Privacy Policy

BREACHRECON WEBSITE PRIVACY NOTICE

Effective Date: August 1, 2018

We respect your concerns about privacy and value the relationship we have with you. This Privacy Notice applies to the websites of BreachRecon (the “Sites”), operated by GroupSense, Inc. This Notice describes the types of personal information we collect on these Sites, how we may use that information, with whom we  may  share  it and the rights and choices that may be available to you. Our Privacy Notice also describes the measures we take to protect the security of the personal information. We also tell you how you can reach us to answer any questions you may have about our privacy practices.

Information We Collect and How We Use It

Personal Information You Provide

You may choose to provide personal information (such as your name, address, telephone number and email address) on our Sites. Here are the ways you may provide the information and the types of information you may submit. We also tell you how we may use the information. The list below explains those uses for which we have a legitimate business interest.

  • Event Registration
    You may register on our Sites for BreachRecon-sponsored events. You may provide us with information such as your name, telephone number and email address when registering for an event. We use this information to register you for the event and contact you about changes and updates regarding the event. We also may use the information to communicate with you about other events and topics that we believe may be of interest to you, subject to obtaining your consent in accordance with applicable law.
  • News, Alerts, and Publications
    On our Sites, you may sign up to receive news, alerts and publications from BreachRecon. To sign up, we may ask you for information such as your name, address, telephone number, email address and topics of interest. We use the information you provide to send you the communications you request. We also may use the information to communicate with you about other topics that we believe may be of interest to you, subject to obtaining your consent in accordance with applicable law.
  • Commenting
    You may be able to submit comments to BreachRecon blogs, message boards, or knowledge repositories. You may include personal information in your comment, and you also may submit your name and email address with your comment. We may use your name to identify you as a commenter. You also may subscribe to get an RSS feed or email of our blogs, message boards, or knowledge repositories by submitting your email address. We use this information to send you the information you request and to communicate with you in connection with our blogs, subject to obtaining your consent in accordance with applicable law.
  • Contact Us
    If you communicate with us through the “Contact Us” link on our Sites, we may ask you for information such as your name, email address and telephone number so we can respond to your questions and comments. We also may use the information you provide to communicate with you about topics that we believe may be of interest to you, subject to obtaining your consent in accordance with applicable law.
  • Other Site Features
    Our Sites offer various features, which we may change from time to time. We may ask you to submit certain personal information so we can provide you with and communicate with you about these features, subject to obtaining your consent in accordance with applicable law.
  • Other Uses of Information
    We may use the personal information you provide on the Sites for our internal purposes. These purposes include administration of the Sites, market research, and data analytics.

We also may use the personal information we collect to protect us against and prevent fraud, claims, and other liabilities and to comply with or enforce applicable legal requirements, and our policies and terms. We use personal information for these purposes when it is necessary to protect, exercise or defend our legal rights, or when we are required to do so by a law that applies to us.

Personal Information We Collect by Automated Means

We collect certain information by automated means when you visit our Sites, such as how many users visit our Sites, what pages have been browsed, what emails or domains are queried, and from what geographic regions users visited the Sites. By collecting this information, we learn how to best tailor the Sites to our visitors. We collect this information through various means such as “cookies,” “web beacons” and IP addresses. Please see our Cookie Policy for further information.

Our Sites may use analytics to create statistical reports. These reports would tell us, for example, how many users visited our Sites, what pages have been browsed, what emails or domains are queried, and from what geographic regions users visited the Sites. The information collected through the use of analytics may include, for example, your IP address, the website from which you visited us, the type of device you used and your search query that led you to the Sites. The information collected through the use of analytics may also include the emails and domains you queried. Your IP address is masked on our systems and will only be used on a need-to-know basis to resolve technical issues, to administer our Sites and to understand visitor preferences. Traffic information on our Sites is accessed only by authorized personnel. We do not use any of this information to directly identify visitors and we do not share it with third parties. We process personal information for these purposes because we have a legitimate interest in understanding how our Sites are used and detecting and combating fraud. Our websites are not designed to respond to “do not track” signals received from browsers.

