Bearing Cybersecurity & Consulting, LLC. knows that you care about how your information is used and shared. And we care, too. The information we learn from customers helps us implement and continually improve your experience.
This Privacy Notice describes the information that we gather, how we use and disclose such information, and the steps we take to protect such information. By using MyCyberScorecard or purchasing the service, you accept the practices described in this Privacy Notice.
We Gather Information to Implement and Improve MyCyberScorecard.
To make a better product, we gather the following types of information.
Information You Give Us. When you submit a form on our website, you may provide, and we may collect some personal data. Such data can include name, business email address, phone number, associated company, and company website. This can also include other information, such as geographic area or preferences of your company, and the information is not linked to information that identifies you, a specific individual. We do not collect personally identifiable information that, if compromised, could lead to the disruption of an individual's rights and freedoms, such as race, sex, age, sexuality, or payment information. You may provide us with personal data in various ways. For example, when you download a piece of content, request more information, use our Chat on the website, register for an account, use MyCyberScorecard, post data, interact with other users through messaging or other communication mediums, or send us customer service requests.
The Right to Erasure. We have processes in place to ensure that we respond to a request for erasure without undue delay and within one month of receipt. We are aware of the circumstances when we can extend the time limit to respond to a request. We understand that there is a particular emphasis on the right to erasure if the request relates to data collected from minors. We have procedures in place to inform any recipients if we erase any data we have shared with them. We have appropriate methods in place to erase information.
Information Collected by Users. A user may store or upload information into MyCyberScorecard that identifies a specific person. Bearing Cybersecurity & Consulting, LLC. has no direct relationship with the individuals whose personal data it hosts. MyCyberScorecard users are responsible for providing notice to any third persons stating the purpose for collecting personal data and notifying how the personal data is processed in or through MyCyberScorecard.
Automatic Information. When a client uses MyCyberScorecard, we may automatically record certain information from the user's device through various types of technology, including but not limited to cookies and web beacons. This may include IP address or other device identification, web browser, device type, web pages or sites visited immediately before or after using the Service, MyCyberScorecard pages or content the user views or interacts with, and the dates and times of the visit, access, or use of the service. We also may collect information regarding a user's interaction with email messages, such as whether the user opens, clicks on, or forwards a message.
Integrated Services. You may be given the option to connect MyCyberScorecard with your user name and passwords from integrated third-party services, such as a Google account, or authorize an integrated service to provide personal data or other information to Bearing Cybersecurity & Consulting, LLC. By authorizing MyCyberScorecard to connect with an Integrated Service, you authorize Bearing Cybersecurity & Consulting, LLC. to access and store your name, email address, date of birth, gender, city, profile picture, and any other information that the integrated service provides, and to use and disclose it per this Privacy Notice. Before connecting to an integrated service, you should check your privacy settings to see what information the integrated service makes available and change those settings to match your preferences.
Cookies and Tracking Technologies. We use information collected through cookies and similar technologies to personalize our products—such as remembering a user's information so that the user will not have to re-enter it during subsequent visits, provide customized content and information, monitor the effectiveness of services and third-party marketing activities, monitor site usage metrics.
How We Use the Information We Gather
We utilize gathered information in the following ways.
Improvements. We use gathered information to understand and analyze user usage trends and preferences. This helps us improve offerings and develop new products, services, features, and functionality.
Operations. We use gathered information to operate, maintain, enhance our products, provide users' services and information, respond to comments and questions, and provide support to users.
Communications. We may use a user's email address or other information to contact that user for administrative purposes, including but not limited to customer service, intellectual property infringement, right of privacy violations, defamation issues related to data posted by users, or updates on promotions and events associated to products and services offered by Bearing Cybersecurity & Consulting, LLC. and third parties we work with. You can opt-out of these emails at any time by email.
Does Bearing Cybersecurity & Consulting, LLC. Share the Information It Receives?
Except as described in this Privacy Notice, we will not intentionally disclose personal data that we collect to third parties without consent. We share customer information only as described below and with subsidiaries Bearing Cybersecurity & Consulting, LLC. controls that either is subject to this Privacy Notice or follow practices at least as protective as those described in this Privacy Notice.
Third-Party Service Providers. We work with third-party service providers who provide website, application development, hosting, maintenance, and other services for us. They have access to personal information needed to perform their functions but may not use it for other purposes. These third parties may have access to or process personal data to provide those services for us. We limit the information provided to these service providers to what is reasonably necessary for them to perform their functions, and our contracts require them to maintain the confidentiality of such information.
Business Transfers: As we continue to develop our business, we might sell or buy subsidiaries or business units. In such transactions, customer information generally is one of the transferred business assets but remains subject to the promises made in this pre-existing Privacy Notice unless the customer consents otherwise.
Law Enforcement, Legal Process, and Compliance: We release account and other personal information when we believe release is required to comply with the law, enforce or apply our conditions of use and other agreements, or protect the rights, property, or safety of Bearing Cybersecurity & Consulting, LLC. and our users. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
Non-Personally Identifiable Information. We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including but not limited to compliance with reporting obligations, business or marketing, to assist in understanding user patterns, and to improve the content, services, and functionality.
