PRIVACY POLICY - Prism Architecture

PRIVACY POLICY

Prism Architecture, LLC

www.prismarch.com

Effective Date: March 11, 2026 | Last Updated: March 11, 2026

SECTION 1 — INTRODUCTION AND SCOPE

This Privacy Policy (“Policy”) describes how Prism Architecture, LLC, a Florida limited liability company (“Prism,” “Company,” “We,” “Us,” or “Our”), collects, uses, discloses, retains, and protects Personal Information in connection with Your use of Our website located at www.prismarch.com, including all subdomains, web pages, and mobile-optimized versions (the “Website”), and any related services, platforms, client portals, stock architectural plan collections, and applications offered by Prism (collectively, the “Services”).

This Policy applies to all visitors, users, clients, purchasers, and others who access or interact with the Website or Services (“You” or “Your”), whether You are browsing Our portfolio, purchasing stock architectural plans, engaging Our hourly architectural services, accessing a client portal, submitting inquiries through web forms, or communicating with Us by phone, email, or in person.

By accessing or using the Website or Services, You acknowledge that You have read, understood, and agreed to the collection, use, and disclosure practices described in this Policy. If You do not agree with this Policy, You must immediately cease using the Website and Services.

This Privacy Policy should be read in conjunction with Our Terms and Conditions, Cookie Policy, Shipping/Return/Exchange Policy, and any applicable service agreements or licensing agreements governing Your relationship with Prism.

We reserve the right to update or modify this Policy at any time in Our sole discretion. Changes will become effective immediately upon posting on the Website, and Your continued use of the Website or Services after such posting constitutes acceptance of the revised Policy. We will provide prominent notice of material changes as described in Section 18.

SECTION 2 — DEFINITIONS

“Personal Information” or “Personal Data” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable natural person or household. This includes, but is not limited to, names, email addresses, postal addresses, telephone numbers, IP addresses, device identifiers, geolocation data, financial information, and online activity data.

“Sensitive Personal Information” means Personal Information that reveals Social Security numbers, driver’s license numbers, passport numbers, financial account numbers with access credentials, precise geolocation data, racial or ethnic origin, religious beliefs, health information, biometric data, or the contents of private communications.

“Processing” means any operation or set of operations performed on Personal Information, including collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, combination, restriction, erasure, or destruction.

“Service Provider” means a third party that processes Personal Information on Our behalf and subject to Our instructions, including payment processors, cloud hosting providers, analytics platforms, email service providers, and professional consultants.

“Third Party” means any person, company, or entity other than Prism and its Service Providers.

“Controller” means the entity that determines the purposes and means of Processing Personal Information. For the purposes of this Policy, Prism Architecture, LLC is the Controller of Your Personal Information.

“Cookies” has the meaning set forth in Our Cookie Policy, available on the Website.

SECTION 3 — INFORMATION WE COLLECT

3.1 Information You Provide Directly

We collect Personal Information that You voluntarily provide to Us through the Website, Services, or other communications, including:

Account Registration: Full name, email address, username, password, phone number, and business or company name.
Service Inquiries and Consultations: Project details, property addresses, job site locations, budget parameters, design preferences, scope of work descriptions, and any other information You provide in connection with a request for architectural services.
Stock Plan Purchases: Billing name and address, shipping address (if applicable), email address, payment card details (credit card number, expiration date, billing ZIP code), and order details. We do not store CVV/security codes.
Client Portal: Project files, documents, correspondence, construction drawings, specifications, change orders, and other materials uploaded or exchanged through the client portal.
Contact Forms and Communications: Name, email address, phone number, message content, and any attachments You submit through Our contact forms, live chat, or customer service channels.

Call Tracking and Telephone Communications: When You call Us using any telephone number displayed on the Website or in Our marketing materials, Your call may be routed through a third-party call tracking service (currently 800.com). Through this service, We may collect: Your calling telephone number (caller ID), the date, time, and duration of Your call, the specific tracking number You dialed, the geographic region associated with Your telephone number, and call recordings (where permitted by applicable law and disclosed at the beginning of the call). We use dynamic number insertion (DNI) technology, which may display different telephone numbers to different Website visitors for the purpose of measuring advertising effectiveness and attributing inquiries to specific marketing channels.
Professional Credentials: If You are a licensed professional engaging Our services, We may collect Your professional license number, firm name, and relevant certifications.
Marketing Preferences: Email address, communication preferences, and subscription choices when You sign up for Our newsletters, promotions, or marketing communications.

