Privacy Policy

Introduction

SharePoint Support (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our consulting services, or engage with our support team.

As a SharePoint consulting firm serving regulated industries including healthcare, financial services, and government, we understand the critical importance of data protection and privacy compliance.

Information We Collect

Personal Information You Provide

We collect personal information that you voluntarily provide when you:

• Fill out our contact form or request a consultation
• Subscribe to our newsletter for SharePoint insights
• Request access to our enterprise resources and whitepapers
• Engage us for consulting, migration, or support services
• Participate in webinars or training sessions

This information may include your name, email address, phone number, company name, job title, and project requirements.

Automatically Collected Information

When you visit our website, we automatically collect certain technical information through cookies and analytics tools, including:

• IP address, device type, and operating system
• Browser type and version
• Pages visited, time spent on pages, and navigation paths
• Referring website or search query that brought you to our site
• Geographic location (country/region level)

Client Engagement Data

During consulting engagements, we may access client SharePoint environments, Microsoft 365 tenants, and related systems. This access is governed by individual service agreements and Statements of Work. We do not retain client environment data beyond the scope and duration of the engagement unless explicitly agreed upon.

How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide SharePoint consulting, migration, and support services as outlined in service agreements
• Communication: To respond to inquiries, send project updates, and provide technical support
• Marketing: To send relevant SharePoint insights, product updates, and service announcements (with your consent)
• Website Improvement: To analyze usage patterns and optimize our website performance and content
• Compliance: To comply with legal obligations and industry regulations
• Security: To protect against fraud, unauthorized access, and other security threats

Industry-Specific Data Handling

We recognize that our clients operate in highly regulated industries. Our data handling practices align with the following frameworks:

• Healthcare (HIPAA): We execute Business Associate Agreements (BAAs) when handling Protected Health Information (PHI) during SharePoint implementations for healthcare organizations
• Financial Services (SOC 2): Our data handling practices support SOC 2 Type II compliance requirements for financial services clients
• Government (FedRAMP): We follow FedRAMP security controls when working with government SharePoint environments in GCC and GCC High
• Education (FERPA): We maintain FERPA compliance protections when working with educational institution data
• European Clients (GDPR): We comply with GDPR requirements including data minimization, purpose limitation, and data subject rights for EU-based clients

Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

• Service Providers: Trusted vendors who assist in service delivery (email, hosting, analytics) under contractual data protection obligations
• Microsoft: When required for license management or Microsoft support escalations during consulting engagements
• Professional Advisors: Legal counsel, accountants, or auditors as necessary for business operations
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice to affected individuals

Data Security

We implement technical and organizational security measures to protect your personal information, including:

• Encryption in transit (TLS 1.2+) and at rest for all stored data
• Access controls with role-based permissions and multi-factor authentication
• Regular security assessments and vulnerability scanning
• Employee security awareness training
• Incident response procedures with notification protocols

Cookies and Tracking Technologies

We use the following cookies and tracking technologies:

• Essential Cookies: Required for website functionality (session management, security)
• Analytics Cookies: Google Analytics and Ahrefs to understand website usage and improve content
• Marketing Cookies: To measure the effectiveness of our advertising and provide relevant content

You can control cookies through your browser settings. Disabling certain cookies may limit website functionality.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Opt-Out: Unsubscribe from marketing communications at any time
• Data Portability: Request your data in a structured, machine-readable format
• Restriction: Request restriction of processing in certain circumstances

To exercise any of these rights, please contact us. We will respond to requests within 30 days.

Data Retention

We retain personal information only as long as necessary to fulfill the purposes outlined in this policy. Specifically:

• Website inquiries: 2 years from last interaction
• Client engagement data: Duration of the engagement plus 3 years for audit and legal purposes
• Financial records: 7 years as required by tax regulations
• Marketing preferences: Until you opt out or request deletion

Third-Party Links

Our website may contain links to third-party websites including Microsoft documentation, industry resources, and partner organizations. We are not responsible for the privacy practices of these external sites and encourage you to review their privacy policies.

Children's Privacy

Our services are designed for business professionals and are not directed to children under 16. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. Material changes will be communicated via email to active clients and posted on this page with an updated effective date.

Contact Us

If you have questions about this privacy policy or our data practices, please reach out through our contact form or email us at [email protected].