Skip to main content

Privacy Policy

Last updated: May 10, 2026

Dioval Group ("we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit dioval.com and use our services.

1. Information We Collect

Information You Provide Voluntarily:

  • Name, email address, company, job title, and phone number when you fill out forms (contact, booking, free chapter download, scorecard, newsletter)
  • Industry, AI challenge description, and number of production agents when requesting an executive briefing
  • Payment information when you purchase books or services (processed by our payment provider; we do not store card details)
  • Any additional information you choose to share in form text fields or during consultations

Information Collected Automatically:

  • Device type, browser type, operating system, and screen resolution
  • IP address (anonymized when stored)
  • Pages visited, time spent on pages, referring URL, and click patterns
  • Cookies and similar tracking technologies (see Section 5)

2. How We Use Your Information

  • To respond to your inquiries and schedule consultations
  • To deliver purchased products (book volumes, enterprise licenses)
  • To provide and improve our audit, orchestration, and compliance services
  • To send you relevant content, updates, and marketing communications (only with your consent)
  • To analyze website usage patterns and improve user experience
  • To detect, prevent, and address technical issues or fraudulent activity
  • To comply with legal obligations and enforce our terms

3. Legal Basis for Processing (GDPR)

For individuals in the European Economic Area (EEA) and UK, we process personal data under these legal bases:

  • Consent: When you opt in to marketing communications or accept analytics cookies
  • Contract: When processing is necessary to deliver services you've purchased or requested
  • Legitimate Interest: For website analytics (with anonymized data), fraud prevention, and service improvement
  • Legal Obligation: When required by applicable law or regulation

4. Information Sharing & Disclosure

We do not sell, trade, or rent your personal information. We may share information with:

  • Service Providers: Payment processors, email delivery services, and hosting providers who assist in our operations, bound by confidentiality agreements
  • Analytics Partners: Google Analytics (with IP anonymization enabled) to understand website usage
  • Legal Requirements: When required by law, subpoena, or to protect our rights, safety, or property
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users

5. Cookies & Tracking Technologies

We use the following categories of cookies:

  • Essential Cookies: Required for basic site functionality (cookie consent preference). Cannot be disabled.
  • Analytics Cookies: Google Analytics cookies to understand how visitors interact with our site. Only loaded after you provide consent via our cookie banner.

You can manage cookie preferences through the cookie consent banner on your first visit, or by clearing your browser's local storage. You can also disable cookies in your browser settings, though this may affect site functionality.

6. Data Retention

  • Contact form submissions and consultation records: retained for 3 years after last interaction
  • Purchase records: retained for 7 years for tax and accounting compliance
  • Analytics data: aggregated and anonymized; raw data deleted after 26 months
  • Marketing consent records: retained as long as you remain subscribed, plus 1 year after unsubscribe

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Restriction: Request that we limit processing of your data
  • Portability: Request your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw previously given consent at any time

To exercise any of these rights, email us at support@dioval.com. We will respond within 30 days.

For EU/EEA residents: These rights are provided under the General Data Protection Regulation (GDPR). For California residents: These rights are provided under the California Consumer Privacy Act (CCPA).

8. International Data Transfers

Your information may be transferred to and processed in the United States. If you are located in the EEA or UK, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) to protect your data in accordance with GDPR requirements.

9. Data Security

We implement industry-standard security measures including HTTPS encryption, secure hosting infrastructure, access controls, and regular security reviews. Payment processing is handled entirely by Stripe, which is PCI DSS Level 1 certified. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such data, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Your continued use of the site after changes constitutes acceptance.

12. Contact Us

If you have questions about this Privacy Policy or our data practices:

Email: support@dioval.com
Web: dioval.com/contact
Address: Dioval Group · Seattle, WA · United States

If you are in the EEA and are unsatisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.