3.2 Information Collected Automatically

When You visit or interact with the Website, We automatically collect certain information through standard web technologies, including Cookies, web beacons, tracking pixels, and server logs:

Device and Browser Information: Browser type and version, operating system, device type (desktop, mobile, tablet), screen resolution, device identifiers, and language preferences.
Network Information: Internet Protocol (IP) address, internet service provider (ISP), and general geographic location derived from Your IP address.
Usage Information: Pages visited, date and time of access, duration of visit, referring URL, navigation paths, search terms used on the Website, clicks, scrolls, and other interaction data.
Cookie Data: Information collected through Cookies and similar technologies, as further described in Our Cookie Policy.

3.3 Information from Third-Party Sources

We may receive Personal Information about You from third-party sources, including:

Payment Processors: Transaction confirmation details, fraud screening results, and payment verification data from Our payment processing partners.
Analytics Providers: Aggregated and individual-level analytics data from Google Analytics and similar platforms.
Public Records and Professional Databases: Business registration information, professional licensing data, and publicly available project information relevant to Our architectural services.
Social Media Platforms: Profile information if You interact with Our social media pages or use social login features (if offered).
Referrals: Contact information provided by existing clients, partners, or professional colleagues who refer You to Our services.

SECTION 4 — HOW WE USE YOUR INFORMATION

We use the Personal Information We collect for the following purposes:

4.1 Providing and Maintaining Services

Operating, maintaining, and improving the Website and Services.
Processing transactions, fulfilling orders for stock architectural plans, and delivering purchased digital products.
Administering client accounts, managing project files, and facilitating communications through the client portal.
Scheduling consultations, managing architectural service engagements, and coordinating project milestones.
Providing customer support and responding to inquiries, complaints, and requests.

4.2 Communications

Sending transactional emails related to Your account, purchases, and service engagements (e.g., order confirmations, project updates, invoice notifications).
Sending marketing and promotional communications about Our services, stock plan collections, special offers, and industry news (with Your consent where required by applicable law).
Providing important notices regarding changes to Our policies, terms, or services.

4.3 Security and Fraud Prevention

Detecting, preventing, and investigating fraudulent transactions, unauthorized access, and other illegal or suspicious activities.
Protecting the rights, property, and safety of Prism, Our clients, and the public.
Enforcing Our Terms and Conditions, service agreements, and other legal rights.
Verifying user identities and authenticating account access.

4.4 Analytics and Improvement

Analyzing user behavior, Website traffic patterns, and usage trends to improve the design, functionality, and content of the Website.
Conducting internal research, A/B testing, and data analysis to enhance Our services and user experience.
Generating aggregated, de-identified, or anonymized data for statistical analysis and business intelligence.

4.5 Legal and Regulatory Compliance

Complying with applicable federal, state, and local laws, regulations, and legal processes.
Responding to lawful requests from law enforcement, government agencies, and regulatory authorities.
Establishing, exercising, or defending legal claims and rights.
Maintaining records required by professional licensing boards, building departments, and other regulatory bodies applicable to architectural practice.

SECTION 5 — SHARING AND DISCLOSURE OF INFORMATION

We do not sell, rent, lease, or trade Your Personal Information to third parties for their independent marketing purposes. We may disclose Your Personal Information in the following limited circumstances:

5.1 Service Providers

We share Personal Information with trusted Service Providers who perform functions on Our behalf, subject to contractual obligations requiring them to protect the confidentiality and security of Your data. These Service Providers include:

Payment processing companies (e.g., Stripe, PayPal, Square) for transaction processing and fraud prevention.
Cloud hosting and infrastructure providers for Website hosting and data storage.
Email service providers for transactional and marketing communications.
Analytics platforms (e.g., Google Analytics) for Website performance analysis.
Customer relationship management (CRM) platforms for managing client communications.
Professional consultants, including attorneys, accountants, and auditors, in connection with Our business operations.