Information We Share

We do not sell, rent, trade or otherwise disclose personal information visitors submit through our Sites, except as described in this Privacy Notice. We may share your information among BreachRecon and GroupSense, Inc. related entities. We also may share the information with service providers we have retained to perform services on our behalf (for example, to process online registration forms for events or to  administer  our  website).  These service providers are not authorized by us to use or disclose the information except as necessary to perform services on our behalf or to comply with legal requirements. In addition, we may disclose information about you (i) if we are required to do so by law or pursuant to legal process, (ii) in response to a request from law enforcement authorities or other government officials, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.

We reserve the right to transfer any information we have about you in the event we sell or transfer all or a portion of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to try to require that the transferee use personal information you have provided through this website in a manner that is consistent with this Privacy Notice.

Links to Other Sites

Occasionally we provide links to other websites for your convenience and information. These websites operate independently from our Sites and are not under our control. These sites may have their own privacy notices or terms of use, which we strongly suggest you review if you visit any linked websites. We are not responsible for the content of these sites, any products or services that may be offered through these sites, or any other use of the linked sites.

How We Protect Personal Information

We maintain administrative, technical and physical safeguards for the Sites designed to protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of the personal information we collect through our Sites.

Information We Transfer

We may transfer the personal information we collect through the Sites to other countries where we do business, which may not have the same data protection laws as the country in which you originally provided the data.

We will comply with applicable legal requirements by providing adequate protection for the transfer of personal information to data recipients in countries outside of the European Economic Area. To the extent that these data recipients are in countries that have not been recognized by the European Commission as providing an adequate level of data protection, we use appropriate safeguards aimed at ensuring such a level of data protection is in place, including by entering into the European Commission’s EU Standard Contractual  Clauses  with  the  data  recipients  or  ensuring  that the data recipient has certified to the EU-U.S. Privacy Shield Framework, or has implemented Binding Corporate Rules.

How Long We Keep Information

We will keep your personal information for the time period necessary to achieve the purposes outlined in this Privacy Notice, taking into account applicable statute of limitation periods and records retention requirements under applicable law.

Your Choices

If you would like to update your contact information or preferences, or have your information removed from our mailing lists, please contact us by emailing us or writing us at:

BreachRecon / GroupSense

Attn.: General Counsel

4040 N. Fairfax Drive, Suite 1000B Arlington, VA 22203

USA

Your Rights

Subject to applicable law, you have the right to request access to and rectification of the personal information we maintain about you, to request the restriction of the processing of your personal information, or to object to that processing on grounds relating to your particular situation.

In addition, you may have the right to request erasure of your personal information in certain circumstances provided by applicable law. Subject to applicable law, where technically feasible, upon written request and verifiable identification, we will provide you with a copy of your personal information in a structured, commonly used, machine-readable format. To exercise these rights, please contact us as indicated below. You may lodge a complaint with a data protection authority if you are not satisfied with our response.

Updates to Our Privacy Notice

We may update or change this Privacy Notice from time to time and without prior notice to you. We will post a prominent notice on this web page to notify you of any significant changes to our Privacy Notice and indicate at the top of the notice when it was most recently updated.

How to Contact Us

If you have any questions about our information practices, please contact us by emailing us or writing us at:

BreachRecon / GroupSense
Attn.: General Counsel
4040 N. Fairfax Drive, Suite 1000B Arlington, VA 22203
USA

If you are a website visitor from the EEA, then the entity responsible is GroupSense, which can be reached by:

emailing us or writing us at:

BreachRecon / GroupSense
Attn.: General Counsel
4040 N. Fairfax Drive, Suite 1000B Arlington, VA 22203
USA

Version 1.0. Last Updated: August 8, 2018.