What personal information do we collect about you?
Personal information (also commonly known as personally identifiable information (PII) or personal data) is information that can be used to identify you, or any other individual to whom the information may relate.
The personal information that we collect directly from those registering for the Service, includes the following categories:
- Name and contact information (e.g. address; phone number; email, fax);
- Billing Information (e.g. credit card, bank account, billing contact information)
- Order Information (e.g. current order/purchase information, purchase history, shipping details).
- Company/employer information
- Other information that may be exchanged in the course of engaging with the Service. You will be aware of any subsequently collected information because it will come directly from you.
When providing personal information to COMPANY as described in this Notice, that personal information is collected directly from you, and you will know the precise personal information being collected by us.
Please note that you should not submit to InfoSecEnforcer.com any sensitive personal information relating to your (i) racial or ethnic origin (ii) political beliefs (iii) philosophical or religious beliefs (iv) membership of a trade union or political party (v) physical or mental health or genetic makeup (vi) addictions, sexual life or (vii) the commission of criminal offenses or proceedings and associated penalties or fines unless you have previously sent to us your written consent that we may process such personal information. If InfoSecEnforcer.com determines consent to be a requirement of applicable law. If you provide such sensitive personal information to InfoSecEnforcer.com, that personal information will be promptly deleted.
What other personal information do we collect?
In addition to information collected directly from individuals engaging with the Service, InfoSecEnforcer may collect personal information of your customers or other data subjects via the tools available on the Service. For example, InfoSecEnforcer.com offers a data subject access request management tool that collects the personal information in order to facilitate our customer’s compliance with laws requiring data subject requests. The tools available on the service may collect the following from data subjects not directly engaged with the service:
- Name and contact information (e.g. address; phone number; email, fax);
If you utilize such tools available on the Service, you will deploy a collection form on your own website, and the data collected will be managed centrally by InfoSecEnforcer.com. It is your responsibility as the entity deploying such tools to notify data subjects that their personal information may be shared with third parties like InforSecEnforcer.com.
Collection of User Generated Content
We may invite you to post content on the Service, including your comments and any other information that you would like to be available on the Sites, which may become public (“User Generated Content”). If you post User Generated Content, all of the information that you post will be available to authorized personnel of InfoSecEnforcer.com. You expressly acknowledge and agree that we may access in real-time, record and store archives of any User Generated Content on our servers to make use of them in connection with the Service. If you submit a review, recommendation, endorsement, or other User Generated Content through the Service, or through other websites including Facebook, Instagram, Google, Yelp, and other similar channels, we may share that review, recommendation, endorsement or content publicly on the Service.
How does InfoSecEnforcer.com use personal information?
Subject to the terms of this Privacy Notice, InfoSecEnforcer.com uses the above described categories of personal information in several ways. Unless otherwise stated specifically, the above information may be used for any of the following purposes:
- to administer the Service to you;
- to respond to your requests;
- to distribute communications relevant to your use of the Service, such as system updates or information about your use of the Service;
- as may be necessary to support the operation of the Service, such as for billing, account maintenance, and record-keeping purposes;
- to send to you InfoSecEnforcer.com solicitations, product announcements, and the like that we feel may be of interest to you (you may “opt out” of receiving these marketing materials);
- in other manners after subsequent notice is provided to you and/or your consent is obtained, if necessary.
InfoSecEnforcer.com does not sell, re-sell, or distribute for re-sale personal information.
How do we share personal information with third parties?
We may provide any of the described categories of personal information to InfoSecEnforcer.com employees, consultants, affiliates or other businesses or persons for the purpose of processing such information on our behalf in order to provide the Service to you. In such circumstances, we require that these parties agree to protect the confidentiality of such information consistent with the terms of this Privacy Notice.
We will not share personal information with other, third-party companies for their commercial or marketing use without your consent or except as part of a specific program or feature for which you have the ability to opt-in or opt-out.
In addition, we may release personal information: (i) to the extent we have a good-faith belief that such action is necessary to comply with any applicable law, enforce any provision of the Terms of Service protect ourselves against any liability, defend ourselves against any claims, protect the rights, property and personal safety of any user or protect the public welfare; (ii) to respond to a court order, subpoena, or search warrant; or (iii) in the event we are acquired by or merged with a third-party entity.
Retention of Data
InfoSecEnforcer.com will retain personal information only for as long as is necessary for the purposes set out in this Notice, including, but not limited to, the statutory requirements imposed on our customers for tracking data subject access requests.
In addition, we will retain and use personal information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.
InfoSecEnforcer.com will also retain usage data for internal analysis purposes. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Sites and/or Portals, or we are legally obligated to retain this data for longer periods.
Cookies, Device Data, and How it is Used
When you use our Service, we may record unique identifiers associated with your device (such as the device ID and IP address), your activity within the Service, and your network location. InfoSecEnforcer.com uses aggregated information (such as anonymous user usage information, cookies, IP addresses, browser type, clickstream information, etc.) to improve the quality and design of the Service and to create new features, promotions, functionality, and services by storing, tracking, and analyzing user preferences and trends. Specifically, we may automatically collect the following information about your use of Service through cookies, web beacons, and other technologies:
- domain name
- browser type and operating system
- web pages you view
- links you click
- IP address
- the length of time you visit the Sites, Portals, and/or Services
- the referring URL or the webpage that led you to the Sites
We may also collect information regarding application-level events, such as crashes, and associate that temporarily with your account to provide customer service. In some circumstances, we may combine this information with personal information collected from you (and third-party service providers may do so on behalf of us).
International Data Transfer
If you are located outside the United States, in particular if you are located in Switzerland or the European Economic Area (“EEA”), please note that we and our servers are located in the United States. Any information that you provide to us may be transferred to and processed in the United States or other countries around the world where we do business. Although this may include recipients of information located in countries where there may be a lower level of legal protection for personal information than in your country, we will protect your information in accordance with requirements applicable to the law in your particular jurisdiction and take steps to only share with third parties that offer similar protection. By using our Service, you unambiguously consent to your information being collected, processed, used, and transferred as disclosed herein.
European Union Data Privacy Rights
If you are located in EEA, the General Data Protection Regulation (“GDPR”) grants you certain rights under the law. In particular, the right to access, correct, and delete the personal information we hold about you. InfoSecEnforcer.com will retain personal information for the length of time you engage with our services as described in the retention section of this Notice, until you request deletion of such personal data.
In certain circumstances, you have the following data protection rights:
- The right to access, update or delete the personal information we have on you.
- The right of rectification. You have the right to have you personal information rectified if that information is inaccurate or incomplete.
- The right to object. You have the right to object to our processing of your personal information.
- The right of restriction. You have the right to request that we restrict the processing of your personal information.
- The right to data portability. You have the right to be provided with a copy of the personal information we have on you in a structured, machine-readable and commonly used format.
- The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.
In order make a request regarding your personal information, please contact firstname.lastname@example.org.
If you have a comment, question, or complaint about how we are handling your personal information, we hope that you contact us at email@example.com in order to allow us to resolve the matter. In addition, if you are located in the EEA, you may submit a complaint regarding the processing of your personal information to the EU data protection authorities (each a “DPA”). The following link may assist you in finding the appropriate DPA: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
Legal Basis for Processing under GDPR
If you are from the EEA, our legal basis for collecting and using the personal information described in this Notice depends on the personal information we collect and the specific context in which we collect it.
We may process personal information because:
- We need to perform a contract with you;
- You have given us consent to do so;
- The processing is in our legitimate interest to offer the Service, when that legitimate interest is not overridden by your rights;
- To comply with the law.
Where personal information is processed based on consent, EU residents have the right to withdraw such consent at any time. To do so, please contact us as described in this Notice. If there is a different legal basis that would permit us to continue processing your personal information after withdrawing consent, we will notify you of that legal basis at the time of your request.
California Privacy Rights Under CCPA
If you are a California resident, California law may provide you with certain rights with regard to your personal information under the California Consumer Privacy Act (“CCPA”). Throughout this Privacy Notice you will find information required by CCPA regarding the categories of personal information collected from you; the purposes for which we use personal information, and the categories of third parties your data may be shared with. This information is current as of the date of the Notice and is applicable in the 12 months preceding the effective date of the Notice.
