Effective date: March 23, 2024
At BreachLock, Inc. (hereinafter referred to as “BreachLock”), we are committed to protecting and respecting the privacy of visitors to our website and customers of our products and services (collectively referred to as “services”). We take responsibility for complying with the UK Data Protection Act 1998 (DPA), the General Data Protection Regulation, the EU-US Privacy Shield Framework, and other relevant applicable laws. This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our services and the choices and rights you have associated with that data. We use your data to provide and improve our services. By using our services, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Use.
This privacy policy applies to individuals visiting our website, whether they reside in the European Union or not. However, rights given under the EU-US Privacy Shield Framework can only be exercised by the individuals residing in the European Union.
BreachLock participates in the compliance of the EU-US Privacy Shield framework, and it is committed to subjecting all personal data received from the EU member countries except Switzerland (hereinafter referred to as “the EU”) to the Principles and Supplemental Principles (hereinafter referred to as “the Principles”) given in the Framework. To learn more about the Privacy Shield Program, and to view our certification, please visit https://www.privacyshield.gov
BreachLock complies with the Privacy Shield Principles for onward transfer of personal data from the EU to the US, including the provisions dealing with onward transfer liabilities. Under those provisions of the framework and certain circumstances specified therein, BreachLock is responsible for the processing of personal data received under the Privacy Shield Framework and further transferred to a third party acting as an agent of BreachLock.
With respect to personal data received or transferred from the EU under the Privacy Shield Framework, BreachLock is subject to the regulatory enforcement powers of the US Federal Trade Commission (FTC). As detailed in the Principles, BreachLock may be required to disclose personal information of an individual without taking consent from an individual in response to lawful requests made by the public authorities, including to meet law enforcement or national security requirements.You have a right to invoke binding arbitration under certain circumstances when other dispute resolution mechanisms have been exhausted. These circumstances have been detailed on the framework website.
We collect several different types of information for various purposes to provide and improve our services.
In the course of using our Site, we may request certain Personally Identifiable Information (PII) from you. This information is essential for contact or identification purposes. For the context of GDPR, UK GDPR, and the Swiss Federal Data Protection Act, “Personal Information” encompasses any “personal data” pertaining to an identified or identifiable individual, as defined by these regulations, which BreachLock receives in the United States from the European Union, the UK, or Switzerland, and is recorded in any format. Considering the nature of our services, BreachLock majorly collects business-related data. However, it receives personal information of individuals either representing a business or in their personal capacity which includes –
BreachLock and its affiliates are responsible for your personal information. We may also retain the services of external suppliers to help meet our business needs and may share your data with these suppliers. These suppliers have been selected after a rigorous evaluation process and chosen for their security, reliability, and competence. They will process your data only under our instructions. Some of these suppliers may be based in non-EU countries. Where this is the case, the transfer of your personal information to these countries is carried out in compliance with the guarantees provided by law. Please contact us on the details given in the Contact section if you wish to receive information about these suppliers.
We may also collect information on how our services are accessed and used (herein after referred to as “Usage Data”). This usage data may include information such as your computer’s IP address, browser type, browser version, the pages of our services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
The Personal Information you supply may be disclosed to third-party service providers engaged by us. These entities are contractually obligated to utilize the shared Personal Information solely for the execution of the services commissioned by us.
We may aggregate demographic data, survey responses, and other Personal Information provided by you into a collective, non-personally identifiable format. This aggregated data, devoid of sufficient Personal Information to identify any individual, may be shared with our business partners, affiliates, sponsors, or other third parties. Rest assured, this aggregated information is structured in a manner that prevents personal identification of you or any other Site visitors.
When you engage with BreachLock’s blogs or any publicly accessible sections of our website, please be cognizant that any Personally Identifiable Information (PII) you disclose may become public. This PII could include, but is not limited to, your name and may be accessible to anyone who views the blog or the specific URL of the post you comment on. BreachLock is not liable for the use of this information by parties other than BreachLock personnel.
Your provided name will be displayed publicly and will serve as an identifier for your comment or content. While your PII will not be sold, rented, or shared under normal circumstances, it may be disclosed pursuant to a judicial order.
By posting a comment on our blog or submitting content to any public-facing part of our website, you grant BreachLock an irrevocable, perpetual, exclusive license to use, reproduce, publish, modify, perform, and create derivative works from any part of the content you provide, including any PII therein. Please note that all user-generated content, such as posts, articles, and comments, is subject to review and potential modification prior to publication.
