Privacy Policy

Last Updated: November 11, 2024

Cyber Guardian Consulting Group (“CGCG,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information in compliance with applicable data protection laws in the United States.

Table of Contents

1. Scope
2. Definitions
3. Data Collection
4. Purpose of Data Processing
5. Legal Bases for Processing
6. Data Usage
7. Data Sharing and Disclosure
8. Data Subject Rights
9. Data Security Measures
10. Data Retention and Deletion
11. Cookies and Similar Technologies
12. Children's Privacy
13. Third-Party Websites
14. Updates to This Privacy Policy
15. Contact Information
16. State-Specific Provisions

1. Scope

This Privacy Policy applies to all personal data processed by CGCG, including:

• Clients and Partners: Individuals and organizations who use our services.
• Employees and Contractors: Current and former employees, job applicants, and contractors.
• Third Parties: Data collected from third parties as part of project work.

2. Definitions

Personal Data: Information relating to an identified or identifiable natural person.

Processing: Any operation performed on personal data, such as collection, storage, use, disclosure, and deletion.

Controller: The entity that determines the purposes and means of processing personal data.

Processor: The entity that processes personal data on behalf of the controller.

3. Data Collection

We may collect various types of personal data, including:

• Personal Identification Information: Name, address, email, phone, etc.
• Financial Information: Bank account details, payment history, tax IDs, etc.
• Employment Information: Resumes, payroll, benefits info, etc.
• Project-Specific Data: Project-related reports, feedback, etc.
• Technical Data: IP address, browser type, device identifiers, etc.
• Sensitive Personal Data: Racial/ethnic origin, health data, etc., with explicit consent where required by law.

4. Purpose of Data Processing

We process personal data for:

• Service Delivery
• Communication
• Administration
• Legal Compliance
• Security
• Marketing
• Employment Management
• Fraud Prevention

5. Legal Bases for Processing

• Consent: We obtain your consent for specific processing activities where required by law.
• Performance of a Contract: Processing is necessary for performing a contract to which you are a party.
• Legal Obligations: Processing is necessary for compliance with U.S. legal obligations.
• Legitimate Interests: Processing is necessary for our legitimate interests, except where overridden by your rights and freedoms.

6. Data Usage

We use personal data to:

• Provide and Improve Services
• Process Transactions
• Communicate
• Marketing and Promotions
• Compliance and Protection
• Employment Management
• Legal Proceedings
• Analytics

7. Data Sharing and Disclosure

• Service Providers: With third-party vendors who perform services on our behalf.
• Legal Requirements: If required by law or in response to valid requests by public authorities.
• Business Transfers: In connection with mergers, acquisitions, or sales.
• Consent: With your consent or at your direction.

8. Data Subject Rights

• California Residents: Rights under CCPA/CPRA, including the right to know, delete, correct, opt-out, and limit use.
• Virginia Residents: Rights under CDPA, including access, correct, delete, data portability, and opt-out.
• Other U.S. States: Similar rights may apply under specific state laws.

9. Data Security Measures

We implement appropriate technical and organizational measures to protect personal data, including encryption, access controls, physical security, network security, and employee training.

10. Data Retention and Deletion

We retain personal data only as long as necessary for legal, contractual, and business needs, then securely delete or anonymize it.

11. Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience. You can control cookies through your browser settings.

12. Children’s Privacy

Our services are not intended for individuals under 18. We do not knowingly collect data from minors without parental consent.

13. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

14. Updates to This Privacy Policy

We may update this Privacy Policy periodically and will notify you of significant changes.

15. Contact Information

For questions, concerns, or requests, contact us:

Cyber Guardian Consulting Group
63 John Street
Kingston, New York, 12401
hello@cgcg.biz
Phone: +1-844-724-2424

15.1 Data Protection Officer (DPO)

Cyber Guardian Consulting Group
Attn: Nicholas Martin
63 John Street
Kingston, New York, 12401
hello@cgcg.biz
Phone: +1-844-724-2424

16. State-Specific Provisions

• California: We comply with CCPA/CPRA.
• Virginia: We comply with CDPA.
• Other States: We comply with applicable data protection laws of each U.S. state where we operate.

Your Consent

By providing personal data to us, you consent to the collection, use, and disclosure of such data in accordance with this Privacy Policy.

Governing Law

This Privacy Policy is governed by U.S. laws.

Effective Date

This Privacy Policy is effective as of November 11, 2024.

Thank you for trusting Cyber Guardian Consulting Group with your personal data. We are committed to protecting your privacy and handling your information responsibly.