Contact

Privacy Policy

Effective Date: April 1, 2026 Last Updated: May 5, 2026

1. Introduction

This Privacy Policy describes how Janos P. Koka, a sole proprietor doing business as IndieDent, located in the State of New York (referred to as “we,” “us,” or “our”), collects, uses, and protects information you provide when you visit and interact with our Website (the “Website”).

By using this Website, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Website.

2. Information We Collect

We collect the following categories of information:

a) Information You Provide Directly When you fill out a form or upload a document on our Website, we collect:

  • Full name
  • Email address
  • Phone number
  • Any documents or files you choose to upload, along with their contents

You provide this information voluntarily by submitting the form on our Website.

We do not knowingly collect or process sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, health information, sexual orientation, precise geolocation, or government-issued identifiers) or biometric data.

b) Information Collected Automatically When you visit the Website, we and our analytics provider automatically collect certain technical information, including:

  • IP address (in truncated/anonymized form where applicable)
  • Browser type and version
  • Operating system
  • Device type
  • Referring URL
  • Pages visited and time spent on each page
  • Date and timestamp of visit
  • Approximate geographic location (city/region level)

This information is collected through cookies and similar tracking technologies. See our Cookie Policy for details.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to your inquiries and communicate with you regarding your request
  • To process and review documents you upload as part of our services
  • To provide, maintain, and improve the Website
  • To analyze Website usage and performance through Google Analytics
  • To comply with legal obligations
  • To prevent fraud, abuse, or unauthorized activity

We do not sell your personal information to third parties. We do not use your personal information for automated decision-making or profiling.

4. How We Store and Secure Your Information

Form data (name, email, phone) is stored on the Website’s database hosted by our web hosting provider and may be transmitted to our email system for follow-up.

Uploaded documents are stored in Google Drive, operated by Google LLC. Google LLC acts as a data processor on our behalf and processes the data in accordance with Google’s own security standards and applicable data protection laws. Access to uploaded documents is limited to the business owner and, where applicable, trusted contractors bound by confidentiality obligations.

In compliance with the New York SHIELD Act (N.Y. Gen. Bus. Law § 899-bb), we maintain reasonable administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and security of personal information, including:

  • Use of encrypted (HTTPS/SSL) connections for all data transmission
  • Access controls limiting who can view submitted information
  • Use of reputable third-party service providers with their own security programs (Google Drive, Google Analytics)
  • Regular review of security practices
  • Secure disposal of data that is no longer needed

No method of transmission over the Internet or electronic storage is 100% secure. While we use commercially reasonable means to protect your information, we cannot guarantee absolute security.

5. How Long We Keep Your Information

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Form submissions: retained for up to 24 months after last contact, unless a business relationship is established
  • Uploaded documents: retained for the duration of the engagement plus a reasonable period for legal and recordkeeping purposes
  • Analytics data: retained according to Google Analytics’ default retention period (typically 14 months)

After these periods, data is deleted or anonymized, unless we are legally required to retain it for a longer period.

6. Sharing of Information

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

  • Service providers and processors: Google LLC (Google Drive for document storage, Google Analytics for usage analytics). These providers process the data only on our instructions and under their own privacy and security commitments, and where applicable, under data processing agreements.
  • Legal compliance: If required by law, subpoena, court order, or governmental request, or to protect our legal rights.
  • Business transfer: In the unlikely event of a sale, merger, or transfer of the business, your information may be transferred to the successor, subject to this Privacy Policy.

7. Your Rights

Depending on your state or country of residence, you may have certain rights regarding your personal information.

For all U.S. visitors, including residents of New York, you may:

  • Request information about what personal data we hold about you
  • Request correction of inaccurate information
  • Request deletion of your data, subject to legal exceptions
  • Withdraw consent for marketing communications (if applicable)

For California residents (CCPA/CPRA): You have additional rights, including the right to know, the right to delete, the right to correct, the right to opt out of the sale or sharing of personal information (we do not sell or share your data for cross-context behavioral advertising), and the right to non-discrimination for exercising your rights.

For residents of other U.S. states with comprehensive privacy laws (including Colorado, Connecticut, Virginia, Utah, Texas, Oregon, and others): you may have similar rights to access, correct, delete, and opt out of certain processing activities.

To exercise any of these rights, contact us at info@indiedentsolutions.com. We will respond within 30–45 days depending on applicable law. We may need to verify your identity before fulfilling the request.

