentiality, and integrity of personal data entrusted to us. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you access our website, platform, and services. We operate globally and comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), the Australian Privacy Act 1988 (Cth), and the UAE Federal Data Protection Law (PDPL).

01. Information We Collect

We collect personal data necessary to deliver our services and operate the IntelGRC platform effectively. This is categorized into three core layers:

Direct Data

Name, job title, organisation, contact details, registrations, and support requests.

Operational Data

Governance metrics, risk profiles, compliance status, audits, and workflow activities.

Technical Data

IP addresses, device identifiers, log files, cookies, and system analytics.

02. How We Use Information & Legal Basis

We process personal data on the basis of contractual necessity, legitimate business interests (platform improvement & security), legal obligations, and explicit consent. We do not sell personal data under any circumstances.

// Core Processing Purposes:
1. Platform Operation & Advisory Delivery
2. Customer Relationship & Support Management
3. System Security Monitoring & Analytics
4. Automated Workflows & Audit Tracking

03. Sharing, Transfers & Retention

Data sharing is restricted to authorised personnel, trusted cloud hosting infrastructure, analytics providers, and regulatory authorities when legally mandated.

As a global platform, cross-border data transfers are protected via strict Standard Contractual Clauses (SCCs), end-to-end encryption, and robust corporate safeguards. Personal data is retained only to fulfill legal or operational mandates, followed by complete cryptographic erasure.

04. Data Security & User Rights

We deploy AES-256 encryption, role-based access management, multi-factor authentication, and continuous threat monitoring. Depending on your location (GDPR, UAE PDPL, or Act 1988), you retain absolute rights over your data:

  • Right to Access & Portability
  • Right to Rectification & Erasure
  • Right to Object & Restrict Processing
  • Right to Withdraw Consent

05. Cookies & Advisory Confidentiality

Cookies are used exclusively to maintain active sessions, optimize application UI performance, and tracks security states. You can control these via your browser preferences. All data provided during formal corporate advisory engagements remains structurally isolated and confidential.

Have a Privacy Question?

Contact our Data Protection Team for compliance or data deletion requests.