Last modified: April 19, 2018
CyberProgressIndex.com (“Company” or “We”) respect your privacy and are committed to protecting it through our compliance with this policy. We create cyber security program assessment tools and platforms, so we endeavor to be clear on how we use personal information if and when we collect it, and how we work to maintain your privacy. We do not knowingly attempt to solicit or receive information from children. This policy describes the types of information we may collect from you or that you may provide when you visit the website www.cyberprogresindex.com (our “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.
How We Collect and Use (Process) Your Personal Information
We collect several types of information from and about users of our Website and its customers. With some exceptions, this information is limited to the type of information that is commonly shared on a business card: First name, last name, email address, phone number and employer name. We use this information to provide customers with the goods and services, including use of the platforms we offer.
You view the public sections of our Website without giving us your personal data, however, some personal information is necessary so that the Company can supply you with the services you have purchased or requested, and to authenticate you so that we know it is you and not someone else. You may opt-out of receiving marketing communication at any time.
Information You Provide to Us. The personal information we collect on or through our Website may include:
* Subscription/Ordering: Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to our service, posting material, or requesting further services. We may also ask you for information when you enter a contest or promotion sponsored by us, and when you report a problem with our Website. We process this information to deliver the provide the services to you, to respond to your communications, and to verify the accuracy of information for security purposes.
* Correspondence: Records and copies of your correspondence (including email addresses), if you contact us. We may retain such correspondence and the information contained in it and use it to respond to your inquiry; to notify you of upcoming events, publications, updates, or other services; or to keep a record of your complaint, accommodation, request, and the like. If you wish to have us “erase” your personal information or otherwise refrain from communicating with you, please contact us at
firstname.lastname@example.org. Note: if you ask the Company not to contact you by email at a certain email address, the Company will retain a copy of that email address on its “master do not send” list in order to comply with your no-contact request.
* Surveys: Your responses to surveys that we might ask you to complete for research purposes.
* Payment Card Information: You may choose to purchase goods or services from the Company using a payment card. Typically, payment card information is provided directly by users, via the Company Website, into the PCI/DSS-compliant payment processing service to which the Company subscribes, and the Company does not, itself, process or store the card information. Occasionally, customers ask the Company employees to, on their behalf, enter payment card information into the PCI/DSS-compliant payment processing service to which the Company subscribes. We strongly encourage you not to submit this information by email. When Company employees receive payment card information from customers or members by email, fax, phone, or mail, it is entered as instructed and then deleted or destroyed.
* Searches: Your search queries on the Website. This information is used to assist in providing responses to your queries and to ensure continued quality of our services. * Posts/Comments: You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
Use of the Company Website.
The technologies we use for this automatic data collection may include:
* Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from,
and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies
* Web Beacons. Pages of the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of our Services. You have many choices with regards to the management of cookies on your computer. All major browsers allow you to block or delete cookies from your system. To learn more about your ability to manage cookies and web beacons, please consult the privacy features in your browser.
The information we collect automatically is statistical data and does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
* Estimate our audience size and usage patterns.
* Store information about your preferences, allowing us to customize our Website according to your individual interests.
* Speed up your searches.
* Recognize you when you return to our Website.
The Company also uses a customer relationship management platform that deploys cookies when a user interacts with the Website or to Company communications, such as a marketing email or a marketing-based landing page on our website. This cookies collects personal information such as your name, which pages you visit on the Website, your history arriving at the Website. We use this information to evaluate the effectiveness of our marketing campaigns. You may set your browser to block these cookies.
Disclosure of Your Information
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
* To our subsidiaries and affiliates.
* To contractors, service providers, and other third parties we use to support our business.
* To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Company about our Website users is among the assets transferred.
* To third parties to market their products or services to you if you have not opted out of these disclosures.
* To fulfill the purpose for which you provide it.
* For any other purpose disclosed by us when you provide the information.
* With your consent.
We may also disclose your personal information:
* To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
* If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
* Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by logging into the website and adjusting your user preferences. For this opt-out to function, you must have your browser set to accept browser cookies.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not
to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website.
Accessing and Correcting Your Information
You can review and change your personal information by logging into the Website and visiting your account profile page. You may also send us an email at email@example.com to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Your California Privacy Rights
California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org or write us at: 105 AVENIDA DE LA ESTRELLA UNIT #4, SAN CLEMENTE CA 92672.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on secured servers behind firewalls. Any payment transactions are compliant with PCI-DSS standards.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
Data storage and retention
Your personal data is stored by the Company on its servers, and on the servers of the cloud-based database management services the Company engages, located in the United States. The Company retains data for the duration of the customer’s or member’s business relationship with the Company. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact the Company at email@example.com
Transferring personal data from the EU to the US
The Company has its headquarters in the United States. Information we collect from you will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. The Company relies on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, the IAPP collects and transfers to the U.S. personal data only: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of the Company in a manner that does not outweigh your rights and freedoms. The Company endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with the Company and the practices described in this Privacy Notice.
or via our toll-free number: 800.274.4922