5.2 Legal Requirements

We may disclose Your Personal Information when We believe in good faith that disclosure is necessary to:

Comply with applicable laws, regulations, legal processes, or enforceable governmental requests, including subpoenas, court orders, or warrants.
Enforce Our Terms and Conditions, service agreements, licensing agreements, or other contracts.
Detect, prevent, or address fraud, security incidents, or technical issues.
Protect the rights, property, safety, or vital interests of Prism, Our clients, employees, or the public as required or permitted by law.

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, dissolution, bankruptcy, or sale of all or a portion of Our assets, Your Personal Information may be transferred as part of that transaction. We will provide notice and, where required by law, seek Your consent before Your Personal Information is transferred and becomes subject to a different privacy policy.

5.4 Professional Collaboration

In connection with architectural service engagements, We may share limited project-related information with licensed contractors, engineers, consultants, building officials, and other professionals involved in Your project, to the extent necessary for the performance of services. Such sharing is governed by applicable professional standards and Our service agreements.

5.5 With Your Consent

We may share Your Personal Information with third parties when You have given Us Your express, informed consent to do so.

5.6 Aggregated and De-Identified Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify You with third parties for research, marketing, analytics, or other purposes. Such data is not considered Personal Information under this Policy.

Call Tracking and Analytics: We use 800.com for telephone call routing, tracking, recording, and analytics. 800.com processes caller ID information, call metadata, and call recordings on Our behalf to help Us measure marketing effectiveness and improve Our customer service.

SECTION 6 — DATA SECURITY

We implement reasonable and appropriate technical, administrative, and physical security measures to protect Your Personal Information from unauthorized access, disclosure, alteration, destruction, or misuse. These measures include, but are not limited to:

6.1 Technical Safeguards

Encryption of data in transit using Transport Layer Security (TLS/SSL) protocols.
Encryption of sensitive data at rest using industry-standard encryption algorithms.
Secure (HTTPS) connections for all Website pages and client portal access.
Firewalls, intrusion detection systems, and malware protection.
Regular security assessments, vulnerability scanning, and penetration testing.
Secure coding practices and code review processes.

6.2 Administrative Safeguards

Access controls limiting Personal Information access to authorized personnel on a need-to-know basis.
Employee and contractor training on data protection, privacy practices, and security awareness.
Written information security policies and incident response procedures.
Vendor due diligence and contractual data protection requirements for Service Providers.
Regular review and updating of security practices consistent with industry standards.

6.3 Physical Safeguards

Secure physical access controls for offices, server rooms, and data storage facilities.
Secure disposal of physical and electronic media containing Personal Information.

Despite these measures, no method of electronic transmission or storage is completely secure. While We strive to protect Your Personal Information, We cannot guarantee its absolute security. In the event of a data breach affecting Your Personal Information, We will notify You and applicable authorities as required by law. You are responsible for maintaining the confidentiality of Your account credentials and for all activities that occur under Your account.

SECTION 7 — DATA RETENTION

We retain Your Personal Information only for as long as necessary to fulfill the purposes for which it was collected, as described in this Policy, and as required or permitted by applicable law. Our retention periods are determined by the following criteria:

Active Accounts: We retain account information for as long as Your account is active or as needed to provide You with Services.
Transaction Records: We retain purchase and financial transaction records for a minimum of seven (7) years from the date of the transaction, as required by tax and financial regulations.
Architectural Project Records: We retain project files, correspondence, construction documents, and related records for a minimum of seven (7) years following substantial completion of the project, consistent with applicable statutes of repose, professional liability requirements, and Florida building code record retention standards. Certain records may be retained longer where required by law or professional standards.
Marketing Data: We retain marketing contact information until You unsubscribe or request deletion, plus a reasonable suppression period to honor Your opt-out preferences.
Analytics Data: Aggregated and anonymized analytics data may be retained indefinitely for business intelligence purposes.
Legal and Regulatory: We may retain Personal Information as necessary to comply with legal obligations, resolve disputes, enforce agreements, and exercise or defend legal claims.

When Personal Information is no longer necessary for the purposes described above, We will securely delete or irreversibly anonymize such information using commercially reasonable methods.

SECTION 8 — COOKIES AND TRACKING TECHNOLOGIES

We use Cookies, web beacons, tracking pixels, and similar technologies to enhance Your experience on the Website, analyze traffic and usage patterns, personalize content, and deliver targeted advertisements. With Your consent (where required by applicable law), these technologies may collect information about Your browsing behavior across the Website and other sites over time.

