Legal

Privacy Policy

Last updated: March 2026. We take your privacy seriously. Here's exactly what we collect, why, and how we protect it.

1. Information We Collect

Contact Information: When you submit a form, book a session, or take the health score assessment, we collect your name, email address, company name, and company size. This information is provided voluntarily by you.

Technical Data: We collect standard server logs including IP addresses, browser type, and pages visited. This data is used for security monitoring and site performance.

Calculator Data: When you use our MSP or ROI calculators, the inputs and results are stored temporarily in your browser's sessionStorage. This data is not sent to our servers unless you submit a contact form.

2. How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and service requests
  • Schedule and prepare for booked sessions
  • Generate your Infrastructure Health Score report
  • Send you the newsletter (only if you subscribe)
  • Improve our website and services
  • Protect against abuse and unauthorized access

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Third-Party Services

Crisp (Live Chat): We use Crisp for live chat functionality. Crisp may set cookies in your browser to enable chat features. You can decline these cookies via our cookie consent banner. See Crisp's privacy policy.

Google Fonts: We use Google Fonts for typography. Google may collect your IP address when loading fonts. See Google's privacy policy.

4. Cookies

We use minimal cookies:

  • Session cookie (PHPSESSID): Essential for form security (CSRF protection). Expires when you close your browser.
  • Crisp cookies: Used for live chat functionality. Only set if you accept cookies.
  • localStorage: Used for cookie consent preference, dark mode preference, and calculator data. Stays on your device only.

We do not use analytics, advertising, or tracking cookies.

5. Data Security

We protect your data using:

  • HTTPS encryption for all data in transit
  • CSRF token validation on all form submissions
  • Rate limiting to prevent abuse
  • Content Security Policy headers to prevent XSS attacks
  • Server-side input validation and sanitization

6. Data Retention

Contact form submissions are delivered via email and are not stored in a database on our servers. Rate limiting data is automatically purged after 1 hour. Server logs are retained for 30 days for security purposes.

7. Your Rights

You have the right to:

  • Request access to any personal data we hold about you
  • Request deletion of your personal data
  • Opt out of any communications at any time
  • Decline non-essential cookies via our consent banner

To exercise any of these rights, contact us at engineering@pugasystems.com.

8. Changes to This Policy

We may update this policy from time to time. Material changes will be noted at the top of this page with an updated date. Continued use of the site after changes constitutes acceptance.

9. Contact

For privacy-related questions or requests, contact: engineering@pugasystems.com