How Secure is Your Personal Information?
Bearing Cybersecurity & Consulting, LLC. uses industry standards to protect the information submitted to us, both during transmission and storage. We maintain appropriate administrative, technical, and physical safeguards to protect personal data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of personal data processing in our possession. This includes firewalls, password protection, optional two-factor authentication, and other access and authentication controls. We use SSL technology to encrypt data during transmission, and we employ application-layer security features to anonymize personal data further.
However, no transmission method over the Internet or electronic storage is entirely secure. We cannot guarantee the security of any information you transmit to store or use on our systems, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your personal data has been compromised, please contact us at firstname.lastname@example.org.
We are not responsible for circumvention of any privacy settings or security measures on the service. Additionally, we cannot control other users' actions with whom you may choose to share your information. Further, even after information posted is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the service. We cannot and do not guarantee that information you post on or transmit will not be viewed by unauthorized persons.
Bearing Cybersecurity & Consulting, LLC. products may contain features or links to third parties' web sites and services. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators' policies governing privacy and security, even if accessed through our systems. We are not responsible for third party content, privacy policies, or security practices. We encourage you to learn about third parties' privacy and security policies before providing them with information.
Minors and Children's Privacy
Our service is not intended for children, and we do not knowingly collect personal data from children under the age of 18 without obtaining parental consent. If you are under 18 years of age, then please do not use or access MyCyberScorecard at any time or in any manner. If we learn that personal data has been collected from persons under 18 years of age and without verifiable parental consent, then we will take appropriate steps to delete this information. Suppose you are a parent or guardian and discover that your child under 18 years of age has obtained a MyCyberScorecard account on the service. In that case, you may alert us at email@example.com and request that we delete that child's personal data from our systems.
Data Controller and Data Processor
Bearing Cybersecurity & Consulting, LLC. does not own, control, or direct the use of any data stored or processed by MyCyberScorecard users. Only users are entitled to access, retrieve, and direct the use of such data. Bearing Cybersecurity & Consulting, LLC. is largely unaware of what data is being stored or made available by users and does not directly access such data except as authorized by the client or as necessary to provide services to the client and its users.
Because Bearing Cybersecurity & Consulting, LLC. does not collect or determine the use of any personal data contained in clients' data and because Bearing Cybersecurity & Consulting, LLC. does not determine the purposes for which such personal data is collected, the means of collecting such personal data, or the uses of such personal data, Bearing Cybersecurity & Consulting, LLC. is not acting in the capacity of data controller as outlined in European Union Directive 95/46/EC on data privacy or the European Data Protection Regulation and does not have the associated responsibilities under the law.
Bearing Cybersecurity & Consulting, LLC. should be considered only as a processor on behalf of its clients regarding any client data containing personal information subject to the requirements of the European Data Protection Regulation. Except as provided in this Privacy Notice, Bearing Cybersecurity & Consulting, LLC. does not independently cause client data containing personal data to be transferred or otherwise made available to third parties, except to third party subcontractors who may process such data on behalf of Bearing Cybersecurity & Consulting, LLC. in connection with Bearing Cybersecurity & Consulting, LLC.'s provision of services to clients. Such actions are performed or authorized only by the applicable client or user.
The client or user is the data controller under the European Data Protection Regulation for any client data containing personal data, meaning that the client or user controls the manner such personal data is collected and used and determines the purposes and means of the processing of such personal data.
Bearing Cybersecurity & Consulting, LLC. is not responsible for the content of the personal data contained in the client data or other information stored on Bearing Cybersecurity & Consulting, LLC. servers or subcontractor servers.
Access, Correction, Deletion
We respect your privacy rights and provide reasonable access to the personal data that you provide. You may decline to share specific personal data with us, in which case we may not be able to provide you with some features and functionality. If you wish to access or amend any personal data we hold about you or request that we delete any information about you that we have obtained from an integrated service, you may contact us at firstname.lastname@example.org. We will block or delete any reference to you in our databases at your request.
You may update, correct, or delete your user account information and preferences at any time by accessing your account settings page in MyCyberScorecard. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain information you submit for backups, archiving, prevention of fraud and abuse, analytics, or satisfaction of legal obligations.
Opting out from Commercial Communications
If you receive commercial emails from us, you may unsubscribe at any time by following the instructions contained within the email.
Changes and Updates to the Privacy Notice
Please revisit this page periodically to be aware of any changes to the Privacy Notice, which we may update periodically. If we modify the Privacy Notice, we will notify you of such changes upon logging into our product and will comply with all applicable laws. After the revised Privacy Notice has become effective, your continued use indicates that you have read, understood, and agreed to the revised version of the Privacy Notice.
How to Contact Us
Please contact us with any questions or comments about this Privacy Notice, your personal data, our use and disclosure practices, or your consent choices by email at email@example.com.