For comprehensive information about the types of Cookies We use, their purposes, how to manage Your Cookie preferences, and Your choices regarding Cookies, please refer to Our Cookie Policy, which is available on the Website and is incorporated into this Privacy Policy by reference.

You may manage Your Cookie preferences through Our cookie consent banner, Your browser settings, or by contacting Us at info@prismarch.com. Please note that disabling certain Cookies may impair the functionality of the Website and Your ability to use certain features of the Services.

SECTION 9 — THIRD-PARTY WEBSITES AND SERVICES

The Website may contain links to, or integrations with, external websites, applications, platforms, or services not owned or operated by Prism (“Third-Party Services”). This Policy does not apply to Third-Party Services, and We are not responsible for the privacy practices, data collection methods, security measures, or content of any Third-Party Services.

We encourage You to review the privacy policies and terms of service of any Third-Party Services before providing Your Personal Information to them. The inclusion of links to Third-Party Services on the Website does not imply endorsement, sponsorship, or affiliation with those services.

Certain Third-Party Services may be integrated with the Website to provide enhanced functionality, such as payment processing, analytics, social media sharing, and embedded content. When You interact with these integrations, the third-party provider may collect information about You independently, subject to their own privacy policies.

SECTION 10 — MARKETING COMMUNICATIONS AND OPT-OUT

10.1 Marketing Emails

With Your consent (where required by applicable law), We may send You marketing and promotional communications about Our services, stock plan collections, special offers, events, and industry news. You may opt out of receiving marketing emails at any time by:

Clicking the “unsubscribe” link included in every marketing email.
Contacting Us directly at info@prismarch.com with a request to be removed from Our marketing list.
Adjusting Your communication preferences in Your account settings (if applicable).

Please allow up to ten (10) business days for Your opt-out request to take effect. Please note that even if You opt out of marketing communications, We may continue to send You transactional and service-related communications (such as order confirmations, account notices, security alerts, and project updates) as these are not considered marketing communications.

10.2 SMS/Text Messages

We will not send You SMS or text message marketing communications unless You have provided express written consent as required by the Telephone Consumer Protection Act (TCPA) and applicable state laws. You may opt out of text messages at any time by replying “STOP” to any message or by contacting Us at info@prismarch.com.

10.3 Interest-Based Advertising

We may participate in interest-based or behavioral advertising programs that use Cookies and similar technologies to deliver targeted advertisements. You may opt out of interest-based advertising through the Digital Advertising Alliance (DAA) at www.aboutads.info/choices, the Network Advertising Initiative (NAI) at www.networkadvertising.org/choices, or by adjusting Your Cookie preferences as described in Our Cookie Policy.

10.4 Call Tracking and Recording.

We use 800.com, a third-party call tracking and analytics platform, to route and monitor telephone calls made to Our business. When You call any telephone number displayed on the Website, in Our advertisements, or in Our marketing materials, Your call may be processed through 800.com’s platform.

Through this service, the following information may be collected:

Your calling telephone number (caller ID/ANI)
Call date, time, duration, and disposition
The marketing source or webpage that prompted Your call
Geographic location data derived from Your telephone number
Call recordings, where applicable and where You are notified at the beginning of the call

Call Recording Notice: Calls may be recorded for quality assurance, training, and compliance purposes. If Your call is being recorded, You will be informed at the beginning of the call through an automated disclosure. By continuing the call after hearing the recording disclosure, You consent to the recording. If You do not consent, You may disconnect the call and contact Us via email at info@prismarch.com.

We use dynamic number insertion (DNI) technology on the Website, which displays different telephone numbers to different visitors based on the marketing channel through which they arrived. This technology helps Us measure the effectiveness of Our advertising and attribute inquiries to specific campaigns. DNI does not collect any Personal Information beyond what is described above.

Call tracking data is retained for a period consistent with Our general data retention practices as described in Section 7. Call recordings are retained for no longer than twenty-four (24) months unless required for ongoing legal matters or regulatory compliance.

800.com’s privacy practices are governed by their own privacy policy. For more information, visit https://www.800.com/privacy.

