Enterprise Architecture Group, LLC (“EAG,” “we,” “us,” or “our”) operates goeag.com and provides architecture advisory, security assessment, and infrastructure modernization services to organizations. This Privacy Policy explains what information we collect when you interact with us through this website, how we use it, who we share it with, and the choices you have. If anything in this policy is unclear or you’d like to exercise a right described below, contact us at the address at the bottom of this page.

1. Information we collect

We collect information in the following ways:

Information you provide directly

When you fill out a contact form, request a Triage Call, or email us, we collect whatever you include — typically your name, email address, phone number, company name, and a description of the problem you want help with. If you book a Triage Call through our scheduling system, we also collect the time you selected and, if provided, how you found us. We only ask for information that’s reasonably necessary to respond to your inquiry.

Information collected automatically

When you visit the site, we and our service providers automatically receive certain technical information: IP address (anonymized before being passed to Google Analytics), browser type and version, device and operating system, referring URL, pages you view on our site, timestamps, and similar server-log data. Most of this is collected through cookies and similar technologies described in our Cookie Policy.

Information we do not collect

We do not sell personal information. We do not knowingly collect information from children under 13. We do not run advertising networks on this site, and we do not use behavioral advertising cookies. We do not collect payment card information through this website.

2. How we use information

We use the information we collect to:

• Respond to your inquiry, schedule a call, or deliver the services you’ve asked us about;
• Operate, maintain, and improve goeag.com — including understanding which content is useful and which isn’t;
• Protect the site from spam, abuse, and automated attacks;
• Comply with legal obligations and enforce our terms.

We do not use the information you submit through our forms to send marketing email unless you explicitly opt in.

3. Who we share information with

We share limited information with the service providers who help us operate this site and run our business. Each is bound by its own privacy commitments and, where applicable, by data-processing terms with us. Our current providers include:

• DreamHost — website hosting and server logs.
• Cloudflare — content delivery, DDoS protection, and bot management.
• Google Analytics (via MonsterInsights) — aggregate site analytics with IP anonymization enabled and Google’s Consent Mode v2 active.
• Google reCAPTCHA — spam protection on our contact form.
• Zoho (Bookings & CRM) — scheduling and inquiry management for The Triage Call.
• WPForms — form submission handling.
• WP Mail SMTP — outbound email delivery from the site.

We may also disclose information when required by law, when necessary to protect our rights or the safety of others, or in connection with a corporate transaction (merger, acquisition, or sale of assets). We do not sell personal information to data brokers or advertisers.

4. How long we keep information

We keep the information you submit only as long as we need it for the purpose it was collected, plus a reasonable period for our legitimate business and legal needs. Contact-form submissions and Triage Call intake records are retained while the engagement is active and for a period after closure consistent with our client-records retention schedule. Server logs and analytics data follow the retention defaults of our providers (for example, Google Analytics is configured with a 14-month user-data retention window).

5. Your rights and choices

Depending on where you live, you may have specific rights over the information we hold about you. Regardless of jurisdiction, we are willing to honor reasonable requests to access, correct, or delete your information — subject to our legal obligations.

Texas residents

Under the Texas Data Privacy and Security Act (effective July 1, 2024), Texas residents have the right to know what personal data we process, to access and obtain a copy of it, to correct inaccuracies, to request deletion, and to opt out of the sale of personal data or of targeted advertising. We do not sell personal data and do not engage in targeted advertising.

California residents

Under the California Consumer Privacy Act (as amended by the CPRA), California residents have rights to know, access, delete, correct, and limit use of sensitive personal information, as well as the right to opt out of the “sale” or “sharing” of personal information. We do not sell or share personal information for cross-context behavioral advertising.

EEA and UK residents

Under the GDPR and UK GDPR, you have the right to access, rectify, erase, restrict, and port your personal data, and to object to processing based on our legitimate interests. Our legal bases for processing are: (a) consent, where you’ve provided it (for example, via our cookie banner); (b) performance of a contract, when you engage us for services; and (c) legitimate interests in operating and securing our website and business.

How to exercise your rights

Email us at [email protected] with a description of your request. We may need to verify your identity before acting, particularly for requests to delete or access personal data. We’ll respond within the timeframes required by applicable law (generally 30–45 days). You have the right to appeal a denial — and, in certain jurisdictions, to complain to your local data protection authority or your state Attorney General.

6. Cookies and similar technologies

We use cookies for essential site operation, security (bot mitigation via Cloudflare), spam prevention (Google reCAPTCHA on our contact form), and aggregate analytics (Google Analytics, IP-anonymized). Our consent banner uses Google’s Consent Mode v2 — if you decline analytics, Google Analytics tags load in a privacy-preserving mode that does not set identifying cookies. For a full list of every cookie we use, its purpose, and its duration, see our Cookie Policy.

7. Security

We take reasonable technical and organizational measures to protect the information we collect: TLS encryption for all traffic, access controls on our hosting and admin accounts, least-privilege role assignments, and monitoring via our CDN and host. No system is perfectly secure; if we ever have a breach that affects your personal information, we’ll notify you in accordance with applicable law.

8. International transfers

EAG is based in Texas, USA. If you access this site from outside the United States, your information will be transferred to and processed in the U.S. and in the locations where our service providers operate (including EU data centers for certain Google and Cloudflare services). Where required by law, we rely on appropriate safeguards — such as Standard Contractual Clauses — with our providers.

9. Children’s privacy

This website is directed at a business audience. We do not knowingly collect personal information from children under 13 (or under 16 in the EEA and UK). If you believe we have collected such information, please contact us and we will delete it.

10. Changes to this policy

We may update this Privacy Policy as our practices or the law evolves. When we do, we’ll change the “Last updated” date at the top of this page. If changes are material, we’ll take reasonable steps to notify you — for example, by a prominent notice on the site.

11. Contact us

Questions about this Privacy Policy or about the information we hold can go to:

Enterprise Architecture Group, LLC
Humble, Texas, USA
Email: [email protected]
Phone: +1 (281) 698-0045