8. Rights of Visitors from the European Economic Area (EEA), United Kingdom, and Switzerland

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent national laws (including the UK GDPR) apply to the processing of your personal data. For the purposes of the GDPR, Janos P. Koka, doing business as IndieDent, acts as the data controller of your personal data.

a) Legal Basis for Processing We process your personal data on the following legal bases:

  • Consent (Art. 6(1)(a) GDPR): for non-essential cookies, analytics, and any optional communications. You may withdraw your consent at any time.
  • Performance of a contract or pre-contractual steps (Art. 6(1)(b) GDPR): when you contact us, submit a form, or upload a document to request our services.
  • Legitimate interests (Art. 6(1)(f) GDPR): to maintain and secure the Website, prevent fraud and abuse, and respond to inquiries, where such interests are not overridden by your rights and freedoms.
  • Legal obligation (Art. 6(1)(c) GDPR): when processing is necessary to comply with applicable law.

b) Your Rights Under the GDPR Subject to the conditions set out in the GDPR, you have the following rights:

  • Right of access (Art. 15) — to obtain confirmation of whether we process your personal data, and a copy of that data
  • Right to rectification (Art. 16) — to have inaccurate or incomplete personal data corrected
  • Right to erasure (“right to be forgotten,” Art. 17) — to request deletion of your personal data
  • Right to restriction of processing (Art. 18) — to limit how we process your data in certain circumstances
  • Right to data portability (Art. 20) — to receive your data in a structured, commonly used, machine-readable format and to transmit it to another controller
  • Right to object (Art. 21) — to object to processing based on our legitimate interests, including any direct marketing
  • Right to withdraw consent (Art. 7(3)) — at any time, without affecting the lawfulness of processing carried out before withdrawal
  • Rights related to automated decision-making and profiling (Art. 22) — we do not engage in such activities

To exercise any of these rights, please contact us at info@indiedentsolutions.com. We will respond within 30 days, with a possible extension of up to two additional months for complex requests, in accordance with Art. 12 GDPR.

c) International Data Transfers If you access the Website from the EEA, the UK, or Switzerland, your personal data will be transferred to, stored, and processed in the United States. Such transfers are carried out using appropriate safeguards under the GDPR, including the Standard Contractual Clauses (SCCs) approved by the European Commission and, where applicable, supplementary measures and reliance on the EU–U.S. Data Privacy Framework by certified service providers (such as Google LLC).

d) Right to Lodge a Complaint If you believe that our processing of your personal data infringes the GDPR or applicable data protection law, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement. A list of EEA supervisory authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en. UK residents may contact the Information Commissioner’s Office (ICO) at https://ico.org.uk/. We would, however, appreciate the opportunity to address your concerns directly before you approach a supervisory authority.

9. Cookies and Tracking Technologies

The Website uses cookies and similar technologies, including those set by Google Analytics. For full details, please see our separate Cookie Policy.

You can control cookies through your browser settings or the cookie banner displayed on the Website on your first visit.

10. Children’s Privacy

The Website is not directed to children under the age of 13 (or under 16 in the EEA, where applicable), and we do not knowingly collect personal information from children. If you believe a child has submitted information to us, please contact us at info@indiedentsolutions.com and we will promptly delete it, in compliance with the Children’s Online Privacy Protection Act (COPPA) and, where applicable, Art. 8 GDPR.

11. Third-Party Links

The Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you and, where required, the New York Attorney General, the New York Department of State, the New York State Police, and the New York Department of Financial Services, in accordance with the New York SHIELD Act (N.Y. Gen. Bus. Law § 899-aa), generally within 30 days of discovery. Where the GDPR applies, we will also notify the competent supervisory authority within 72 hours of becoming aware of the breach, where feasible, and affected data subjects without undue delay where the breach is likely to result in a high risk to their rights and freedoms (Art. 33–34 GDPR).

13. International Visitors

The Website is operated from the United States. If you access the Website from outside the U.S., your information will be transferred to, stored, and processed in the United States. By using the Website, you consent to this transfer, subject — where applicable — to the safeguards described in Section 8(c) above.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Last Updated” date at the top of this page indicates when the most recent changes were made. We encourage you to review this Policy periodically.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact:

Janos P. Koka, a sole proprietor doing business as IndieDent Email: info@indiedentsolutions.com Phone: +1 (518) 424-2858