Privacy Policy

At Audit Notes (“we,” “our,” or “the blog”), we recognize that protecting personal information is a fundamental pillar of digital trust. For this reason, this Privacy Policy clearly and transparently explains how we collect, use, and safeguard the information provided by users.

We reaffirm our commitment to professional ethics, institutional accountability, and adherence to internationally recognized data protection best practices within the internal audit and governance community.

Information We Collect

Voluntarily Provided Information

We may collect personal information when users:

• Register on the website.
• Subscribe to our newsletter.
• Complete a purchase or transaction.
• Submit a contact form.

Information collected may include:

• Full name
• Email address
• Payment details (when applicable)
• Other data necessary to provide and manage services

Information collection is limited strictly to what is necessary to administer subscriptions, process transactions securely, and improve user experience.

Purpose of Information Processing

We use collected information exclusively for legitimate and clearly defined purposes:

• Managing subscriptions and professional communications
• Processing transactions securely
• Providing updates on internal auditing, risk management, governance, and ethics
• Enhancing the academic, technical, and strategic quality of our content

We may also use aggregated, non-identifiable data for analytical purposes to strengthen website performance and professional value delivery.

Cookies and Similar Technologies

We use cookies and related technologies to personalize user experience, analyze website trends, and understand general behavioral patterns.

Users may configure their browsers to decline cookies. However, disabling cookies may affect certain website functionalities.

Disclosure of Information to Third Parties

We do not sell or share personal data with third parties for commercial purposes.

Information may be disclosed only when:

• Required by law or legal authority
• Necessary to protect legitimate rights
• Related to fraud prevention obligations
• Required for secure payment processing through trusted providers

All service providers are selected based on recognized standards of confidentiality and information security.

Security Measures

We implement reasonable technical and organizational safeguards to protect personal information.

• Encryption protocols for payment processing
• Systems preventing unauthorized access
• Risk-based preventive digital security procedures

Our approach aligns with governance, internal control, and risk management best practices.

Marketing Communications

With prior consent, users may receive communications related to:

• New articles and research publications
• Professional educational content
• Relevant academic initiatives

Users may unsubscribe at any time using the link provided in each communication.

User Rights

Users have the right to:

• Access their personal information
• Request correction of inaccurate data
• Request deletion of personal data, when applicable

To exercise these rights, please contact: auditnotes@gmail.com

Policy Updates

We reserve the right to modify this Privacy Policy when necessary. Material updates will be communicated through the blog or appropriate channels.

Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of the Commonwealth of Puerto Rico. Any dispute arising in connection with the blog shall be subject to the exclusive jurisdiction of the courts of Puerto Rico.