Compliance & Data Protection
Last Updated: February 15, 2026
Maintenance Intelligence Group, LLC (“MIG”) is committed to maintaining high standards of data protection, security, and regulatory compliance across all products and services, including EquipFlow. This page outlines our governance framework, privacy-by-design architecture, and regulatory alignment.
1. Privacy-by-Design Architecture
EquipFlow is built on a decentralized, privacy-first architecture.
Core Principles
- Asset, maintenance, and operational data are processed locally on customer-controlled devices.
- We do not operate centralized asset databases.
- Customer data is not aggregated, mined, or resold.
- Data transmission occurs only when explicitly initiated by the user.
This model minimizes exposure, reduces centralized breach risk, and supports regulatory compliance.
2. Data Roles and Responsibilities
Under applicable data protection laws:
Data Controller
Customers act as the Data Controller for their operational and asset data and determine how and why data is processed.
Data Processor
MIG acts as a limited Data Processor only for: Account administration, Licensing and entitlements, Billing, Authentication, and Customer support. We do not process customer asset data for independent commercial purposes.
3. Regulatory Compliance Framework
MIG supports compliance with major global regulations including GDPR (EU/UK), CCPA/CPRA (US), PIPEDA (Canada), LGPD (Brazil), APPI (Japan), and POPIA (South Africa). Our policies align with requirements across jurisdictions.
4. Lawful Basis for Processing
MIG processes personal data based on: Contractual necessity, Legitimate business interests, User consent, and Legal obligation. We do not engage in unauthorized secondary use of personal data.
5. Data Minimization and Retention
We collect only information necessary to provide services and manage accounts. Data is retained only for as long as required to fulfill obligations or meet legal requirements, and securely deleted thereafter.
6. Security Controls
MIG maintains safeguards consistent with industry best practices, including encrypted data transmission, secure authentication, and periodic security reviews.
7. Third-Party Service Providers
We engage vetted third-party providers for functions such as payment processing and hosting. Access is limited to the minimum necessary.
8. International Data Transfers
MIG implements appropriate safeguards consistent with applicable laws when personal data is transferred across borders.
9. Data Subject Rights
Individuals may have rights to access, correction, or deletion. Requests can be submitted to: privacy@maintenanceintelligencegroup.com.
10. Incident Response and Breach Management
MIG maintains an incident response program designed to detect, contain, and remediate threats, and notify affected parties where required.
11. Internal Governance
Our framework includes security policies, controlled system access, and confidentiality obligations for authorized personnel.
12. Audit and Oversight
MIG supports reasonable compliance inquiries and security-related questions from enterprise customers under confidentiality.
13. No Sale of Personal Data
MIG does not sell, rent, or monetize personal data for advertising or profiling purposes.
14. Regulatory Cooperation
We cooperate with lawful regulatory inquiries while preserving customer confidentiality to the maximum extent permitted.
15. Updates to This Page
This page may be updated periodically to reflect regulatory developments. Material changes will be communicated where required.
16. Contact Information
Maintenance Intelligence Group, LLC
Email: legal@maintenanceintelligencegroup.com
Website: https://www.equipflow.tech