Website Privacy Policy
How Jadex Strategic Group collects, uses, protects, and shares information when you visit jadexstrategic.com or engage with our online services.
We collect a limited amount of information when you use our Website — things like your name and email when you fill out a form, and technical data such as your IP address and browser type. We use it to run our business, respond to your inquiries, improve the site, and keep it secure. We do not sell your personal information. We do not use your data to train AI models. You have rights to access, correct, delete, and control your information — and this Policy explains how to exercise them.
Introduction & Scope
Jadex Strategic Group is committed to protecting your privacy and to applying the same operational discipline to our own data handling that we bring to the organizations we serve. This Website Privacy Policy (“Policy“) explains how we collect, use, disclose, and safeguard information when you visit our Website at https://jadexstrategic.com, complete online forms, request an assessment, subscribe to our communications, or otherwise interact with our online services (collectively, the “Website“).
This Policy governs personal information collected through the Website. It does not govern (a) meetings, webinars, and town halls we host through Microsoft Teams — see our https://jadexstrategic.com/microsoft-teams-privacy-security-policy/Meetings & Events Privacy and Security Policy; or (b) information processed under a signed client engagement, which is governed by that engagement’s Master Services Agreement, Data Protection Agreement, or Business Associate Agreement.
This Policy is incorporated by reference into the Jadex Strategic Group . By using the Website, you consent to the practices described in this Policy.
Who We Are (Controller Identity)
The data controller responsible for personal information collected through the Website is:
Attn: Privacy & Compliance
Spring Lake, Michigan, United States
Website: https://jadexstrategic.com
Privacy: privacy@jadexstrategic.com
General: contact@jadexstrategic.com
Phone: tel:+18335683925″>+1 (833) 568-3925
Jadex Strategic Group applies the principles of privacy by design, data minimization, and least privilege to our own operations — the same principles we implement across our service portfolio.
Information We Collect
Jadex Strategic Group collects information in three primary ways: (a) information you provide directly; (b) information collected automatically as you use the Website; and (c) information received from third-party services and partners.
Information You Provide
- Contact information — name, email address, phone number, company, and job title, submitted through contact forms, demo requests, or newsletter signups.
- Assessment intake information — details you provide when requesting a security, compliance, or readiness assessment through the Website, including information about your organization’s current tools, environments, or compliance posture.
- Communications — the content of messages you send us through forms, email, or chat.
- Event registrations — information provided when registering for webinars, town halls, or other Jadex events.
- Employment inquiries — resumes and application materials submitted through the Website.
Information Collected Automatically
- Device and connection data — IP address, browser type and version, operating system, device type, and referring URL.
- Usage data — pages visited, links clicked, time spent, session duration, and navigation patterns.
- Session recordings and heatmaps — through Microsoft Clarity, we may capture aggregated mouse movement, clicks, and scroll behavior to improve the user experience (see Section 6).
- Cookies and similar technologies — see Section 6.
Information from Third Parties
- Publicly available information from professional networks and business directories used for account research.
- Referral information from partners or existing clients who refer you to us.
- Authentication data from single sign-on providers if you access any authenticated area of the Website.
Jadex Strategic Group does not collect payment card information through the Website. We do not knowingly collect sensitive categories of information such as government IDs, health information, or biometric data through the Website. We do not use the Website to collect information from children under 13.
How We Use Information
We use the information we collect for the following purposes:
- Operating, maintaining, and improving the Website and our services.
- Responding to inquiries, demo requests, assessment requests, and customer support tickets.
- Delivering the services you request, including whitepapers, guides, and event registrations.
- Sending administrative communications (service updates, security notices, policy changes).
- Sending marketing communications about Jadex services, insights, and events — subject to your consent and opt-out rights.
- Conducting analytics and understanding user experience patterns.
- Detecting, preventing, and responding to fraud, abuse, and security incidents.
- Complying with legal obligations and applicable privacy laws.
- Enforcing our and protecting the rights, safety, and property of Jadex Strategic Group, its clients, and others.
- Supporting corporate activities including audits, mergers, acquisitions, and reorganizations.
Legal Bases (GDPR / UK GDPR)
Where the EU General Data Protection Regulation or UK GDPR applies, we process personal data on the following legal bases:
- Contract — to respond to your inquiries and deliver services you request.
- Legitimate interests — to operate our business, secure our systems, understand how the Website is used, and market related services to business contacts.
- Consent — for optional analytics, marketing communications, and non-essential cookies.
- Legal obligation — to comply with applicable laws and regulations.
Jadex Strategic Group does not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We do not use the personal information you submit through the Website to train artificial intelligence or machine learning models.
AI, Automated Processing & Model Training
Jadex Strategic Group uses artificial intelligence, machine learning, and automation to operate our business — including for spam and abuse detection, security monitoring, content moderation, and internal productivity through Microsoft 365 Copilot.
We do not use the personal information you submit through the Website to train foundation models or third-party AI systems. Any AI-generated content derived from your interactions is subject to the same confidentiality, retention, and access controls as the underlying data. Automated processing does not produce decisions that have legal or similarly significant effects on you without human review.
Where AI is used to generate content published on the Website (such as summaries, insights, or explanatory material), that content is reviewed by Jadex personnel before publication and is provided for general informational purposes only. See our Website Terms of Use for full disclaimer language.
Data Retention
We retain personal information only as long as necessary to fulfill the purposes for which it was collected, comply with our legal and contractual obligations, resolve disputes, and enforce our agreements.
- Contact form submissions: 24 months from last interaction, then archived or deleted.
- Assessment intake data: retained for the duration of the sales cycle plus 24 months, or per the engagement agreement if the assessment becomes a client engagement.
- Newsletter and marketing subscribers: until you unsubscribe, plus a suppression record retained to honor your opt-out.
- Event registrations: 24 months after the event.
- Employment inquiries: up to 12 months, or as required by applicable employment law.
- Website server logs: up to 90 days for operational and security purposes.
- Analytics data (Microsoft Clarity): retained per Microsoft’s published Clarity retention schedule.
- Cookies: vary by category; typically session-only or up to 13 months for persistent cookies.
Where longer retention is required by legal, regulatory, or contractual obligations — including tax, employment, and litigation-hold requirements — we retain data for the required period and then delete or de-identify it.
Data Security
Jadex Strategic Group implements administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, use, disclosure, alteration, and destruction.
Technical Safeguards
- Encryption of data in transit using TLS 1.2 or higher.
- Encryption of data at rest using industry-standard algorithms (AES-256).
- Multi-factor authentication and conditional access enforced across administrative systems.
- Role-based access control with least-privilege administration.
- Continuous monitoring, threat detection, and audit logging through Microsoft Purview and Microsoft Defender.
- Data loss prevention (DLP) policies aligned to regulated data categories.
- Regular vulnerability management, patching, and configuration monitoring.
Administrative Safeguards
- Written information security policies aligned to industry-recognized frameworks.
- Personnel background checks and confidentiality obligations.
- Annual security awareness training.
- Incident response plan with defined roles, escalation paths, and notification obligations.
- Segregation of environments based on data sensitivity and workload classification.
While we apply commercially reasonable and industry-recognized safeguards, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security. In the event of a security incident affecting your personal information, we will notify you and applicable regulators in accordance with applicable law.
International Data Transfers
Jadex Strategic Group is headquartered in the United States, and the information we collect is primarily processed and stored in the United States. Where you access the Website from outside the United States, your information will be transferred to, stored in, and processed in the United States or other jurisdictions where our service providers operate.
Transfer Safeguards
Where personal information is transferred from the European Economic Area (EEA), United Kingdom, or Switzerland to the United States or other jurisdictions not deemed to provide an adequate level of data protection, we rely on one or more of the following safeguards:
- Standard Contractual Clauses (SCCs) approved by the European Commission and, where applicable, the UK International Data Transfer Addendum.
- EU-U.S. Data Privacy Framework, UK Extension, and Swiss-U.S. Data Privacy Framework where our sub-processors (including Microsoft) are certified.
- Supplementary measures such as encryption, access controls, and contractual restrictions on government access requests, where required by post-Schrems II guidance.
Your U.S. State Privacy Rights
Depending on the state where you reside, you may have certain rights regarding your personal information under state privacy laws — including the California Consumer Privacy Act (CCPA) as amended by the CPRA, the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Utah Consumer Privacy Act (UCPA), the Texas Data Privacy and Security Act (TDPSA), and similar laws in Oregon, Montana, Iowa, Tennessee, Delaware, Indiana, New Jersey, Kentucky, Minnesota, Maryland, New Hampshire, and Rhode Island.
Rights You May Have
- Right to know / access — request confirmation of whether we process your personal information and receive a copy of the information we hold about you.
- Right to correct — request correction of inaccurate personal information.
- Right to delete — request deletion of your personal information, subject to legal, contractual, and regulatory retention obligations.
- Right to data portability — receive your personal information in a portable, commonly used format.
- Right to opt out of sale or sharing — where applicable. Jadex does not sell personal information and does not share personal information for cross-context behavioral advertising.
- Right to limit use of sensitive personal information — where applicable under California law.
- Right to opt out of profiling that produces legal or similarly significant effects, where applicable.
- Right to non-discrimination — we will not deny services, charge different prices, or provide a different level of service because you exercised a privacy right.
- Right to appeal — where required by state law, you may appeal a denial of your privacy request.
How to Exercise Your Rights
Email: privacy@jadexstrategic.com
Phone: +1 (833) 568-3925
Mail: Jadex Strategic Group, Attn: Privacy & Compliance, Spring Lake, Michigan, USA
We will respond within the time frame required by applicable law — generally within 45 days, with the ability to extend once by an additional 45 days where reasonably necessary.
