What personal data does EPC Group collect?

EPC Group collects name, email, phone number, and company information submitted through contact forms. We also collect anonymized analytics data via Google Analytics 4 and Bing UET for website optimization. We do not sell personal data to third parties.

How can I request deletion of my personal data?

Submit a data deletion request to privacy@epcgroup.net or call (888) 381-9725. We process GDPR and CCPA deletion requests within 30 days and provide written confirmation upon completion.

Does EPC Group comply with GDPR and CCPA?

Yes. EPC Group complies with GDPR (EU), CCPA (California), and CAN-SPAM regulations. Our privacy practices include data minimization, purpose limitation, and user consent management via our cookie banner.

How does EPC Group protect my data?

Data is protected via HTTPS/TLS encryption in transit, encrypted storage at rest on Vercel and Cloudflare infrastructure, access controls, and regular security audits. We follow OWASP security best practices for all web applications.

Privacy Policy | EPC Group

EPC Group respects your privacy. We collect only the information needed to deliver our consulting services. We do not sell your personal data. We comply with GDPR, CCPA, and HIPAA. This policy explains what we collect, how we use it, and your rights as a data subject.

About EPC Group

EPC Group is a Houston-based Microsoft consulting firm. We have 29 years of enterprise implementation experience. We have completed over 10,000 deployments across Power BI, Microsoft Fabric, SharePoint, Azure, Microsoft 365, and Copilot.

What information we collect

We collect information in two ways:

Information you provide directly

Name, email address, phone number, and company name from contact forms.
Project details and requirements shared during discovery calls.
Payment and billing information for consulting engagements.

Information collected automatically

IP address and browser type when you visit our website.
Pages visited, time on page, and referring URL (via analytics tools).
Cookie identifiers for session management and analytics.

How we use your information

To respond to your inquiry or consultation request.
To deliver consulting services you have engaged us for.
To send relevant content, updates, and announcements (with your consent).
To improve our website and services based on usage data.
To comply with legal obligations under GDPR, CCPA, and HIPAA.

Who we share your information with

We do not sell your personal information. We may share it only in these cases:

Service providers — CRM, email, and analytics vendors under data processing agreements.
Microsoft — when using Microsoft-hosted tools for project delivery (subject to Microsoft's privacy policy).
Legal requirements — when required by law, subpoena, or court order.
Business transfer — if EPC Group is acquired or merges, your data may transfer to the acquiring entity.

Data retention

We retain personal information only as long as needed to fulfill the purposes in this policy. We may retain it longer when required by law. When you close an account or request deletion, we delete your data within 30 days (subject to legal hold requirements).

Your rights

GDPR rights (EU/UK residents)

Right to access — request a copy of your personal data.
Right to rectification — correct inaccurate data.
Right to erasure — request deletion of your data.
Right to data portability — receive your data in a portable format.
Right to object — object to processing for direct marketing.
Right to restrict processing — limit how we use your data in certain cases.

CCPA rights (California residents)

California residents have additional rights under the California Consumer Privacy Act (CCPA). These include:

Right to know what personal information we collect about you.
Right to request deletion of your information.
Right to opt out of the sale of personal information (we do not sell data).
Right to non-discrimination for exercising your privacy rights.

Cookies

Our website uses cookies for session management and analytics. You can manage cookies through your browser settings. Disabling cookies may affect site functionality. We use Google Analytics and Microsoft Clarity for usage analytics — both are configured to anonymize IP addresses.

Security

We protect your data using industry-standard security controls:

TLS encryption for all data in transit.
Access controls limiting personal data to authorized staff.
Regular security reviews aligned with our SOC 2 controls.
Incident response procedures for data breach notification.

Contact for privacy requests

Email: contact@epcgroup.net
Phone: (888) 381-9725
Address: 4900 Woodway Drive, Suite 830, Houston, TX 77056

For GDPR or CCPA requests, include "Privacy Request" in your subject line. We respond within 30 days.

Policy updates

We update this policy when our practices change. The effective date at the top of this page reflects the most recent revision. Material changes will be communicated via email to active clients.

Frequently asked questions

Does EPC Group sell personal information?

No. EPC Group does not sell personal information to third parties. We share data only with service providers under data processing agreements, and only as described in this policy.

How do I request deletion of my data?

Email contact@epcgroup.net with the subject line "Privacy Request — Deletion." Include your name and the email address associated with your account. We process deletion requests within 30 days.

Is EPC Group HIPAA compliant?

Yes. EPC Group is a HIPAA-aware consulting firm. We sign Business Associate Agreements (BAAs) with healthcare clients and configure all Microsoft platforms with HIPAA controls. Our internal data handling follows HIPAA standards for any client data that includes PHI.

Microsoft Strategy: 2026 Considerations for Privacy

EPC Group 29-year Microsoft consulting heritage matters specifically because Microsoft platform decisions today are layered on top of 25 years of architectural choices: Active Directory schema decisions from 2005 affect Microsoft Entra ID Conditional Access policy design in 2026; SharePoint 2003 information architecture decisions affect Copilot grounding quality in 2026. The firms that can navigate that depth (fewer than a dozen Microsoft Solutions Partners in North America) have a structural advantage on enterprise Microsoft migrations.

Microsoft Solutions Partner status (six designations: Data & AI, Modern Work, Infrastructure, Security, Digital & App Innovation, Business Applications) replaced the legacy Microsoft Gold Partner program in 2022. EPC Group held Gold Partner status from 2003 to 2022 (the oldest continuous Gold Partner in North America) and currently holds all six Solutions Partner designations; a credentialing footprint shared by fewer than 50 firms globally and typically used by Microsoft field teams as a vetting gate for enterprise Customer 0 nominations and named-account engagements.

Decision factors EPC Group evaluates

Compliance and governance posture review
Enterprise architecture roadmap
Cost optimization and licensing audit
Microsoft platform capability assessment
Vendor consolidation analysis

EPC Group covers this topic across the relevant engagement portfolio. Reach the firm at contact@epcgroup.net for a 30-minute architect conversation.