You may request deletion of Your call tracking data by contacting Us at info@prismarch.com, subject to applicable legal retention requirements.

SECTION 11 — CHILDREN’S PRIVACY

The Website and Services are intended for a general audience and are not directed to children under the age of sixteen (16). We do not knowingly collect, solicit, or maintain Personal Information from children under sixteen (16). If We become aware that We have collected Personal Information from a child under sixteen (16) without verifiable parental or guardian consent, We will take prompt steps to delete that information from Our systems.

If You are a parent or legal guardian and believe that Your child under sixteen (16) has provided Us with Personal Information without Your consent, please contact Us immediately at info@prismarch.com so that We can take appropriate action.

SECTION 12 — FLORIDA DIGITAL BILL OF RIGHTS (FDBR)

If You are a Florida resident, You may have the following rights under the Florida Digital Bill of Rights (Florida Statute § 501.701 et seq.), effective July 1, 2024:

12.1 Your Rights

Right to Know: You have the right to confirm whether We are Processing Your Personal Information and to access such information.
Right to Correct: You have the right to request correction of inaccurate Personal Information that We maintain about You.
Right to Delete: You have the right to request deletion of Personal Information that You have provided to Us or that We have obtained about You, subject to certain exceptions.
Right to Obtain a Copy: You have the right to obtain a copy of Your Personal Information in a portable, readily usable format.
Right to Opt Out: You have the right to opt out of the Processing of Your Personal Information for the purposes of targeted advertising, the sale of Personal Information, and profiling in furtherance of decisions that produce legal or similarly significant effects.

12.2 Exercising Your Rights

To exercise any of the rights described above, You may submit a verifiable consumer request by contacting Us at info@prismarch.com or by mail at the address set forth in Section 20. We will authenticate Your request and respond within fifteen (15) days, with a possible extension of up to an additional fifteen (15) days where reasonably necessary. You may designate an authorized agent to submit requests on Your behalf.

12.3 Non-Discrimination

We will not discriminate against You for exercising Your rights under the FDBR. We will not deny You Services, charge You different prices, provide a different level or quality of Services, or suggest that You will receive different treatment for exercising Your privacy rights.

12.4 Appeal Process

If We decline to take action on Your request, You may appeal Our decision by contacting Us at info@prismarch.com with the subject line “Privacy Rights Appeal.” We will respond to Your appeal within sixty (60) days. If Your appeal is denied, You may contact the Florida Attorney General’s office to file a complaint.

SECTION 13 — CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

If You are a California resident, You have additional rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”):

13.1 Right to Know

You have the right to request that We disclose to You: the categories of Personal Information We have collected about You; the categories of sources from which the Personal Information was collected; the business or commercial purpose for collecting, selling, or sharing the Personal Information; the categories of third parties with whom We share Personal Information; and the specific pieces of Personal Information We have collected about You.

13.2 Right to Delete

You have the right to request that We delete Personal Information that We have collected from You, subject to certain exceptions under the CCPA (such as completing transactions, detecting security incidents, complying with legal obligations, or exercising free speech rights).

13.3 Right to Correct

You have the right to request correction of inaccurate Personal Information that We maintain about You.

13.4 Right to Opt Out of Sale/Sharing

You have the right to opt out of the “sale” or “sharing” (as those terms are defined by the CCPA) of Your Personal Information. As stated in this Policy, We do not sell Your Personal Information. However, certain uses of Cookies for targeted advertising may constitute “sharing” under the CCPA. You may opt out by adjusting Your Cookie preferences or by contacting Us.

13.5 Right to Limit Use of Sensitive Personal Information

You have the right to limit Our use of Sensitive Personal Information to purposes necessary to perform the Services or provide the goods requested, as permitted under the CCPA.

13.6 Categories of Personal Information

In the preceding twelve (12) months, We may have collected, used, and disclosed the following categories of Personal Information as defined by the CCPA: identifiers (name, email, IP address); customer records (billing address, payment information); commercial information (purchase history, order details); internet or electronic network activity (browsing history, search terms); geolocation data (derived from IP address); and professional or employment-related information (for professional clients and licensees).

