Effective date: May 25, 2018

At BreachLock, Inc. (hereinafter referred to as “BreachLock”), we are committed to protecting and respecting the privacy of visitors to our website (“the website’’) and customers of our products and services (collectively, “Services”). We take responsibility for complying with the UK Data Protection Act 1998 (DPA), the General Data Protection Regulation, and the EU-US Privacy Shield Framework.

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our services and the choices and rights you have associated with that data.

We use your data to provide and improve our services. By using our services, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Use.

1. Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you.

1.1. Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally, identifiable information may include, but is not limited to:

To learn more about our use of cookies or similar technology, please see the “Cookies Policy” section below.

1.1.1. Who is responsible for your Personal Information?

BreachLock Inc. and its affiliates are responsible for your personal information. We may also retain the services of external suppliers to help meet our business needs and may share your data with these suppliers. These suppliers have been selected after a rigorous evaluation process and chosen for their security, reliability, and competence. They will process your data only under our instructions. Some of these suppliers may be based in non-EU countries. Where this is the case, the transfer of your Personal Information to these countries is carried out in compliance with the guarantees provided by law. Please contact us on the details given in the Contact section if you wish to receive information about these suppliers.

1.2. Usage Data

We may also collect information on how our services are accessed and used (“Usage Data”). This usage data may include information such as your computer’s IP address, browser type, browser version, the pages of our services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

1.3. Cookie Policy

We use cookies and similar tracking technologies to track the activity on our services and hold certain information. Cookies are files with small amount of data which may include a unique anonymous identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Below is the example of cookies we use on our site, and why we use them:

For more information on what kind of cookies being collected by Breachlock.com and BreachLock Inc., please visit our Cookie declaration page. If you have any issues with the cookies being collected, please write to us at the contact details given in the Contact section.

1.4. Use of Data

BreachLock Inc. uses the collected data for various purposes:

We will provide you with marketing-related information (including newsletters and promotional materials) only after you have, where legally required to do so, opted-in to receive those communications and have provided the opportunity for you to opt-out at any time.

BreachLock shall not use your personal information for taking any automated decisions affecting or creating profiles other than as described above.

 

1.5. Transfer of Data

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States and process it there.

We transfer personal information to other countries only when it is essential for the services we provide you, or it is required for the verification or proof of legal claims, such as European Commission approved standard contractual clauses.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

BreachLock shall take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

1.6 Disclosure of Data

BreachLock Inc. may disclose your Personal Data in the good faith belief that such action is necessary to:

1.7 Security of Data

Security of your data is important to us, but it must be noted that no method of transmission over the Internet or method of electronic storage is 100% secure, i.e., absolutely secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

1.8 Service Providers

We may employ third party companies and individuals to facilitate our services (“Service Providers”), to provide our service on our behalf, to perform service-related services or to assist us in analyzing how our services are used. These third parties have access to your personal data only to perform these tasks on our behalf and are obligated under the law to not to disclose or use it for any other purpose.

1.8.1 Analytics

We may use third-party service providers to monitor and analyze the use of our services

1.8.1.1 Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our services. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its advertising network.

You can opt-out of having made your activity on the services available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page.

1.8.1.2 Lucky Orange Web Analytics Service

This site uses the Lucky Orange analytics system to help improve usability and customer experience. Lucky Orange may record mouse clicks, mouse movements, and scrolling activity. Lucky Orange may record keystroke information that you voluntarily enter on this website. Lucky Orange does not track this activity on any site that does not use the Lucky Orange system.

You can opt-out of having made your activity on our services available to Lucky Orange by visiting their privacy page and click on privacy opt-out button. For more information on the privacy practices of Lucky Orange, please visit the Lucky Orange Privacy web page.

 

1.9 Links to other sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

2. The EU-US Privacy Shield Framework

2.1 Participation

BreachLock has applied for participation in the EU-US Privacy Shield framework, and it is committed to subjecting all personal data received from the EU member countries except Switzerland (“the EU”) to the Principles and Supplemental Principles (“the Principles”) given in the Framework. To learn more about the EU-US Privacy Shield framework, you can visit the Privacy Shield List website maintained by the International Trade Administration, the US Department of Commerce.

BreachLock complies with the Privacy Shield Principles for onward transfer of personal data from the EU to the US, including the provisions dealing with onward transfer liabilities. Under those provisions of the framework and certain circumstances specified therein, BreachLock is responsible for the processing of personal data received under the Privacy Shield Framework and further transferred to a third party acting as an agent of BreachLock.

For personal data received or transferred from the EU under the Privacy Shield Framework, BreachLock is subject to the regulatory enforcement powers of the US Federal Trade Commission (FTC). As detailed in the Principles, BreachLock may be required to disclose personal information of an individual without taking consent from an individual in response to lawful requests made by the public authorities, including to meet law enforcement or national security requirements.

You have a right to invoke binding arbitration under certain circumstances when other dispute resolution mechanisms have been exhausted. These circumstances have been detailed on the framework website.

2.2 Scope

This privacy policy applies to individuals as well as BreachLock employees who are residing in the European Union.

2.3 Categories of Data Collected

2.3.1 Non-HR Data

Considering the nature of our services, BreachLock majorly collects business-related data. However, it receives personal information of individuals either representing a business or in their personal capacity which includes –

2.3.2 Purpose

BreachLock collects the data specified under 2.3.1 for its services, communicating with prospective clients, sending marketing emails, and performing other marketing-related activities which fall under legitimate business purposes and are permissible under the Framework.

2.4 Disclosure

BreachLock shares the collected data with its affiliates, which process this data on behalf of BreachLock. It also shares data with other third parties to fulfill various obligations and as required or permitted by law.

For marketing emails, you can opt-out of receiving such emails from BreachLock by writing to us at the contact details given in the Contact section or using the ‘’Unsubscribe” option given in all the emails sent from BreachLock. Notwithstanding the contents of this Policy, BreachLock may disclose personal data in the circumstances as specified in the Principles.

2.5 Right to Access and Review

An individual residing in the EU has a right to access his personal information stored with BreachLock. An individual may request to update, correct, or delete his data. To submit such requests to exercise your right or raise any questions, please contact BreachLock as per the Contact section given below. As per the provisions of the framework, BreachLock reserves the right to authenticate an applicant’s identity, charge a minimum amount of fee, and deny or provide access.

2.6 Compliance and Certification

BreachLock complies with the EU-US Privacy Shield framework and has self-certified to the Department of Commerce that it adheres to the principles laid down in the framework. If there is any conflict or vagueness in this Privacy Statement and the Privacy Shield framework, the Privacy Shield Framework shall govern. To learn more about the framework, please visit the framework website.

3. Contact

If you have any questions related to this Privacy Policy, your personal data stored with BreachLock, your rights under the framework, and any matters related thereof, please contact our Compliance Manager:

Address: BreachLock, Inc.
3 Germany Dr,
Unit 4 #1354
Wilmington DE 19804
Email: compliance@breachlock.com
Phone: +1-917-779-0009
Fax: +1-302-516-7152

In case there is an unresolved issue, and we have not answered satisfactorily, please contact our independent dispute resolution provider – The EU DPAs – here. For individuals, this process is free of cost.

4. Changes to this Policy

This Privacy reflects our information security and data protection practices. If any material changes are made in the contents of this policy, BreachLock will also let you know via email and/or a prominent notice on our services, prior the changes coming into effect and updating the “Effective Date” at the top of this Policy. Changes to this Policy are effective when they are published on this page.