This Privacy Policy describes how ANRO receives and uses data to perform their services. This policy applies to ANRO’s print, mail, and digital marketing services.

We receive personal information from our clients to perform the Services. This may include names, addresses, email addresses, phone numbers, account numbers, and other data that may constitute personally identifiable information (PII), protected health information (PHI), or payment card data.

When you visit the Site or submit the “Contact Us” form, we may collect:

• Contact information (name, email, phone, company, message)
• Technical and usage data (IP address, browser type/version, device type, pages viewed, referring URL, time spent)
• Cookies and similar tracking technologies (see Section 2 below)

We use cookies, pixels, and similar technologies to operate the Site, understand usage, improve performance, and maintain security. These may include:

• Strictly necessary cookies
• Analytics cookies (e.g., Google Analytics)
• Functional cookies

You can manage cookie preferences through your browser settings. We do not use cookies for cross-site targeted advertising.

We use Client Data exclusively to fulfill our contractual obligations, including:

• Printing, addressing, and mailing
• Postal validation and address hygiene
• Campaign targeting, personalization, and response measurement
• Other workflows expressly authorized in our client agreement

We do not use Client Data for our own marketing, profiling, or any purpose unrelated to the Services.

We use information collected through the Site to:

• Respond to your inquiries
• Improve the Site and user experience
• Detect and prevent security threats
• Perform internal analytics and operational purposes

We do not sell personal information (as defined by CCPA/CPRA or any other U.S. state privacy law). Client Data may be disclosed only:

• To subcontractors or vendors who assist us in providing the Services (e.g., postal carriers, data-processing partners) under written agreements that require them to protect the data and use it only for the permitted purpose
• When a client expressly instructs us to share it
• As required by applicable law, regulation, or court order

Site Data may be shared with service providers who help us operate the Site (analytics, hosting, security) under appropriate contracts.

ANRO maintains administrative, technical, physical, and organizational safeguards to protect personal information. We are:

• SOC 2 Type II certified
• PCI DSS compliant
• HIPAA compliant (and enter Business Associate Agreements when handling PHI)

All facilities undergo annual security audits. Data is encrypted in transit and at rest where appropriate.

We retain Client Data only as long as necessary to fulfill the Services or as required by our client agreement or applicable law.

Site contact/inquiry data is typically retained for 2–3 years or until the purpose is fulfilled, unless a longer period is required by law.

All ANRO employees receive training on our Privacy Policy and Information Security Policy and are bound by confidentiality obligations.

In the event of a data breach involving personal information, we will notify affected clients (and individuals where required by law) without unreasonable delay and in accordance with applicable laws and contractual obligations.

We may update this Policy from time to time. The “Effective Date” at the top indicates the latest version. We encourage you to review it periodically. Clients may request the current version at any time.

If you have any questions about this Privacy Policy, the practices of our site, or to request the most updated version of our Privacy Policy, please contact us at: