Cyber Progress Index Privacy Policy

Last modified: April 19, 2018

Introduction:

CyberProgressIndex.com (“Company” or “We”) respect your privacy and are committed to protecting it through our compliance with this policy. We create cyber security program assessment tools and platforms, so we endeavor to be clear on how we use personal information if and when we collect it, and how we work to maintain your privacy. We do not knowingly attempt to solicit or receive information from children. This policy describes the types of information we may collect from you or that you may provide when you visit the website www.cyberprogresindex.com (our “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

How We Collect and Use (Process) Your Personal Information

We collect several types of information from and about users of our Website and its customers. With some exceptions, this information is limited to the type of information that is commonly shared on a business card: First name, last name, email address, phone number and employer name. We use this information to provide customers with the goods and services, including use of the platforms we offer.

You view the public sections of our Website without giving us your personal data, however, some personal information is necessary so that the Company can supply you with the services you have purchased or requested, and to authenticate you so that we know it is you and not someone else. You may opt-out of receiving marketing communication at any time.

Information You Provide to Us. The personal information we collect on or through our Website may include:

* Subscription/Ordering: Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to our service, posting material, or requesting further services. We may also ask you for information when you enter a contest or promotion sponsored by us, and when you report a problem with our Website. We process this information to deliver the provide the services to you, to respond to your communications, and to verify the accuracy of information for security purposes.

* Correspondence: Records and copies of your correspondence (including email addresses), if you contact us. We may retain such correspondence and the information contained in it and use it to respond to your inquiry; to notify you of upcoming events, publications, updates, or other services; or to keep a record of your complaint, accommodation, request, and the like. If you wish to have us “erase” your personal information or otherwise refrain from communicating with you, please contact us at

support@cyberprogressindex.com. Note: if you ask the Company not to contact you by email at a certain email address, the Company will retain a copy of that email address on its “master do not send” list in order to comply with your no-contact request.

* Surveys: Your responses to surveys that we might ask you to complete for research purposes.

* Payment Card Information: You may choose to purchase goods or services from the Company using a payment card. Typically, payment card information is provided directly by users, via the Company Website, into the PCI/DSS-compliant payment processing service to which the Company subscribes, and the Company does not, itself, process or store the card information. Occasionally, customers ask the Company employees to, on their behalf, enter payment card information into the PCI/DSS-compliant payment processing service to which the Company subscribes. We strongly encourage you not to submit this information by email. When Company employees receive payment card information from customers or members by email, fax, phone, or mail, it is entered as instructed and then deleted or destroyed.

* Searches: Your search queries on the Website. This information is used to assist in providing responses to your queries and to ensure continued quality of our services. * Posts/Comments: You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Use of the Company Website.

As is typical of most other websites, the Company Website collects certain information automatically and stores it in log files, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. The Website also uses cookies and web beacons.

The technologies we use for this automatic data collection may include:

* Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

* Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from,

and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies

* Web Beacons. Pages of the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of our Services. You have many choices with regards to the management of cookies on your computer. All major browsers allow you to block or delete cookies from your system. To learn more about your ability to manage cookies and web beacons, please consult the privacy features in your browser.

The information we collect automatically is statistical data and does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:

* Estimate our audience size and usage patterns.

* Store information about your preferences, allowing us to customize our Website according to your individual interests.

* Speed up your searches.

* Recognize you when you return to our Website.

Third-Party Use of Cookies and Other Tracking Technologies.

Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purposes of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using the Website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

The Company also uses a customer relationship management platform that deploys cookies when a user interacts with the Website or to Company communications, such as a marketing email or a marketing-based landing page on our website. This cookies collects personal information such as your name, which pages you visit on the Website, your history arriving at the Website. We use this information to evaluate the effectiveness of our marketing campaigns. You may set your browser to block these cookies.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

* To our subsidiaries and affiliates.

* To contractors, service providers, and other third parties we use to support our business.

* To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Company about our Website users is among the assets transferred.

* To third parties to market their products or services to you if you have not opted out of these disclosures.

* To fulfill the purpose for which you provide it.

* For any other purpose disclosed by us when you provide the information.

* With your consent.

We may also disclose your personal information:

* To comply with any court order, law, or legal process, including to respond to any government or regulatory request.

* To enforce or apply our terms of use https://www.cyberprogressindex.com/terms-of-use and other agreements, including for billing and collection purposes.

* If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

* Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly. * Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by checking the relevant box located on the form on which we collect your data You can also always opt-out by logging into the Website and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to support@cyberprogressindex.com. * Promotional Offers from the Company. If you do not wish to have your email address or contact information used by the Company to promote our own or third parties’ products or services, you can opt-out by checking the relevant box located on the form on which we collect your data, logging into the Website and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to support@cyberprogressindex.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience or other transactions.

* Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by logging into the website and adjusting your user preferences. For this opt-out to function, you must have your browser set to accept browser cookies.

We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not

to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website.

Accessing and Correcting Your Information

You can review and change your personal information by logging into the Website and visiting your account profile page. You may also send us an email at support@cyberprogressindex.com to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

If you delete your User Contributions from the Website, copies of your User Contributions may remain viewable in cached and archived pages, or might have been copied or stored by other Website users. Proper access and use of information provided on the Website, including User Contributions, is governed by our terms of use https://www.cyberprogressindex.com/terms-of-use.

Your California Privacy Rights

California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to support@cyberprogressindex.com or write us at: 105 AVENIDA DE LA ESTRELLA UNIT #4, SAN CLEMENTE CA 92672.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on secured servers behind firewalls. Any payment transactions are compliant with PCI-DSS standards.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

Data storage and retention

Your personal data is stored by the Company on its servers, and on the servers of the cloud-based database management services the Company engages, located in the United States. The Company retains data for the duration of the customer’s or member’s business relationship with the Company. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact the Company at support@cyberprogressindex.com

Transferring personal data from the EU to the US

The Company has its headquarters in the United States. Information we collect from you will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. The Company relies on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, the IAPP collects and transfers to the U.S. personal data only: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of the Company in a manner that does not outweigh your rights and freedoms. The Company endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with the Company and the practices described in this Privacy Notice.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users’ personal information, we will notify you [by email to the primary email address specified in your account [and/or through a notice on the Website home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at:

support@cyberprogressindex.com

or via our toll-free number: 800.274.4922