13.7 Exercising Your Rights

To exercise Your CCPA rights, submit a verifiable consumer request by contacting Us at info@prismarch.com or by calling 1-888-21-PRISM. We will verify Your identity and respond within forty-five (45) days, with a possible extension of up to an additional forty-five (45) days. You may make such requests up to two (2) times in any twelve (12)-month period. You may designate an authorized agent to submit requests on Your behalf with written authorization.

13.8 Non-Discrimination

We will not discriminate against You for exercising Your CCPA rights, including by denying Services, charging different prices, providing a different level of service, or suggesting that You will receive different treatment.

13.9 California “Shine the Light” Law

Under California Civil Code Section 1798.83, California residents who have provided Personal Information to a business with which they have an established business relationship may request information about whether the business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes. We do not disclose Personal Information to third parties for their direct marketing purposes.

SECTION 14 — EUROPEAN UNION / GDPR COMPLIANCE

If You are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the following additional provisions apply under the General Data Protection Regulation (EU 2016/679) (“GDPR”) and the UK GDPR:

14.1 Controller

Prism Architecture, LLC is the Controller of Your Personal Data for the purposes of the GDPR. Our contact details are set forth in Section 20 of this Policy.

14.2 Legal Basis for Processing

We Process Your Personal Data only when We have a lawful basis to do so. The legal bases upon which We rely include:

Consent: Where You have given clear, informed consent for Us to Process Your Personal Data for a specific purpose (e.g., marketing communications, non-essential Cookies).
Contractual Necessity: Where Processing is necessary for the performance of a contract with You or to take steps at Your request prior to entering into a contract (e.g., processing stock plan purchases, delivering architectural services).
Legal Obligation: Where Processing is necessary for compliance with a legal obligation to which We are subject (e.g., tax reporting, building code compliance).
Legitimate Interest: Where Processing is necessary for Our legitimate interests or the legitimate interests of a third party, provided that such interests are not overridden by Your rights and freedoms (e.g., Website security, fraud prevention, analytics).

14.3 Your Rights Under GDPR

Subject to applicable law and certain exceptions, You have the following rights regarding Your Personal Data:

Right of Access: The right to obtain confirmation of whether We Process Your Personal Data and to access a copy of that data.
Right to Rectification: The right to request correction of inaccurate or incomplete Personal Data.
Right to Erasure: The right to request deletion of Your Personal Data (“right to be forgotten”), subject to legal retention requirements.
Right to Restriction: The right to request restriction of Processing of Your Personal Data under certain circumstances.
Right to Object: The right to object to Processing based on legitimate interests or for direct marketing purposes.
Right to Data Portability: The right to receive Your Personal Data in a structured, commonly used, machine-readable format and to transmit it to another controller.
Right to Withdraw Consent: The right to withdraw Your consent at any time, without affecting the lawfulness of Processing based on consent before its withdrawal.
Right to Lodge a Complaint: The right to lodge a complaint with a supervisory authority in the EEA Member State of Your habitual residence, place of work, or place of the alleged infringement.

14.4 Exercising Your Rights

To exercise any of Your GDPR rights, contact Us at info@prismarch.com. We will respond to Your request within one (1) month, which may be extended by an additional two (2) months for complex or numerous requests. We may need to verify Your identity before fulfilling Your request.

SECTION 15 — INTERNATIONAL DATA TRANSFERS

Prism Architecture, LLC is based in the United States, and Your Personal Information will be collected, processed, and stored in the United States. If You access the Website or use the Services from outside the United States, please be aware that Your Personal Information may be transferred to, stored in, and processed in the United States and other jurisdictions that may not provide the same level of data protection as Your home country.

Where We transfer Personal Data from the EEA, United Kingdom, or Switzerland to countries not deemed to provide an adequate level of data protection, We will ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission.
Binding Corporate Rules, where applicable.
Transfers to countries recognized by the European Commission as providing adequate protection.
Other appropriate safeguards as permitted under applicable law.

By using the Website and providing Your Personal Information, You consent to the transfer and processing of Your data in the United States and other jurisdictions as described in this Policy.

SECTION 16 — DO NOT TRACK AND GLOBAL PRIVACY CONTROL

Some web browsers transmit “Do Not Track” (DNT) signals to websites. Because there is no uniform standard for interpreting DNT signals, the Website does not currently respond to or alter its practices when it receives DNT signals from Your browser. We will continue to monitor developments in DNT technology and standards and may update this Policy if a uniform standard is adopted.

