top of page

Privacy and Information Security Policy

DF Analytics & Consulting, Inc. is committed to respecting and complying with all laws and regulations that apply to the collection, use, distribution, destruction, and other processing of personal data. Personal data encompasses any data about an identified or identifiable individual. For each jurisdiction in which we and/or our clients operate, personal data includes any information governed by applicable privacy and personal data protection laws.

Some examples of the laws that may apply to our operations include:

  • United States: Health Information Portability and Accountability Act (HIPAA), Fair Credit Reporting Act (FCRA), California Consumer Privacy Act, State Breach Notification Laws

  • European Economic Area: General Data Protection Regulation ("GDPR")

  • Singapore: Personal Data Protection Act (PDPA)

  • Canada: Personal Information Protection and Electronic Documents Act (PIPEDA)

  • Australia: Privacy Act and Australia Privacy Principles

  • Philippines: Data Privacy Act

All personal data is handled using the “minimum necessary” standard. This means that such data is used only as permitted and necessary to our work. In particular:

  • We comply with all contract requirements with customers, suppliers, and others related to processing personal data.

  • Where information is gathered from any public website belonging to a client, we adhere to the privacy policy in effect for the site when it was collected.

bottom of page