CICOR Marketing, Inc.
Privacy Policy & Terms of Use
Effective Date: September 28, 2025
URL: https://cicormarketing.com/privacy-policy/
Privacy Officer: Chris Vargas
1. Introduction & Scope
CICOR Marketing believes strongly in protecting your privacy. That’s why we’re committed to the Direct Marketing Association’s “Privacy Promise to American Consumers.” We have agreed to:
- Provide customers with notice of their ability to opt out of information rental, sale, or exchange with other marketers;
- Honor customers’ requests not to share their information with other marketers; and
- Honor customers’ requests not to receive mail, telephone, or other solicitations from CICOR Marketing, Inc.
CICOR Marketing (“we,” “us,” “our”) is committed to protecting your privacy and giving you control over how your information is collected, used, and shared. This Privacy Policy and Terms of Use (the “Policy”) describes:
- The types of personal information we collect;
- How we use, share, store, and protect that information;
- Your rights and choices regarding your data;
- Additional considerations for automated systems (CRM, AI, etc.);
- Special rules for users outside the U.S.;
- Our legal terms regarding notices, jurisdiction, etc.
By accessing or using our website, services, or communications, you consent to the practices described herein.
2. Information We Collect & Sources
2.1 Voluntarily Provided Information
When you interact with us (register, place an order, submit a form), we may collect:
- Identity & contact data: Name, email, phone, address, company information
- Transaction & communication history: Purchase records, service requests, support interactions
- User-generated content: Reviews, comments, feedback, uploaded files
- Preference data: Communication preferences, service interests, customization settings
2.2 Automatically Collected Information
Through cookies and tracking tools, we may collect:
- Technical data: IP address, browser type, device information, operating system
- Usage data: Page views, clicks, session times, navigation patterns
- Geolocation data: Approximate location based on IP address
- Performance data: Load times, error reports, feature usage
2.3 Third-Party Sources
We may obtain information from:
- Advertising networks: Google Ads, Facebook Ads, LinkedIn Ads
- Data enrichment platforms: ZoomInfo, Clearbit, HubSpot integrations
- Business partners: Referral partners, integration partners
- Public records: Business directories, professional networks, social media profiles
2.4 Biometric Data
We do not intentionally collect biometric identifiers such as fingerprints, voiceprints, or facial recognition data. If any such data is inadvertently collected through third-party integrations, it will be immediately deleted upon discovery.
3. Use of CRMs, AI & Automation
3.1 CRM Systems
CICOR Marketing uses the following CRM platforms:
- HubSpot: Lead management, contact tracking, email automation, marketing campaigns
Purpose:
- Manage customer and lead data
- Track interactions and communication history
- Automate follow-ups and record preferences
- Generate analytics and reporting
- Send marketing communications and newsletters
Access to CRM data is limited to authorized staff and third-party providers under strict confidentiality obligations.
3.2 AI & Automated Systems
We may use AI and automation for:
- Personalization and lead scoring: Customizing content and prioritizing leads
- Predictive analytics: Forecasting customer behavior and preferences
- Chatbots or automated replies: Providing immediate customer support
- Content optimization: Improving website and marketing materials
- Fraud detection: Identifying suspicious activities and protecting accounts
Where automated decisions may significantly impact users (such as service eligibility or pricing), we include human review as legally required and provide mechanisms for appeal.
3.3 Data Flows Between Systems
We maintain safeguards for data transfers, including:
- Encryption: All data transfers use TLS 1.2+ encryption
- Role-based access: Staff access limited by job function
- Audit logging: All data access and modifications tracked
- Opt-out tagging: Marketing preferences synchronized across all systems
4. How We Use Your Information
We use your data to:
- Fulfill services and orders
- Respond to inquiries and provide customer support
- Process payments and manage accounts
- Send relevant communications and updates
- Personalize experiences and recommendations
- Conduct analysis and improve our services
- Ensure security and comply with legal obligations
- Prevent fraud and maintain system integrity
4.1 Inbound Lead & Quote Inquiry Assurance
When you contact us for a quote or consultation, your information is used solely to respond to that inquiry. We will not:
- Subscribe you to unrelated communications without your explicit consent
- Use your information for marketing purposes unless you opt in
- Share it with third parties for unrelated purposes
- Contact you outside of normal business hours unless specified
4.2 SMS & Text Messaging
By providing your phone number, you may receive:
- Transactional messages: Appointment confirmations, order updates, support follow-ups
- Promotional messages: Marketing offers, service announcements (with consent only)
Consent: We will only send promotional SMS with your explicit opt-in through our website forms or verbal confirmation.
Opt-out: Reply “STOP” to any message, use our preference center, or contact us directly.
Frequency: Promotional messages: up to 4 per month. Transactional messages: as needed.
Compliance: All messaging complies with TCPA, CTIA guidelines, and carrier requirements.
5. Sharing & Disclosure
5.1 Service Providers and Vendors
We share data with trusted third parties who assist in our operations:
Vendor | Purpose | Data Shared |
---|---|---|
HubSpot | CRM and email marketing | Contact info, interaction history |
Google Analytics | Website analytics | Usage data, demographics |
QuickBooks Online | Payment processing and billing | Transaction data, billing info |
Kinsta / Google Cloud | Cloud hosting and infrastructure | All data (encrypted) |
CloudFlare | Edge server and security | Website traffic data |
5.2 Business Partners
We may share data with:
- Integration partners: With your explicit consent for service delivery
- Referral partners: Contact information for qualified leads (with consent)
5.3 Legal and Regulatory Disclosure
We may disclose information when:
- Required by law, regulation, or court order
- Necessary to protect our rights or property
- In response to valid government requests
- To prevent fraud or security threats
5.4 Business Transfers
In case of mergers, acquisitions, or asset sales, your information may be transferred to the acquiring entity, subject to the same privacy protections.
Important: We do not sell or rent personal data to third parties. We do not engage in the sale or sharing of personal information as defined by the California Consumer Privacy Act (CCPA). Data shared with service providers (such as our CRM systems) is solely for the purpose of delivering our services to you and is governed by strict confidentiality agreements. Aggregate, anonymized data may be shared for research or benchmarking purposes.
6. International Users & Data Transfers
6.1 General International Considerations
Users outside the U.S., including those in the European Union (EU), United Kingdom (UK), and other jurisdictions, should be aware that their personal information may be transferred to, stored, and processed in the United States, where data protection laws may differ.
CICOR Marketing takes appropriate steps to ensure that such transfers comply with applicable data protection laws, including:
- Implementing Standard Contractual Clauses (SCCs) approved by the European Commission
- Ensuring that service providers receiving international personal data commit to GDPR-compliant safeguards
- Conducting Transfer Impact Assessments where required
- Limiting transfers to the minimum data necessary for legitimate business purposes
6.2 European Union (GDPR) Rights
If you are located in the EU, you have specific rights under the General Data Protection Regulation (GDPR):
Enhanced Rights:
- Right of access: Obtain confirmation of processing and access to your data
- Right to rectification: Correct inaccurate or incomplete data
- Right to erasure (“right to be forgotten”): Delete data in certain circumstances
- Right to restrict processing: Limit how we use your data
- Right to data portability: Receive your data in a structured, commonly used format
- Right to object: Object to processing based on legitimate interests
- Right to withdraw consent: Withdraw consent for voluntary processing
- Right to lodge a complaint: File complaints with supervisory authorities
Legal Basis for Processing:
- Consent: For marketing communications and optional services
- Contract: To fulfill our services and customer agreements
- Legitimate interests: For business operations, fraud prevention, and analytics
- Legal obligation: To comply with applicable laws and regulations
EU Representative: For GDPR matters, contact our Privacy Officer who serves as our EU representative.
6.3 United Kingdom (UK GDPR)
UK residents have similar rights to EU residents under UK GDPR. Contact our Privacy Officer for UK-specific requests.
6.4 Other International Jurisdictions
We monitor privacy law developments globally and update our practices to ensure compliance with applicable regulations in jurisdictions where we operate.
7. Data Retention & Deletion
7.1 Retention Schedule
Data Type | Retention Period | Legal Basis |
---|---|---|
Customer account data | 7 years after account closure | Tax and legal compliance |
Marketing contacts | 3 years after last interaction | Legitimate business interest |
Website analytics | 26 months | Google Analytics standard |
Support tickets | 5 years after resolution | Customer service records |
Financial records | 7 years | Tax compliance |
Email marketing data | Until unsubscribe + 30 days | CAN-SPAM compliance |
Inactive leads | 2 years after last contact | Lead management |
7.2 Deletion Process
Upon request or automatic expiration:
- Data is permanently deleted or anonymized within 30 days
- Backups are purged within 90 days
- Legal compliance exceptions may apply
- Confirmation provided to requestor when complete
8. Your Rights & Choices
8.1 Universal Rights
All users may:
- Access: Request copies of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request removal of your data (subject to legal exceptions)
- Objection: Object to certain types of processing
- Portability: Receive your data in a portable format
- Withdraw consent: Opt out of voluntary data processing
8.2 Data Subject Access Request Process
How to Submit:
- Email: Send request to privacy@cicormarketing.com
- Phone: Call 855-424-2676 and ask for the Privacy Officer
- Mail: Write to Privacy Officer at our address below
Required Information:
- Full name and contact information
- Specific type of request (access, deletion, correction, etc.)
- Account information or order numbers (if applicable)
- Government-issued ID for identity verification
Response Timeline:
- Acknowledgment: Within 3 business days
- Initial response: Within 15 business days
- Complete response: Within 30 days (may extend to 60 days for complex requests)
Fees: No charge for reasonable requests. Excessive or repetitive requests may incur administrative fees.
9. California Privacy Rights (CCPA/CPRA)
9.1 California Residents’ Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
Right to Know:
- Categories of personal information collected
- Specific pieces of personal information about you
- Sources of information collection
- Business or commercial purposes for collection
- Categories of third parties with whom we share information
Right to Delete: Request deletion of personal information we have collected about you
Right to Opt-Out: Opt out of the “sale” or “sharing” of your personal information
Right to Correct: Request correction of inaccurate personal information
Right to Limit: Limit the use and disclosure of sensitive personal information
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
9.2 Categories of Personal Information We Collect
Category | Examples | Collected | Business Purpose |
---|---|---|---|
Identifiers | Name, email, phone, IP address | Yes | Customer service, marketing |
Commercial information | Purchase history, service records | Yes | Order fulfillment, analytics |
Internet activity | Website usage, clicks, pages viewed | Yes | Website optimization |
Geolocation data | Approximate location from IP | Yes | Service delivery, analytics |
Professional information | Job title, company, industry | Yes | Business communications |
Inferences | Preferences, characteristics, behavior | Yes | Personalization, marketing |
9.3 Sale and Sharing of Personal Information
We do not sell personal information. CICOR Marketing does not engage in the sale or sharing of personal information as defined under CCPA/CPRA. Our data sharing is limited to:
- Service providers: CRM systems, email platforms, and analytics tools that help us deliver services
- Legal compliance: When required by law or regulation
- Business operations: With strict confidentiality agreements for service delivery only
Since we do not sell or share personal information for commercial purposes, California residents do not need to opt-out of sales/sharing. However, you can still contact us to limit any data processing activities.
Contact for Data Requests: Email privacy@cicormarketing.com with your specific request.
9.4 Sensitive Personal Information
We may collect the following sensitive personal information:
- Precise geolocation (only with explicit consent)
- Account login credentials (encrypted)
We do not use or disclose sensitive personal information for purposes other than those specified in CPRA regulations.
10. Security Measures
We protect your information with comprehensive security measures:
10.1 Technical Safeguards
- Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
- Access controls: Multi-factor authentication, role-based permissions
- Network security: Firewalls, intrusion detection, VPN access
- Data backup: Encrypted, geographically distributed backups
- Vulnerability management: Regular security scans and penetration testing
10.2 Administrative Safeguards
- Staff training: Annual privacy and security training for all employees
- Confidentiality agreements: All staff and contractors sign confidentiality agreements
- Background checks: Security clearances for staff with data access
- Incident response: Formal breach response and notification procedures
- Vendor management: Security assessments for all third-party providers
- Remote work security: Secure VPN access, encrypted devices, and secure home office protocols
10.3 Physical and Environment Safeguards
Physical Office:
- Secure business address: Professional office space for client meetings and business operations
- Limited access: Office used primarily for client meetings rather than daily operations
- Document security: Secure storage and disposal of any physical documents when needed
Remote Work Environment: As a primarily remote organization:
- Microsoft 365 environment: Enterprise-grade security controls, multi-factor authentication, data loss prevention
- Google Workspace: Advanced security features, encrypted storage, access controls
- Device management: Company-issued encrypted laptops and mobile devices with remote wipe capabilities
- Secure communications: All business communications through encrypted platforms
- Cloud security: All data stored in enterprise cloud environments with industry-standard security measures
- Remote work security: Secure VPN access, encrypted devices, and secure home office protocols
10.4 Breach Notification
In the event of a security breach affecting personal information:
- Detection: Immediate investigation and containment
- Assessment: Risk evaluation within 24 hours
- Notification timing: Affected individuals notified within 72 hours when legally required
- Information provided: Nature of breach, data affected, steps being taken, protective measures recommended
- Regulatory reporting: Compliance with applicable breach notification laws
No system is completely secure. We continuously monitor and improve our security measures to protect your information.
11. Children’s and Teen Privacy
11.1 Children Under 13
CICOR Marketing does not knowingly collect personal information from children under 13 years of age. Our services are not directed to children under 13.
If we discover that we have collected information from a child under 13:
- We will delete the information immediately
- We will not use the information for any purpose
- We will not disclose the information to third parties
11.2 Teens (13-17 Years Old)
For users between 13-17 years old:
- Parental consent: Required for certain data collection and marketing communications
- Limited data collection: Only information necessary for basic service provision
- Enhanced protection: Additional safeguards for teen user data
- Education: Clear explanations of privacy practices in age-appropriate language
11.3 Parent/Guardian Rights
If you are a parent or guardian and believe your child has provided us with personal information:
- Contact us immediately using the information in Section 15
- Request access to your child’s information
- Request deletion of your child’s data
- Opt out of any communications to your child
12. Cookies & Tracking Technologies
12.1 Types of Cookies We Use
Cookie Type | Purpose | Duration | Opt-Out Available |
---|---|---|---|
Essential | Website functionality | Session | No (required for operation) |
Analytics | Website performance tracking | 24 months | Yes |
Marketing | Targeted advertising | 12 months | Yes |
Preference | User settings and preferences | 12 months | Yes |
12.2 Cookie Management
Preference Center: You can control cookies through your browser settings or by contacting us at privacy@cicormarketing.com:
- Chrome: Settings > Privacy and Security > Cookies
- Firefox: Settings > Privacy & Security > Cookies and Site Data
- Safari: Preferences > Privacy > Cookies and Website Data
- Edge: Settings > Cookies and Site Permissions
12.3 Third-Party Tracking
We use the following third-party tracking technologies:
Google Analytics:
- Purpose: Website analytics and user behavior tracking
- Opt-out: Google Analytics Opt-out Browser Add-on
Facebook Pixel:
- Purpose: Social media advertising and conversion tracking
- Opt-out: Facebook Ad Preferences
LinkedIn Insight Tag:
- Purpose: Professional network advertising
- Opt-out: LinkedIn Ad Settings
12.4 Do Not Track Signals
Currently, we do not respond to “Do Not Track” browser signals as there is no uniform standard for handling such signals.
13. Marketing Communications Preferences
13.1 Granular Communication Controls
You can customize your communication preferences for different types of messages:
Email Communications:
- Service updates and account notifications
- Educational content and industry insights
- Product announcements and new features
- Promotional offers and marketing
- Event invitations and webinars
- Newsletter and blog updates
SMS/Text Messages:
- Appointment reminders and confirmations
- Order status and delivery updates
- Important account notifications
- Promotional offers (requires separate opt-in)
Phone Communications:
- Customer service and support calls
- Appointment scheduling and confirmations
- Sales and consultation calls (with consent)
Frequency Options:
- Daily updates
- Weekly digest
- Monthly summary
- Special occasions only
- Immediate/urgent only
13.2 Preference Management
Update Preferences:
- Email: Send preferences to privacy@cicormarketing.com
- Phone: Call 855-424-2676
- Unsubscribe links: Use the unsubscribe option in any marketing email
Global Unsubscribe:
- Click “Unsubscribe” in any marketing email
- Reply “STOP” to SMS messages
- Email privacy@cicormarketing.com with “UNSUBSCRIBE ALL” in subject line
- Call our Privacy Officer at 855-424-2676
Changes to preferences take effect within 48 hours for email, immediately for SMS.
14. Policy Changes
CICOR Marketing may update this Privacy Policy at any time to reflect:
- Changes in our business practices
- Updates to applicable laws and regulations
- New features or services
- Enhanced security measures
Notification of Changes:
- All changes: Updated effective date posted on this page
- Your responsibility: We encourage you to review this policy periodically to stay informed about how we protect your personal information
Your Acceptance:
- Continued use of our services after changes indicates acceptance of the revised policy
- If you disagree with changes, you may discontinue use or request account deletion
Version History: Previous versions of this policy are available upon request.
15. Legal Terms
15.1 Electronic Communications
By using our services, you consent to receive communications electronically. We may communicate with you by email or by posting notices on our website. You agree that all agreements, notices, disclosures, and other communications we provide electronically satisfy any legal requirement that such communications be in writing.
15.2 Jurisdiction and Governing Law
This Privacy Policy is governed by the laws of the State of Florida, without regard to conflict of law principles. Any disputes arising from this Policy shall be subject to the exclusive jurisdiction of the state and federal courts located in Tampa, Florida.
15.3 Severability
If any provision of this Privacy Policy is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that the remainder of this Policy will remain in full force and effect.
15.4 Assignment
You may not assign, transfer, or sublicense any of your rights or obligations under this Privacy Policy without our express written consent. CICOR Marketing may assign this Policy in connection with a merger, acquisition, reorganization, or sale of assets, or by operation of law.
15.5 Entire Agreement
This Privacy Policy, together with our Terms of Service, represents the complete agreement between you and CICOR Marketing regarding privacy and data protection matters and supersedes all prior or contemporaneous communications and proposals relating to such matters.
15.6 Waiver
Our failure to enforce any provision of this Privacy Policy will not constitute a waiver of that provision or any other provision.
16. Contact Information
Privacy Officer: Chris Vargas
Company: CICOR Marketing, Inc.
Email: privacy@cicormarketing.com
Phone: 855-424-2676
Address: 100 S Ashley Dr, Suite 600, Tampa, FL 33602, USA
Business Hours: Monday – Friday, 9:00 AM – 5:00 PM EST
For California Residents: Email privacy@cicormarketing.com for any privacy requests. Since we do not sell personal information, no “Do Not Sell” requests are necessary.
Emergency Privacy Matters: For urgent privacy-related security issues, call our main number and request immediate escalation to the Privacy Officer.
This Privacy Policy was last updated on September 28, 2025. We encourage you to review this policy periodically to stay informed about how we protect your personal information.