As a California resident, the CCPA provides you the ability to make inquiries regarding to your personal information. Specifically, the degree to which the information is not already provided in this Privacy Notice, you have the right to request disclosure about the collection and use of your personal information over the past 12 months, including:
- The categories of personal information collected about you.
- The categories of sources for the personal information collected about you.
- The business or commercial purpose for collecting your personal information.
- The categories of third parties with whom your personal information was shared.
- The specific pieces of personal information collected about you.
- If your personal information was disclosed for a business purpose, the personal information categories disclosed and the categories of third parties to which the information was disclosed.
- If your personal information was sold in the past 12 months, the personal information categories sold and the categories of third parties to which the information was sold (Note: InfoSecEnforcer DOES NOT SELL YOU PERSONAL INFORMATION).
Please note that you may only make the above requests twice in a 12-month period. You also have the right to request that any of your personal information collected and retained be deleted, subject to certain exceptions. Finally, you have the right to not receive discriminatory treatment by InfoSecEnforcer.com or any business for exercising any of the rights provided under CCPA.
You may submit a request regarding your rights under CCPA by submitting a request through the following form, request form, or by contacting us at one of the following: support @ InfoSecEnforcer dot com.
If we receive a CCPA request from you, we will first make a determination regarding the applicability of the law, and we will then take steps to verify your identity prior to responding. The steps to verify your identity may vary based on our relationship with you, but, at a minimum, it will take the form of confirming and matching the information submitted in the request with information already held by InfoSecEnforcer.com and/or contacting you through previously used channels to confirm that you submitted the request (i.e. confirming identity through contact information that we have on file, not the contact information submitted to make the request).
Your rights as stated here can also be exercised by an authorized agent on your behalf. InfoSecEnforcer.com will follow the standards set by the Attorney General of California regarding the designation of an authorized agent to exercise rights under CCPA. You may review information available through the Attorney General website (https://www.oag.ca.gov/privacy/ccpa) regarding how an individual can be designated as an authorized agent under CCPA.
In addition to CCPA, California Civil Code Section 1798.83 permits users of the Website who are California residents to request certain information regarding its disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us as described here.
Third Party Advertisers
Information Storage and Security
We retain information as long as it is necessary and relevant to provide you with the Service. We also retain personal information to comply with applicable law, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Terms of Service, collect any fees owed, and other actions permitted by law. After it is no longer necessary for us to retain information, we dispose of it according to our data retention and deletion policies.
We employ industry-standard security measures designed to protect the security of all information submitted through the Service. However, the security of information transmitted through the internet or via a mobile device can never be guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data. Users of the Service are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of the Service. In order to protect you and your information, we may suspend your use of any of the Service, without notice, pending an investigation, if any breach of security is suspected.
The Service may contain links to other websites maintained by third parties. Please be aware that we exercise no control over linked sites and InfoSecEnforcer.com is not responsible for the privacy practices or the content of such sites. Each linked site maintains its own independent privacy and data collection policies and procedures, and you are encouraged to view the privacy policies of these other sites before providing any personal information.
You hereby acknowledge and agree that InfoSecEnforcer is not responsible for the privacy practices, data collection policies & procedures, or the content of such third-party sites, and you hereby release InfoSecEnforcer.com from any and all claims arising out of or related to the privacy practices, data collection policies and procedures, and/or the content of such third-party sites.
The Service is not intended for children under the age of 13, and InfoSecEnforcer does not knowingly collect the personal information of children under the age of 13.
Changes to this Privacy Notice
InfoSecEnforcer.com reserves the right to modify this Privacy Notice from time to time in order that it accurately reflects the regulatory environment and our data collection principles. When material changes are made to this Privacy Notice, InfoSecEnforcer.com will post the revised Notice on our website. This Privacy Notice was last modified as of July 15, 2020.
If you have any questions or comments about this Privacy Notice or the Service provided by InfoSecEnforcer.com, please contact us at: support @ InfoSecEnforcer dot com.