Privacy Policy

Last updated: April 7, 2026

DevOpsAm ("we," "us," or "our") operates the website devopsam.com and provides cloud infrastructure consulting, security assessment, cost optimization, and managed IT services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our services.

1. Information We Collect

Information you provide directly:

• Contact and audit request information: Name, email address, company name, cloud provider, approximate monthly cloud spend, areas of concern, and any additional notes you submit through our forms.
• Communications: Emails, phone calls, or messages you send us.
• Client engagement data: Infrastructure configurations, cloud account details, access credentials (stored securely and only for the duration of the engagement), system logs, and architecture documentation shared during consulting engagements.

Information collected automatically:

• Analytics data: We use Google Analytics to collect anonymized usage data including pages visited, time on site, referral source, device type, and browser. This data is aggregated and cannot identify you personally.
• Log data: Server logs may capture IP addresses, browser type, and request timestamps for security and performance monitoring.
• Cookies: We use essential cookies for site functionality and analytics cookies (Google Analytics). No advertising or tracking cookies are used.

2. How We Use Your Information

• To respond to your audit requests and inquiries
• To deliver cloud infrastructure audits, security assessments, and consulting services
• To communicate about your engagement, findings, and recommendations
• To improve our website and service offerings
• To comply with legal obligations

We do not use your information for automated decision-making, profiling, or targeted advertising.

3. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share data only in these circumstances:

• Service providers: Google (Analytics, form processing via Google Sheets), Amazon Web Services (website hosting via S3/CloudFront). These providers process data on our behalf under their respective privacy policies.
• Legal requirements: If required by law, subpoena, court order, or government regulation.
• Business transfer: In connection with a merger, acquisition, or sale of assets, with notice to affected users.

4. Infrastructure and Client Data Security

Given the nature of our services (cloud infrastructure consulting), we handle sensitive technical data with particular care:

• Access credentials: Any cloud account credentials shared during engagements are stored in encrypted vaults (AWS Secrets Manager or equivalent), accessed only by authorized personnel, and permanently deleted upon engagement completion.
• Audit findings: Infrastructure audit reports are delivered securely and retained for 90 days after delivery unless you request extended retention or deletion.
• Least privilege: We request only the minimum access needed to perform the agreed-upon audit scope. Read-only access is preferred where possible.
• Encryption: All data in transit uses TLS 1.2+. Data at rest is encrypted using AES-256 or equivalent.
• Personnel: Only team members directly involved in your engagement access your data. All personnel are bound by confidentiality agreements.

5. Data Retention

• Form submissions: Retained for the duration of our business relationship plus 12 months.
• Client engagement data: Retained for 90 days after engagement completion, then securely deleted unless a longer retention is agreed upon.
• Analytics data: Retained per Google Analytics defaults (26 months), anonymized.
• Communications: Business correspondence retained for 3 years for legal and service continuity purposes.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict processing of your data
• Request data portability
• Withdraw consent at any time

To exercise any of these rights, contact us at contact@devopsam.com. We will respond within 30 days.

7. International Data Transfers

Our website is hosted on AWS infrastructure in the United States. If you access our services from outside the US, your data may be transferred to and processed in the United States. By using our services, you consent to this transfer. We ensure appropriate safeguards are in place for any international data transfers.

8. Third-Party Links

Our website may contain links to third-party sites (e.g., AWS, Microsoft Azure documentation). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

9. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of our website after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices:

DevOpsAm
Email: contact@devopsam.com
New York, United States