Privacy Policy

At Innovatask, we are committed to protecting your personal information with the highest standards of data security and privacy best practices. This Privacy Policy outlines how we collect, use, protect, and disclose your Personally Identifiable Information (PII) as required by NIST SP 800-122.

This policy applies to all individuals whose PII we process—including clients, prospective clients, website visitors, and third parties whose information may be shared with us as part of providing our services. Please read each section below to understand your rights and our practices.

Definitions of Personally Identifiable Information

PII means information that can identify, distinguish, or trace an individual’s identity, either alone or when combined with other information linked to a specific individual.

Linked PII: Direct identifiers such as name, social security number, driver’s license number, passport number, or biometric data.

Linkable PII: Data such as date of birth, place of birth, mother’s maiden name, and employment information, that can be used with other info to identify an individual. Sensitive PII includes financial account numbers, medical details, and criminal history.

PII Confidentiality Impact Levels & Principles

Following NIST guidelines, we assess and categorize PII by impact—low, moderate, or high. Low impact might be public business information, moderate includes contact details, and high impact covers sensitive items like financial or health data.

Our privacy practices are founded on the Fair Information Practice Principles (FIPPs), including collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, and accountability.

We continuously evaluate and adjust our privacy controls to ensure PII receives protection that matches its confidentiality impact and the risks involved.

Information We Collect

We only collect the minimum PII needed: identity information (name, job title, company), contact information (email, phone, address), business information (industry, operations), technical data (IP address, devices, platform usage), and financial information (payment and billing via PCI-DSS compliant processors).

We do not sell your PII. We may share information with trusted service providers, to comply with law, or with your specific consent. Where required, we will provide notice in case of business transfers.

All service providers are contractually obligated to protect your information and only use it for defined purposes. We maintain appropriate operational, privacy, and technical safeguards as detailed in the next section.

Safeguards & Security Controls

Operational: Comprehensive privacy policies and procedures, regular assessments, staff training, and incident response planning are foundational elements.

Privacy-specific: We use data minimization, consent and preference controls, de-identification, and retention limits.

Technical: AES-256 encryption, TLS 1.3, RBAC, multi-factor authentication, continuous monitoring, and NIST SP 800-88 compliant data disposal are all standards we uphold.

Incident Response & Your Rights

If a PII breach occurs, our incident response plan covers detection, assessment, containment, notification to individuals and authorities, and corrective actions to prevent recurrence.

You have rights to access, correct, delete, restrict processing, and request portability of your PII. You may also object to particular uses, including direct marketing.

Contact us at privacy@innovatask.io to exercise your rights, or with questions about how we handle your personal data. We will respond within 30 days to verified requests.

Data Retention & Policy Updates

We retain PII only as long as required by the purpose of collection and applicable law. When retention is no longer needed, we securely destroy your data using industry-standard methods.

We may update this policy periodically. The last updated date is displayed at the top of this page. Please review this policy regularly to stay informed of our privacy practices.

Contact Us

Privacy

If you have any questions about this Privacy Policy or need to exercise any rights, please email our privacy team or call the number below.

Innovatask LLC, Puerto Rico | luisvc@innovatask.com

luisvc@innovatask.com

xxx-xxx-xxxxx

NIST Compliant

© 2026

To embed a website or widget, add it to the properties panel.

Privacy Policy

At Innovatask, we are committed to protecting your personal information with the highest standards of data security and privacy best practices. This Privacy Policy outlines how we collect, use, protect, and disclose your Personally Identifiable Information (PII) as required by NIST SP 800-122.

This policy applies to all individuals whose PII we process—including clients, prospective clients, website visitors, and third parties whose information may be shared with us as part of providing our services. Please read each section below to understand your rights and our practices.

Definitions of Personally Identifiable Information

PII means information that can identify, distinguish, or trace an individual’s identity, either alone or when combined with other information linked to a specific individual.

Linked PII: Direct identifiers such as name, social security number, driver’s license number, passport number, or biometric data.

Linkable PII: Data such as date of birth, place of birth, mother’s maiden name, and employment information, that can be used with other info to identify an individual. Sensitive PII includes financial account numbers, medical details, and criminal history.

PII Confidentiality Impact Levels & Principles

Following NIST guidelines, we assess and categorize PII by impact—low, moderate, or high. Low impact might be public business information, moderate includes contact details, and high impact covers sensitive items like financial or health data.

Our privacy practices are founded on the Fair Information Practice Principles (FIPPs), including collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, and accountability.

We continuously evaluate and adjust our privacy controls to ensure PII receives protection that matches its confidentiality impact and the risks involved.

Information We Collect

We do not sell your PII. We may share information with trusted service providers, to comply with law, or with your specific consent. Where required, we will provide notice in case of business transfers.

All service providers are contractually obligated to protect your information and only use it for defined purposes. We maintain appropriate operational, privacy, and technical safeguards as detailed in the next section.

Safeguards & Security Controls

Operational: Comprehensive privacy policies and procedures, regular assessments, staff training, and incident response planning are foundational elements.

Privacy-specific: We use data minimization, consent and preference controls, de-identification, and retention limits.

Technical: AES-256 encryption, TLS 1.3, RBAC, multi-factor authentication, continuous monitoring, and NIST SP 800-88 compliant data disposal are all standards we uphold.

Incident Response & Your Rights

If a PII breach occurs, our incident response plan covers detection, assessment, containment, notification to individuals and authorities, and corrective actions to prevent recurrence.

You have rights to access, correct, delete, restrict processing, and request portability of your PII. You may also object to particular uses, including direct marketing.

Contact us at privacy@innovatask.io to exercise your rights, or with questions about how we handle your personal data. We will respond within 30 days to verified requests.

Data Retention & Policy Updates

We retain PII only as long as required by the purpose of collection and applicable law. When retention is no longer needed, we securely destroy your data using industry-standard methods.

We may update this policy periodically. The last updated date is displayed at the top of this page. Please review this policy regularly to stay informed of our privacy practices.

Contact Us

Privacy

If you have any questions about this Privacy Policy or need to exercise any rights, please email our privacy team or call the number below.

Innovatask LLC, Puerto Rico | luisvc@innovatask.com

luisvc@innovatask.com

xxx-xxx-xxxxx

NIST Compliant

© 2026

All Rights Reserved