Last updated: June 19, 2023
This website privacy policy demonstrates GreyCastle Security, LLC’s commitment to the privacy of your personally identifiable information (PII). You can visit this web site without telling us who you are or revealing any information about yourself. However, when you register on our site to receive information, register for events or newsletters, apply for an open position, or otherwise interact with GreyCastle Security, LLC, we may collect profile information or PII from you.
In order to fulfill your request for information or to register for events or newsletters, we may ask that you provide:
If you are applying for an open position, we will ask that you provide:
We may collect information such as:
We use cookies and similar tracking technologies to track the activity on our webpages and to store certain information. Tracking technologies used are:
You can set your browser to refuse all cookies or to indicate when a cookie is being sent.
Cookies can be “Persistent” or “Session” cookies. Persistent cookies remain on your device when you go offline, while session cookies are deleted as soon as you close your browser.
We may use your personal data for the following purposes:
We may share your personal information in the following situations:
We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies.
We will retain your usage data of internal analysis purposes. Usage data is generally retained for a shorter period of time.
Your information is processed at our operating offices and in any other places where the parties involved in the processing are located. This means that your personal data may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
We will take all reasonable steps necessary to ensure that your personal data is treated securely and in accordance with this Privacy Policy and that no transfer of your personal data will take place to an organization or country unless there are adequate controls in place.
We may process personal data under the following conditions:
In any case, we will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
We respect the confidentiality of your personal data and strive to guarantee that you can exercise your rights.
You have the right under this Privacy Policy, and by law if you are within the EU, to:
You may exercise your rights of access, rectification, cancellation and opposition by contacting us. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible.
You have the right to complain to a Data Protection Authority about our collection and use of your personal data. For more information, if you are in the European Economic Area (EEA), please contact your local data protection authority in the EEA.
This privacy notice section for California residents supplements the information contained in our Privacy Policy, and it applies solely to all visitors, users, and others who reside in the State of California.
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device. The following is a list of categories of personal information which we may collect or may have been collected from California residents.
Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by us but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal information would only be collected if you provided such personal information directly to us.
Category | Content | Examples | Collected by Us |
A | Identifiers | Real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account number, driver’s license number, passport number, or similar identifiers | Yes |
B | Personal information categories listed in CA Customer Records statute | Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information | Yes |
C | Protected classification characteristics under CA or federal law | Age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sec (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information) | No |
D | Commercial information | Records and history of products or services purchased or considered | No |
E | Biometric information | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data | No |
F | Internet or other similar network activity | Interaction with our website or advertisement | Yes |
G | Geolocation data | Approximate physical location | No |
H | Sensory data | Audio, electronic, visual, thermal, olfactory, or similar information | No |
I | Professional or employment-related information | Current or past job history or performance evaluations | Yes |
J | Non-public education information (per FERPA) | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records | No |
K | Inferences drawn from other personal information | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes | No |
Under CCPA, personal information does not include:
We obtain the categories of personal information listed above from the following categories of sources:
We may use or disclose personal information we collect for “business purposes” or “commercial purposes” (as defined under the CCPA), which may include the following examples:
Please note that the examples provided above are illustrative and not intended to be exhaustive. For more details on how we use this information, please refer to the “Use of Your Personal Data” section.
If we decide to collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes, we will update this Privacy Policy.
We may use or disclose and may have used or disclosed the following categories of personal information for business or commercial purposes:
Please note that the categories listed above are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact disclosed but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been disclosed.
When we disclose personal information for a business purpose or a commercial purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
As defined in the CCPA, “sell” and “sale” mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for valuable consideration. We do not sell your personal information.
We may share your personal information in the above categories with the following categories of third parties:
We do not knowingly collect personal information from minors under the age of 18. We do not sell the personal information of consumers of any age.
If you have reason to believe that a child under the age of 18 has provided us with personal information, please contact us with sufficient detail to enable us to delete that information.
The CCPA provides CA residents with specific rights regarding their personal information. If you are a resident of CA, you have the following rights:
In order to exercise any of your rights under the CCPA, and if you are a CA resident, you can contact us:
Only you, or a person registered with the CA Secretary of State that you authorize to act on your behalf, may make a verifiable request related to your personal information.
Your request to us must:
We cannot respond to your request or provide you with the required information if we cannot:
We will disclose and deliver the required information free of charge within 45 days of receiving your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice.
Any disclosures we provide will only cover the 12-month period preceding the verifiable request’s receipt.
For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
Our website may contain links to other websites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
If you have any questions about this Privacy Policy, you can contact us: