This Privacy Policy describes how Buma Technology LLC ("BuMa," "we," "us," or "our") collects, uses, and discloses information in connection with our website located at bumatechnology.com (the "Site") and the marketing, sales, and informational services we provide through it.
BuMa is a technology and integration consultancy serving mid-market and enterprise organizations. This Policy applies to information we collect from visitors to our Site and from prospects, clients, and partners who interact with us through the Site or related communications.
Important — scope. This Policy governs information collected through our Site and general business interactions. It does not govern data we access or process on behalf of a client during the course of a paid engagement (for example, data flowing through systems we integrate). That data is governed by the applicable master services agreement, statement of work, and/or data processing addendum between BuMa and the client. See "Client Engagement Data" below.
1. Information We Collect
Information You Provide to Us
- Contact and inquiry information. When you submit a contact form, request a consultation, subscribe to communications, or email us, we collect information such as your name, business email address, phone number, company name, job title, and the contents of your message.
- Business and engagement information. During the sales process and onboarding, we may collect information about your organization, systems, technical requirements, and project scope.
- Communications. Records of correspondence and other communications you have with us.
Information Collected Automatically
When you visit the Site, we and our service providers may automatically collect:
- Device and usage data, such as IP address, browser type, operating system, referring URLs, pages viewed, links clicked, and the dates and times of access.
- Cookies and similar technologies, as described in Section 3.
Information from Third Parties
We may receive information about you from third-party sources such as business contact databases, marketing and enrichment providers, and our integration and analytics partners, which we may combine with information we collect directly.
2. How We Use Information
We use the information we collect to:
- Respond to inquiries, provide quotes, and communicate about our services;
- Provide, operate, maintain, and improve the Site;
- Send marketing, newsletters, and informational content (where permitted, and with the ability to opt out);
- Understand how visitors use the Site and improve our offerings;
- Detect, prevent, and address security incidents, fraud, and technical issues;
- Comply with legal obligations and enforce our agreements.
3. Cookies and Tracking Technologies
We use cookies, web beacons, and similar technologies to operate the Site, remember preferences, analyze traffic, and measure the effectiveness of our content. These may include:
- Essential cookies required for the Site to function.
- Analytics cookies (for example, from analytics providers such as Google Analytics) that help us understand usage.
- Marketing cookies that help us deliver and measure relevant communications.
You can control cookies through your browser settings and, where offered, through cookie-preference controls on the Site. Disabling certain cookies may affect Site functionality.
4. Legal Bases for Processing (EEA/UK Visitors)
Where the EU/UK General Data Protection Regulation applies, we process personal data on the following legal bases: your consent; the performance of a contract or steps taken at your request prior to entering a contract; our legitimate interests in operating and growing our business (balanced against your rights); and compliance with legal obligations.
5. How We Share Information
We do not sell your personal information. We may share information:
- With service providers who perform services on our behalf — for example, website hosting, analytics, email and CRM platforms, and payment processing — under contractual obligations to protect the information.
- With professional advisors, such as legal, accounting, and compliance advisors.
- In connection with a business transaction, such as a merger, acquisition, financing, or sale of assets, in which case information may be transferred as part of that transaction.
- To comply with law, respond to lawful requests, protect our rights and the safety of others, or enforce our agreements.
"Sharing" for cross-context behavioral advertising. Certain US state privacy laws, including the California Privacy Rights Act (CPRA), define "sharing" to include the disclosure of personal information — for example, through advertising or retargeting cookies — for cross-context behavioral advertising.
BuMa does not use advertising, retargeting, or social-media pixels (such as Google Ads, the Meta/Facebook pixel, or the LinkedIn Insight Tag) on the Site, and we do not "sell" or "share" your personal information for cross-context behavioral advertising. The analytics tools we use (see Section 3) help us understand how the Site is used and are not used to deliver cross-context behavioral advertising.
Where applicable, you may exercise your opt-out rights as described in Section 9, and we honor recognized opt-out preference signals, including the Global Privacy Control (GPC).
6. Third-Party Services and Links
The Site may contain links to third-party websites and may integrate third-party tools. We are not responsible for the privacy practices of those third parties, and we encourage you to review their privacy policies.
7. Data Security
BuMa maintains administrative, technical, and physical safeguards designed to protect information against unauthorized access, loss, misuse, or alteration, and we periodically review and update these measures. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
8. Data Retention
We retain personal information for as long as necessary to fulfill the purposes described in this Policy, including to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we take reasonable steps to delete or de-identify it.
9. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information.
California Residents (CCPA/CPRA)
If you are a California resident, you may have the right to:
- Know the categories and specific pieces of personal information we collect, use, and disclose;
- Request deletion or correction of your personal information;
- Opt out of the "sale" or "sharing" of personal information (note: we do not sell personal information);
- Limit the use of sensitive personal information;
- Not be discriminated against for exercising your rights.
Categories of personal information. In the preceding 12 months, we may have collected the following categories of personal information, as defined by the CCPA:
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email address, phone number, IP address | Yes |
| Commercial information | Services inquired about, transaction records | Yes |
| Internet/network activity | Browsing and usage data, interactions with the Site | Yes |
| Professional/employment information | Company name, job title | Yes |
| Geolocation data | General location inferred from IP address | Yes |
| Inferences | Profiles drawn from the above to understand preferences | Yes |
We collect these from the sources described in Section 1, use them for the purposes in Section 2, and disclose them to the categories of recipients in Section 5. We do not collect Social Security numbers, government IDs, financial account credentials, or other sensitive categories through the Site in the ordinary course.
Opt-out of sale/sharing. We do not sell personal information. To the extent we "share" personal information for cross-context behavioral advertising (see Section 5), you may opt out by emailing us at support@bumatechnology.com. We also honor the Global Privacy Control (GPC) browser signal.
Authorized agents. You may use an authorized agent to submit a request on your behalf. We may require the agent to provide proof of authorization and may verify your identity directly.
EEA, UK, and Other Jurisdictions (GDPR and similar laws)
You may have the right to access, correct, delete, restrict, or object to our processing of your personal information, to data portability, and to withdraw consent. You also have the right to lodge a complaint with your local supervisory authority.
Other US State Residents
If you reside in a state with a comprehensive consumer privacy law — including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others — you may have rights to confirm whether we process your personal information, access it, correct it, delete it, obtain a portable copy, and opt out of targeted advertising, the sale of personal information, and certain profiling. We do not sell personal information.
Right to appeal. If we decline to act on your request, you may appeal that decision by contacting us at the address in Section 13 with the subject line "Privacy Appeal." We will respond to your appeal within the timeframe required by your state's law. If your appeal is denied, you may contact your state attorney general's office.
To exercise any of these rights, contact us using the details in Section 13. We will respond consistent with applicable law and may need to verify your identity.
10. International Data Transfers
BuMa is based in the United States, and the information we collect may be processed in the United States and other countries that may have different data protection laws than your jurisdiction. Where required, we implement appropriate safeguards for such transfers.
11. Client Engagement Data
In the course of providing our services, BuMa may access, process, or store data belonging to our clients and their end users. The collection, use, and protection of that data is governed by the applicable agreement (e.g., master services agreement, statement of work, and/or data processing addendum) between BuMa and the client — not by this Policy. In those engagements, the client is generally the data controller and BuMa acts as a data processor or service provider, processing data only on the client's documented instructions.
12. Children's Privacy
The Site is intended for businesses and individuals who are at least 18 years old. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.
13. Contact Us
If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at:
189 S Orange Ave, Suite 2020 #B
Orlando, FL 32801
Email: support@bumatechnology.com
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date above and, where appropriate, provide additional notice. Your continued use of the Site after changes become effective constitutes acceptance of the revised Policy.
15. Governing Law
This Privacy Policy and any disputes arising from it are governed by the laws of the State of Florida, without regard to its conflict-of-laws principles.