Verification
To protect your information, we will verify your identity before fulfilling most requests. Verification may require confirming information we already hold about you or using a signed declaration under penalty of perjury for deletion requests involving sensitive information.
Authorized Agents
You may designate an authorized agent to submit a request on your behalf. We will require proof of the agent’s authorization (such as a signed permission or power of attorney) and, where required by law, verification of your identity.
California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. Jadex Strategic Group does not disclose personal information to third parties for their direct marketing purposes.
EU / UK / Swiss Privacy Rights
If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR), UK GDPR, and Swiss Federal Act on Data Protection (FADP):
- Right of access — obtain confirmation of processing and a copy of your personal data.
- Right to rectification — correct inaccurate or incomplete personal data.
- Right to erasure (“right to be forgotten”) — request deletion of personal data in certain circumstances.
- Right to restriction of processing — request that we limit processing in certain circumstances.
- Right to data portability — receive personal data in a structured, commonly used, machine-readable format.
- Right to object — object to processing based on legitimate interests, including direct marketing.
- Right to withdraw consent — where processing is based on consent, withdraw consent at any time without affecting the lawfulness of prior processing.
- Right not to be subject to automated decision-making — including profiling, that produces legal or similarly significant effects.
- Right to lodge a complaint — with your local supervisory authority.
Submit privacy requests to privacy@jadexstrategic.com. We will respond within one (1) month, extendable by two additional months for complex requests.
You have the right to lodge a complaint with the data protection authority in your country of residence, work, or the location of the alleged infringement. In the United Kingdom, the supervisory authority is the Information Commissioner’s Office (ico.org.uk).
Children’s Privacy
The Website is intended for a business audience and is not directed to children. Consistent with the U.S. Children’s Online Privacy Protection Act (COPPA) and the GDPR:
- We do not knowingly collect personal information from children under the age of 13 (or 16 in the European Economic Area and United Kingdom).
- If we learn that we have collected personal information from a child in violation of applicable law, we will delete that information as soon as reasonably practicable.
- If you believe a child has provided personal information through the Website, please contact us at privacy@jadexstrategic.com.
Third-Party Links & Services
The Website may contain links to third-party websites, applications, or services — including Microsoft, technology partners, industry frameworks, and reference materials — that are not owned or controlled by Jadex Strategic Group.
We do not endorse and are not responsible for the content, privacy practices, availability, or terms of use of any third-party sites or services. Your use of any third-party site or service is at your own risk and is governed by that third party’s terms and privacy policy. We encourage you to review the privacy statements of any third-party site before providing personal information.
Business Transfers
In the event that Jadex Strategic Group is involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, personal information may be transferred to a successor or affiliate as part of that transaction.
Any successor entity will be bound by the commitments in this Policy or, if the Policy is superseded, will provide notice and, where required by applicable law, an opportunity to consent, opt out, or exercise your privacy rights before your personal information becomes subject to a different privacy policy.
Security Incident Notification
In the event of a security incident that results in unauthorized access to, acquisition of, or disclosure of your personal information, Jadex Strategic Group will notify affected individuals and applicable regulators as required by applicable law and within the timeframes required by that law.
If you believe your personal information has been compromised, or if you observe suspicious activity involving the Website, please report it immediately:
Incident reporting: incident@jadexstrategic.com
Security team: security@jadexstrategic.com
Response target: Acknowledgment within one (1) business day.
Changes to This Policy
Jadex Strategic Group may update this Policy from time to time to reflect changes in our services, technology, legal requirements, or business practices. Updates will be posted on the Website with a revised “Last Updated” date.
Where changes are material, we will provide additional notice — such as a banner on the Website, an email to registered users, or another appropriate communication — before the changes take effect. Where required by applicable law, we will obtain your consent to the material changes before they apply to you.
Continued use of the Website after the effective date of any update constitutes acceptance of the revised Policy. Prior versions are available upon written request to legal@jadexstrategic.com.
Contact & Complaints
Jadex Strategic Group welcomes your questions, concerns, and comments about this Policy or our privacy practices. If you believe we have not adhered to this Policy, please contact us and we will use reasonable efforts to promptly investigate and address your concerns.
Jadex Strategic Group
Attn: Privacy & Compliance
Spring Lake, Michigan, United States
Privacy: privacy@jadexstrategic.com
Security: security@jadexstrategic.com
Incidents: incident@jadexstrategic.com
Legal: legal@jadexstrategic.com
General: contact@jadexstrategic.com
Phone: +1 (833) 568-3925
Website: https://jadexstrategic.com
Related Legal Documents
Privacy is not a checkbox — it is a discipline. We hold ourselves to the same standards we bring to the organizations we defend.
Talk to Our Privacy Team
Whether you have a question about how we handle your data, want to exercise a privacy right, or need to report a concern, our privacy and compliance team is ready to help.
