Request Demo
Register
Login

(888) 670-2234

Privacy Policy

At Rotation Manager, we value your privacy and are committed to protecting your personal data. This Privacy Policy outlines how we collect, use, and safeguard your information. It is designed to align with major global and federal standards, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Criminal Justice Information Services (CJIS) Security Policy.

1. Purpose of Processing

We process your data specifically and exclusively for the purpose of fulfilling our contractual obligations to you. We do not use customer data for independent marketing purposes, profiling, or any activity outside the scope of the services we provide.

2. Data Sharing & Disclosure

Our policy on data sharing is strict and explicit:

  • No Sale of Data: We do not sell, rent, lease, or trade personal data or State data to any third parties or advertisers.
  • Explicit Consent Required: We prohibit the sharing of State data or sensitive personal information with any entities or jurisdictions without your explicit, written consent.
  • Service Providers: We may share data with trusted third-party service providers (subprocessors) solely for the purpose of hosting and maintaining our services. All subprocessors are bound by strict Data Processing Agreements (DPAs) that enforce confidentiality and security standards equivalent to our own.

3. Data Location & Cross-Border Transfers

To ensure compliance with federal and state regulations:

  • U.S. Data Residency: All customer data is hosted and processed within the United States. We ensure no cross-jurisdictional transfers of State data to foreign countries.
  • Authorized Subprocessors: Our primary cloud infrastructure provider is Amazon Web Services (AWS). All AWS data centers used by Rotation Manager are located within the continental United States and adhere to high security standards (ISO 27001, SOC 2).

4. Compliance Alignment

Our privacy practices are built to satisfy rigorous regulatory frameworks:

  • CJIS (Criminal Justice Information Services): We align with CJIS security policy requirements regarding data security, encryption, and background screening, ensuring we are fit to handle sensitive State data.
  • GDPR (General Data Protection Regulation): For applicable users, we respect rights regarding data access, rectification, and the “right to be forgotten.”
  • CCPA (California Consumer Privacy Act): We provide California residents with the right to know what personal information is collected and the right to delete that information.

Contact Us

If you have questions about this policy or wish to exercise your data rights (such as data deletion or access requests), please contact our Data Protection Officer at:

Email: [email protected]