Legal
Privacy Policy - R2 Consulting, LLC
Effective February 16, 2026
Contents
- Introduction
- Scope and Applicability
- Information We Collect
- How We Collect Information
- Legal Bases for Processing (GDPR)
- How We Use Your Information
- Cookies and Tracking Technologies
- Data Sharing and Disclosure
- International Data Transfers
- Data Retention
- Data Security
- Your Rights Under GDPR
- Your Rights Under CCPA/CPRA
- Children’s Privacy
- Third-Party Links and Services
- Changes to This Privacy Policy
- Data Protection Officer
- Supervisory Authority
1. Introduction
R2 Consulting, LLC and its subsidiaries and affiliates ("R2 Consulting," "we," "us," or "our") are committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our websites, use our services, or otherwise interact with us. This policy applies to all personal data processed in connection with our custom software development, AI services, and related consulting offerings. By engaging with our services, you acknowledge that you have read and understood this Privacy Policy.
2. Scope and Applicability
This Privacy Policy applies to all individuals whose personal data we process, including clients, prospective clients, website visitors, business contacts, and end users of applications we develop. It covers data collected through our websites, applications, email communications, and in-person interactions.
GDPR Applicability
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the GDPR provisions in this policy apply to you. R2 Consulting acts as a data controller for personal data collected directly and as a data processor when processing data on behalf of our clients.
CCPA/CPRA Applicability
If you are a California resident, the CCPA/CPRA provisions in this policy apply to you. These provisions describe your rights regarding the collection, use, and sale of your personal information as defined under California law.
3. Information We Collect
Identity Data
Name, job title, company name, professional credentials
Service delivery, account management, communications
Contact Data
Email address, phone number, mailing address
Service delivery, marketing, support communications
Technical Data
IP address, browser type, device identifiers, operating system, access times, pages viewed
Website optimization, security monitoring, analytics
Usage Data
Interaction with our websites and applications, feature usage, clickstream data
Service improvement, analytics, user experience optimization
Transaction Data
Service agreements, invoicing details, payment information
Contract performance, billing, financial record-keeping
Communications Data
Emails, messages, meeting notes, support inquiries
Service delivery, support, relationship management
Professional Data
Employment history, professional qualifications, LinkedIn profiles
Lead generation, business development, recruitment
4. How We Collect Information
- Directly from you when you engage our services, fill out forms, or communicate with us
- Automatically through cookies, web beacons, and similar technologies when you visit our websites
- From third-party sources including publicly available databases, business directories, social media platforms, referral partners, and data enrichment services
- Through our AI-powered tools and automated systems used for business development and lead generation
- From our clients when acting as a data processor on their behalf
5. Legal Bases for Processing (GDPR)
Contractual Necessity
Processing necessary for the performance of a contract with you or to take steps at your request before entering a contract.
Legitimate Interests
Processing necessary for our legitimate business interests, such as improving our services, marketing, fraud prevention, and network security, provided these interests are not overridden by your rights.
Consent
Where you have given clear consent for us to process your personal data for a specific purpose. You may withdraw consent at any time.
Legal Obligation
Processing necessary for compliance with a legal obligation to which we are subject.
6. How We Use Your Information
- Delivering, maintaining, and improving our software development and AI consulting services
- Managing client relationships and accounts
- Processing transactions and sending related information
- Sending marketing communications (with your consent where required)
- Conducting business development and lead generation activities
- Analyzing website usage and optimizing user experience
- Ensuring network and information security
- Complying with legal obligations and enforcing our agreements
- Developing and training AI/ML models (using anonymized or aggregated data only)
- Responding to inquiries and providing customer support
7. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect and use personal information about you. Our use of cookies includes essential cookies for website functionality, analytics cookies to understand usage patterns, and marketing cookies for targeted advertising.
Essential Cookies
Required for basic website functionality; cannot be disabled.
Analytics Cookies
Help us understand how visitors interact with our websites using services like Google Analytics.
Functional Cookies
Enable enhanced functionality and personalization.
Marketing Cookies
Used to track visitors across websites for advertising purposes.
8. Data Sharing and Disclosure
Service Providers
Third-party vendors who perform services on our behalf, including cloud hosting (e.g., AWS, Azure), payment processing, analytics, email delivery, and CRM services. These providers are contractually obligated to protect your data.
Business Partners
Trusted partners with whom we collaborate to deliver services, subject to appropriate confidentiality agreements.
Legal and Regulatory
When required by law, court order, or governmental authority, or when necessary to protect our rights, privacy, safety, or property.
Business Transfers
In connection with a merger, acquisition, reorganization, or sale of assets, your data may be transferred as part of that transaction.
With Your Consent
We may share your information with other third parties when you have given us explicit consent to do so.
R2 Consulting does not sell your personal information. We do not share personal information for cross-context behavioral advertising as defined under the CCPA/CPRA.
9. International Data Transfers
Your personal data may be transferred to and processed in countries outside your country of residence, including the United States. When we transfer personal data from the EEA, UK, or Switzerland, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, adequacy decisions, or other lawful transfer mechanisms.
10. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, applicable legal requirements, and whether we can achieve those purposes through other means.
11. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls and authentication mechanisms, regular security assessments and penetration testing, employee training on data protection, incident response procedures, and secure software development practices.
12. Your Rights Under GDPR
Individuals located in the EEA, UK, or Switzerland
Right of Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete personal data.
Right to Erasure
Request deletion of your personal data under certain circumstances.
Right to Restrict Processing
Request that we limit the processing of your personal data.
Right to Data Portability
Receive your personal data in a structured, commonly used, machine-readable format.
Right to Object
Object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent
Withdraw previously given consent at any time without affecting the lawfulness of prior processing.
Right to Lodge a Complaint
File a complaint with a supervisory authority in your country of residence.
13. Your Rights Under CCPA/CPRA
California residents
Right to Know
Request disclosure of the categories and specific pieces of personal information we have collected, the sources, business purposes, and third parties with whom we share it.
Right to Delete
Request deletion of personal information we have collected from you, subject to certain exceptions.
Right to Correct
Request correction of inaccurate personal information.
Right to Opt-Out
Opt out of the sale or sharing of personal information. Note: R2 Consulting does not sell personal information.
Right to Limit Use of Sensitive Personal Information
Limit the use and disclosure of sensitive personal information to purposes authorized by the CCPA/CPRA.
Right to Non-Discrimination
Not be discriminated against for exercising your privacy rights.
To exercise your rights, we will verify your identity using reasonable methods. You may also designate an authorized agent to make requests on your behalf.
14. Children’s Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.
15. Third-Party Links and Services
Our websites and services may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party websites or services you visit.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by posting the updated policy on our website with a revised effective date. Where required by law, we will obtain your consent before making material changes.
17. Data Protection Officer
For questions or concerns about this Privacy Policy or our data processing practices, or to exercise your privacy rights, please contact our Privacy Officer.
Email : DPO@r2c.io
Address : R2 Consulting, LLC, Attn: Privacy Officer
Response Time : We will respond to all legitimate requests within 30 days (or 45 days for CCPA requests, with notice of extension if needed). For GDPR requests, we will respond within one calendar month.
18. Supervisory Authority
If you are located in the EEA and believe our processing of your personal data violates the GDPR, you have the right to lodge a complaint with your local data protection supervisory authority.