Privacy Policy

For data subjects located in the European Economic Area (‘EEA’) or United Kingdom (‘UK’), Trimes Technology acts as the Data Controller for personal data processed in connection with website visits, service inquiries, and client relationships. Where applicable, Trimes Technology will appoint a designated EU or UK representative and will notify data subjects accordingly.

2. PERSONAL DATA WE COLLECT

A. Information You Provide Directly

When you contact us, request a quote, submit a form, or engage with our services, we collect:

• Identity data: Full name, job title, professional role
• Contact data: Business email address, phone number, company name
• Business data: Company size, industry, country, postal code
• Service inquiry data: Description of your IT infrastructure needs, current vendor contracts, or service requirements
• Communication data: Content of emails, messages, or other communications you send to us
• Account credentials: Usernames and passwords for the client portal (stored in encrypted form)

B. Information Collected Automatically

When you visit our website, we automatically collect the following data through your browser and through cookies and similar tracking technologies:

• IP address and approximate geographic location (city/region level)
• Device identifier, browser type and version, operating system
• Pages visited, time spent on pages, and page interaction data
• Referring URL (the website from which you arrived)
• Session data, clickstream data, and navigation patterns

This data is temporarily stored in server log files and is generally deleted after 7 days. It is used to ensure a smooth connection, evaluate system security, improve website performance, and understand website activity. It is not used to draw conclusions about you personally.

C. Information from Third Parties

We may receive information about you from business partners, referral sources, or commercially available databases for the purpose of identifying prospective enterprise clients or verifying contact information. Where we receive such information, we handle it in accordance with this Policy.

D. Sensitive Personal Data

We do not intentionally collect sensitive categories of personal data (such as health information, racial or ethnic origin, political opinions, religious beliefs, biometric data, or precise geolocation data) through the Service. Please do not submit sensitive personal data through our contact forms or communications unless specifically requested and necessary for a service engagement.

3. LEGAL BASES FOR PROCESSING

We process your Personal Data only where we have a lawful basis to do so. The legal bases we rely on are:

4.HOW WE USE YOUR PERSONAL DATA

We use the Personal Data we collect for the following purposes:

• To respond to your inquiries, quote requests, and service consultations in a timely and accurate manner
• To deliver, manage, and improve our IT managed services, professional services, hardware solutions, and software maintenance offerings
• To process and fulfil contractual obligations under executed service agreements
• To send transactional communications related to your account or service engagement
• To send marketing communications about our services, industry insights, and company news, where you have consented or where permitted by law
• To maintain accurate business, billing, and compliance records
• To conduct website security monitoring, fraud detection, and misuse prevention
• To analyze website performance and improve user experience through aggregated analytics
• To comply with legal, regulatory, and audit obligations
• To process data in connection with a corporate transaction such as a merger, acquisition, or asset sale

We will not use your Personal Data for purposes materially incompatible with those described in this Policy without providing you with prior notice and, where required, obtaining your consent.

5. HOW WE SHARE YOUR PERSONAL DATA

We do not sell your Personal Data to third parties for monetary consideration. We may share your Personal Data only in the following circumstances:

A. Service Providers (Processors)

We engage trusted third-party vendors who process Personal Data on our behalf as data processors, including CRM platforms, email service providers, cloud hosting providers, analytics platforms, and cybersecurity services. All processors are bound by written data processing agreements requiring them to: process data only on our instructions; implement appropriate security measures; not engage sub-processors without our approval; and delete or return data upon termination of the engagement.

B. Professional Advisors

We may share Personal Data with lawyers, accountants, auditors, and other professional advisors under strict confidentiality obligations as necessary for legal, compliance, and financial purposes.

C. Legal Requirements and Law Enforcement

We may disclose Personal Data when required by applicable law, court order, subpoena, governmental authority, or regulatory requirement; or where necessary to protect the rights, property, or safety of Trimes Technology, our clients, employees, or the public.

D. Business Transfers

In the event of a merger, acquisition, divestiture, restructuring, dissolution, or other corporate transaction, Personal Data may be transferred as part of the transaction. We will notify affected data subjects of any such transfer where required by applicable law and will ensure continuity of data protection obligations.

E. With Your Consent

We may share your Personal Data with third parties for other purposes not described herein with your prior explicit consent.

6. COOKIES AND TRACKING TECHNOLOGIES

Our website uses cookies and similar tracking technologies (collectively, ‘Cookies’) to enhance your browsing experience, analyze site traffic, and, where you consent, to support marketing activities. We use the following categories of Cookies:

You may manage your cookie preferences at any time through our cookie consent banner, your browser settings, or by contacting us at privacy@trimestechnology.com. Disabling certain cookies may affect the functionality of the Service.

7. DATA RETENTION

We retain Personal Data only for as long as necessary to fulfill the purposes described in this Policy, or as required by applicable law. Our general retention periods are:

When Personal Data is no longer needed, we securely delete or anonymize it in accordance with our data disposal procedures and applicable regulatory requirements.

8. INTERNATIONAL DATA TRANSFERS

Trimes Technology is headquartered in the United States. If you are located outside the United States — including in the European Economic Area (‘EEA’) or the United Kingdom (‘UK’) — your Personal Data will be transferred to and processed in the United States. We implement appropriate safeguards for such transfers, including:

• Standard Contractual Clauses (‘SCCs’) adopted by the European Commission for transfers from the EEA;
• UK International Data Transfer Agreements (‘IDTAs’) or UK Addenda to EU SCCs for transfers from the UK;
• Adequacy decisions of the European Commission where applicable;
• EU-U.S. Data Privacy Framework (DPF) and UK Extension: Trimes Technology is working toward adherence to the DPF. Where applicable, the DPF provides the right to invoke binding arbitration and to resolve complaints not resolved by other means. See: https://www.dataprivacyframework.gov.

By using the Service or engaging our services from outside the United States, you acknowledge that your Personal Data will be processed in the United States and that such processing is subject to the safeguards described in this Policy.

9. DATA SECURITY

Trimes Technology implements industry-standard technical and organizational security measures to protect your Personal Data against unauthorized access, disclosure, alteration, loss, or destruction. Our security measures include:

• TLS/SSL encryption for all data transmitted via the website and client portal
• Role-based access controls and least-privilege principles for internal systems
• Multi-factor authentication (MFA) for all internal system access
• Regular vulnerability assessments and penetration testing
• Incident response and breach notification procedures aligned with applicable regulatory requirements
• Employee security awareness training and background screening
• Vendor security assessments and data processing agreements with all third-party processors

In the event of a data breach that is likely to result in a risk to your rights and freedoms, Trimes Technology will notify affected data subjects and relevant supervisory authorities in accordance with the timelines required by applicable law (72 hours for GDPR; applicable state law timelines for US residents).

While we implement these measures, no method of data transmission or storage can be guaranteed as 100% secure. You use the Service at your own risk.

10. YOUR PRIVACY RIGHTS

Depending on your location and applicable law, you may have the following rights regarding your Personal Data. We will respond to all valid requests within the timeframes required by applicable law (30 days under GDPR; 45 days under TDPSA and CCPA, with a 45-day extension where necessary).

A. Rights Available to All Users

• Right to Access / Know: Request a copy of the Personal Data we hold about you and information about how it is processed.
• Right to Correction / Rectification: Request correction of inaccurate or incomplete Personal Data.
• Right to Deletion / Erasure: Request deletion of your Personal Data, subject to exceptions for legal retention obligations and other legitimate grounds.
• Right to Restriction of Processing: Request that we limit the processing of your Personal Data in certain circumstances.
• Right to Data Portability: Receive a copy of your Personal Data in a structured, machine-readable format and request transmission to another controller.
• Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Where processing is based on consent, withdraw your consent at any time without affecting the lawfulness of prior processing.
• Right to Lodge a Complaint: File a complaint with the relevant supervisory authority. See Section 10.D for details.

B. Texas TDPSA Rights (Texas Residents)

Texas residents have specific rights under the Texas Data Privacy and Security Act (TDPSA), effective July 1, 2024:

• Right to Access: Confirm whether we process your Personal Data and obtain a copy of such data.
• Right to Correct: Request correction of inaccuracies in your Personal Data.
• Right to Delete: Request deletion of Personal Data you have provided or that we have collected about you.
• Right to Data Portability: Obtain your Personal Data in a portable, readily usable format.
• Right to Opt Out of Targeted Advertising: Opt out of the processing of your Personal Data for targeted advertising.
• Right to Opt Out of Sale: Opt out of the sale of your Personal Data. We do not sell Personal Data.
• Right to Opt Out of Profiling: Opt out of profiling decisions that produce legal or similarly significant effects.
• Right to Appeal: If we decline to take action on your request, you have the right to appeal that decision. To appeal, contact privacy@trimestechnology.com with the subject line ‘TDPSA Appeal.’ We will respond to appeals within 60 days. If your appeal is denied, you may contact the Texas Attorney General at https://www.texasattorneygeneral.gov.

