ACRA™ Executive Snapshot Use Notice

Effective date: June 15, 2026

This Use Notice explains what the ACRA™ Executive Snapshot (the “Snapshot”) is, how to use it, and how Direnzic Technology Consulting Group (“Direnzic,” “we,” “us,” or “our”) handles the information you provide. By completing the Snapshot, you acknowledge this Notice and our Privacy Policy.

What the Snapshot is

The Snapshot is an executive-level readiness indicator across the nine ACRA domains. It is designed to help leaders see, at a high level, where deeper review of their AI-era cyber, governance, and operational readiness posture may be needed.

What the Snapshot is not

The Snapshot is not a certification, full audit, Comprehensive ACRA assessment, penetration test, compliance determination, legal opinion, or regulatory finding. It is not a guarantee of cybersecurity, compliance, or AI governance maturity. Results are based on the answers you provide and are indicative only.

How to use the Snapshot

Please answer at the policy, governance, and leadership level. The Snapshot is not intended for submission of sensitive technical evidence, credentials, protected data, incident records, legal documents, vendor contracts, or confidential operational materials. Provide high-level readiness responses only, and do not enter confidential, regulated, or security-sensitive information.

Information we collect

When you complete the Snapshot, we collect the details you enter, such as your name, work email, organization, role or title, sector, and organization size, together with the answers you select and the results those answers generate, including your overall score, readiness band, and domain-level results. We may also record the date you completed the Snapshot and the source through which you reached it.

How we use your information

We use this information to generate your Snapshot results, send you a copy of your results, personalize your Executive Readiness Room experience and related readiness guidance, and contact you about your results and relevant Direnzic programs. Our handling of personal information is governed by our Privacy Policy.

Service providers

We may use trusted service providers, such as form, email marketing, CRM, automation, analytics, or hosting providers, to process Snapshot information on our behalf. These providers are used to support the Snapshot experience, deliver communications, and help Direnzic manage follow-up.

How we protect and retain your information

We limit access to Snapshot information to Direnzic personnel who need it for the purposes described above. We do not sell your Snapshot information or share it for cross-context behavioral advertising.

Unless a longer period is required by law, needed for an active client relationship, or requested by you, Direnzic generally aims to delete or anonymize raw Snapshot response data within 90 days. Summary information, such as completion status or readiness category, may be retained as part of ordinary business records, customer relationship management, or program history.

You may request a copy, correction, or deletion of your information by contacting us.

No reliance

The Snapshot supports executive reflection and planning. It does not replace a formal assessment, legal review, compliance review, penetration test, risk assessment, or professional advisory engagement. Decisions about your security, compliance, or governance posture should not be made on the Snapshot alone.

Changes to this Notice

We may update this Notice from time to time. The effective date above reflects the most recent version.

Contact

For questions about this Notice or about the information you provided, contact Direnzic Technology Consulting Group through our contact page or by phone at (214) 995-2642.

>