We recognize and honor the Global Privacy Control (GPC) signal as a valid opt-out mechanism where required by applicable law. If Your browser transmits a GPC signal, We will treat it as a request to opt out of the sale or sharing of Personal Information collected through Cookies and similar technologies, as required by the CCPA and other applicable state privacy laws.

SECTION 17 — DATA BREACH NOTIFICATION

In the event of a data breach that compromises the security, confidentiality, or integrity of Your Personal Information, We will investigate the incident promptly, take reasonable steps to mitigate any harm, and notify affected individuals and applicable regulatory authorities as required by law.

Specifically, We will comply with the notification requirements of:

Florida Information Protection Act (FIPA): We will notify affected Florida residents as expeditiously as practicable but no later than thirty (30) days after determination of the breach, and will notify the Florida Department of Legal Affairs if the breach affects five hundred (500) or more individuals.
CCPA Notification Requirements: We will notify affected California residents in the most expedient time possible and without unreasonable delay.
GDPR Notification Requirements: Where applicable, We will notify the relevant supervisory authority within seventy-two (72) hours of becoming aware of a breach, and will notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms.

Breach notifications will describe, to the extent known: the nature of the breach; the categories and approximate number of individuals affected; the likely consequences of the breach; the measures taken or proposed to address the breach; and contact information for obtaining additional information.

SECTION 18 — CHANGES TO THIS PRIVACY POLICY

We reserve the right to update, modify, or replace this Privacy Policy at any time in Our sole discretion. When We make changes, We will update the “Last Updated” date at the top of this Policy. For material changes that expand Our collection, use, or sharing of Your Personal Information, or that reduce Your rights, We will provide prominent notice by:

Displaying a prominent banner or notification on the Website for a period of at least thirty (30) days.
Sending an email notification to the email address associated with Your account (if applicable).
Posting a summary of the changes and their effective date on the Website.

Your continued use of the Website or Services after the posting of any revised Privacy Policy constitutes Your acceptance of the updated Policy. If You do not agree with the revised Policy, You must discontinue Your use of the Website and Services. We encourage You to review this Policy periodically to stay informed about how We collect, use, and protect Your Personal Information.

SECTION 19 — GOVERNING LAW AND DISPUTE RESOLUTION

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Florida, without regard to its conflict of laws principles. Any disputes arising out of or relating to this Policy or Our data practices shall be subject to the exclusive jurisdiction of the state and federal courts located in Broward County, Florida.

Before initiating any formal legal action, You agree to contact Us at info@prismarch.com and attempt to resolve the dispute informally for a period of at least thirty (30) days. If the dispute cannot be resolved informally, it shall be resolved through binding arbitration administered in accordance with the rules of the American Arbitration Association in Broward County, Florida, unless otherwise agreed by the parties.

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, YOU AGREE TO RESOLVE ANY DISPUTES ARISING UNDER OR IN CONNECTION WITH THIS PRIVACY POLICY ON AN INDIVIDUAL BASIS, AND YOU WAIVE ANY RIGHT TO PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR REPRESENTATIVE PROCEEDING. THIS CLASS ACTION WAIVER IS AN ESSENTIAL PART OF THIS ARBITRATION AGREEMENT AND CANNOT BE SEVERED FROM IT.

SECTION 20 — CONTACT INFORMATION

If You have any questions, concerns, complaints, or requests regarding this Privacy Policy, Our data practices, or Your privacy rights, please contact Us:

Company: Prism Architecture, LLC

Address: One Financial Plaza, 100 SE Third Avenue, Suite 1000, Fort Lauderdale, Florida 33394

Phone: 1-888-21-PRISM

Email: info@prismarch.com

Website: www.prismarch.com

Florida Architectural License No.: AA26002852

For GDPR-related inquiries, You may also contact Our designated Data Protection contact at the email address above with the subject line “GDPR Inquiry.”

We endeavor to respond to all privacy-related inquiries within five (5) business days of receipt, and to fulfill verifiable consumer requests within the timeframes required by applicable law.

This Privacy Policy is proprietary to Prism Architecture, LLC.

Unauthorized reproduction or distribution is strictly prohibited.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.