C. California CCPA/CPRA Rights (California Residents)

California residents have the following rights under the CCPA as amended by the CPRA:

• Right to Know: Request disclosure of the categories and specific pieces of Personal Data collected, sources, purposes, and third parties with whom data is shared or sold.
• Right to Delete: Request deletion of Personal Data, subject to exceptions.
• Right to Correct: Request correction of inaccurate Personal Data.
• Right to Opt Out of Sale or Sharing: We do not sell or share Personal Data for cross-context behavioral advertising.
• Right to Limit Use of Sensitive Personal Information: Where applicable, limit the use and disclosure of sensitive personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising any CCPA rights.

California residents may also designate an authorized agent to submit requests on their behalf, subject to identity verification requirements. For more information, contact us at privacy@trimestechnology.com.

D. EEA/UK GDPR Rights

Data subjects located in the EEA or UK have all rights listed in Section 10.A, enforceable under the GDPR and UK GDPR respectively. If you believe that our processing of your Personal Data violates applicable data protection law, you have the right to lodge a complaint with the relevant supervisory authority:

• EU: The supervisory authority in your EU Member State of habitual residence, place of work, or the place of the alleged infringement (see https://edpb.europa.eu for a list of authorities).
• UK: The Information Commissioner’s Office (ICO) — https://ico.org.uk

We encourage you to contact us first at privacy@trimestechnology.com before lodging a regulatory complaint, as we are committed to resolving privacy concerns directly and promptly.

11. DIRECT MARKETING

Where you have provided consent or where permitted by applicable law, Trimes Technology may contact you with marketing communications about our services, industry insights, events, and company news. You may opt out of marketing communications at any time by:

• Clicking the ‘unsubscribe’ link in any marketing email we send;
• Sending an email to privacy@trimestechnology.com with the subject line ‘Marketing Opt-Out’;
• Calling us at +1 (713) 575-7751.

Opt-out requests will be processed within 10 business days. Note that opting out of marketing communications will not affect your receipt of transactional and service-related communications.

12. CHILDREN’S PRIVACY

Our website and services are directed exclusively to business professionals and are not intended for individuals under 18 years of age. We do not knowingly collect Personal Data from minors under 18 (or under 13 for COPPA purposes). If we become aware that we have inadvertently collected Personal Data from a minor, we will take immediate steps to delete that information. Contact us at privacy@trimestechnology.com if you believe we hold data about a minor.

13. THIRD-PARTY WEBSITES AND SERVICES

Our website may contain links to third-party websites, platforms, or services. Trimes Technology is not responsible for the privacy practices, content, or security of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit. The presence of a link to a third-party website does not constitute an endorsement of that site or its practices.

14. DO NOT TRACK

Our website currently does not respond to ‘Do Not Track’ (DNT) browser signals. As DNT standards continue to evolve, we will monitor regulatory developments and update our practices accordingly. We do not engage in cross-site tracking without your consent.

15. FINANCIAL INCENTIVES

Trimes Technology does not offer financial incentives in exchange for the collection, sale, or retention of your Personal Data, and does not maintain financial incentive programs that require disclosure under applicable privacy laws.

16. CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this Privacy Policy at any time to reflect changes in our data practices, applicable law, or other relevant factors. We will post the revised Policy on our website with an updated ‘Last Updated’ date. For material changes, we will provide additional notice via:

• A prominent banner or notice on our website;
• Direct email notification to users on our mailing list where required by applicable law.

Your continued use of the Service following publication of a revised Policy constitutes your acceptance of the revised terms. If you do not agree to the revised Policy, you must discontinue use of the Service.

17. CONTACT US

For any questions, concerns, access requests, or complaints regarding this Privacy Policy or Trimes Technology’s data practices, please contact us:

END OF PART II — PRIVACY POLICY

© 2026 Trimes Technology LLC. All Rights Reserved. Document Reference: TT-LEGAL-001 v1.0

This document is subject to periodic review and update. Always refer to the current version at trimestechnology.com.

LEGAL NOTICE: This document has been prepared for informational and operational purposes. Trimes Technology recommends that this document be reviewed by qualified legal counsel admitted in the relevant jurisdictions before publication, to confirm compliance with all applicable current laws and regulations.