The AME Group Privacy Statement

This Privacy Statement applies to The AME Group’s website (www.theamegroup.com) and services. It outlines how we collect, use, protect, and retain personal information in accordance with our corporate governance, risk management, and compliance program.

By using our Site, you agree to the terms of this Privacy Policy

Information We Collect

• Business contact details, billing, and account information
• Voluntarily submitted contact information through web forms, which can include, full name, email address, phone number, business name, message content.
• Content you voluntarily submit by completing surveys.
• Technical and operational data (logs, system usage, IP addresses, device data)
• Compliance-related information required by audits and contracts

How We Use Information

• Delivering and supporting requested services
• Security monitoring, vulnerability management, and incident response
• Meeting compliance requirements (SOC 2 Type II, MSP Verify™, regulatory and contractual)
• Responding to inquiries and requests
• Improve our website and services
• Understand visitor needs and preferences

Security Practices

• Encryption (in transit and at rest)
• Role-Based Access Control (RBAC) and least privilege enforcement
• Multi-Factor Authentication (MFA) across systems
• Continuous monitoring for threats and anomalies
• Incident response procedures for suspected or actual security events
• Vendor risk assessments to ensure third-party compliance
• Vulnerability management program with monthly scanning and remediation tracking

Compliance and Certifications

• SOC 2 Type II – annual independent audits
• MSP Verify™ (MSPAlliance) certification for managed service providers
• Controls aligned with NIST CSF, CIS Controls, and ISO/IEC 27001 standards

Third-Party Sharing

Information may be shared with third parties strictly for service delivery, security, or compliance purposes. All third parties undergo vendor due diligence and must meet contractual data security obligations. We do not sell your information with third parties.

Data Retention

We retain information as long as required for business purposes, contractual obligations, or legal/regulatory requirements.

Cookies

Our website uses cookies to:

• Recognize returning visitors

• Track preferences and interactions
• Analyze website usage and performance
• Support security features

We do not use cookies for advertising or selling data.

You can disable cookies in your browser settings. Some features may not function properly if cookies are disabled.

Mobile Device Privacy

When accessing our Site via mobile device, we may collect:

• Device type and identifiers
• Usage data
• Location data (if location services are enabled)

This data is not linked to your user account or personally identifiable information.

Children’s Privacy

Our Site is not intended for children under 13. We do not knowingly collect personal information from children. If we discover such data, we will delete it promptly.

Your Rights and Contact

Individuals may request access, correction, or deletion of personal information as permitted by law.

📧 ISMS@theamegroup.com
📞 1.800.264.8851
🏢 619 Main Street, Vincennes, IN 47591

Dispute Resolution

This Policy is governed by the laws of Indiana. Any disputes will be resolved in the courts located in Vincennes, Indiana.

Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page. If we have your email, we may notify you directly.

Effective Date: February 10, 2017
Last Updated: September 16, 2025

To learn more about our security and compliance, visit our Trust Center.