We post customer testimonials on our website. These testimonials may contain personally identifiable information, such as the customer’s name. We obtain the customer’s explicit consent prior to posting any testimonials.
Protecting the privacy of young children is especially important to us. We advocate for the active involvement of parents and guardians in supervising the online activities of their children.
In compliance with the Children’s Online Privacy Protection Act (COPPA), BreachLock does not collect or maintain information from those we actually know are under the age of 13, nor is any part of our website structured to attract anyone under 13.
Should you believe that we have inadvertently collected Personal Identifiable Information from a child under the age of 13, we urge you to contact us immediately. Upon notification, we will take swift measures to verify and, if necessary, promptly delete such information from our database.
We use cookies and similar tracking technologies to track the activity on our services and hold certain information. Cookies are files with small amount of data which may include a unique anonymous identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some parts of our services.
Below are the examples of cookies we use on our site, and why we use them:
BreachLock uses the collected data for various purposes:
We will provide you with marketing-related information (including newsletters and/or promotional materials) only after you have, where legally required to do so, opted-in to receive those communications and have provided the opportunity for you to opt-out at any time.
BreachLock will not use your personal information for taking any automated decisions affecting or creating profiles other than as described above. We will not share your personal information with third parties without your consent, except our service providers or parties acting as an agent of BreachLock under a legally binding contract.
Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States and process it here.
We transfer personal information to other countries only when it is essential for the services we provide you, or it is required for the verification or proof of legal claims or subject to protect that assure the protection of your personal information, such as European Commission approved standard contractual clauses.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
BreachLock shall take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
BreachLock may disclose your personal data in the good faith belief that such action is necessary to:
BreachLock shares the collected data with its affiliates, which process this data on behalf of BreachLock. It also shares data with other third parties to fulfill various obligations and as required or permitted by law.
With respect to marketing emails, you can opt-out of receiving such emails from BreachLock by writing to us at the contact details given in the Contact section or using the ‘’Unsubscribe” option given in all the emails sent from BreachLock. Notwithstanding the contents of this Policy, BreachLock may disclose personal data in the circumstances as specified in the Principles.
Security of your data is important to us, but do remember that no method of transmission over the Internet or method of electronic storage is 100% secure, i.e., absolutely secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
We may employ third party companies and individuals to facilitate our services (hereinafter referred to as “Service Providers”), to provide our service on our behalf, to perform service-related services or to assist us in analyzing how our services are used. These third parties have access to your personal data only to perform these tasks on our behalf and are obligated under the law to not to disclose or use it for any other purpose.
We may use third-party service providers to monitor and analyze the use of our services,
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our services. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
You can opt-out of having made your activity on the services available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page.
HubSpot is a full-service tool for marketing, sales, and customer service. BreachLock uses this service to gather actionable marketing insights and provide customer service to our clients. On behalf of and under instructions from BreachLock, HubSpot acts as a processor to collect, receive, use, store, share, transfer, and process your Personal Data. HubSpot does not have any direct control or ownership of the Personal Data they process. For more information on HubSpot’s data processing activities as a processor, you can visit the HubSpot Product Privacy Policy web page.
Our services may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services.
You may have rights under applicable global privacy laws, including GDPR, UK GDPR, CCPA, and the Swiss Federal Data Protection Act. These rights may encompass: accessing your Personal Information we hold, its source, and the purposes of processing, including where this information is shared or sold; correcting any inaccuracies in your Personal Information; requesting the deletion of your Personal Information (‘right to be forgotten’); restricting the processing of your Personal Information; portability of your Personal Information; objecting to our use of your Personal Information; opting out of the sale of your Personal Information; and rights related to automated decision-making and non-discrimination.
An individual residing in the EU has a right to access his personal information stored with BreachLock. An individual may request to update, correct, or delete his/her data. To submit such requests to exercise your right or raise any questions, please contact BreachLock as per the ‘Complaints’ section given below. As per the provisions of the framework, BreachLock reserves the right to authenticate an applicant’s identity, charge a minimum amount of fee, and deny or provide access.
Breachlock is dedicated to adhering to the principles set forth by the GDPR, UK GDPR, and the Swiss Federal Data Protection Act. We take our responsibility to address any concerns regarding the collection or use of your personal information seriously. Individuals within the European Union, the UK, and Switzerland are encouraged to bring forward any inquiries or complaints related to data protection compliance directly to Breachlock.
Please contact us via email at compliance@breachlock.com or send your correspondence to the following address:
BreachLock, Inc. 3 Germay Drive, Unit 4 #1354 Wilmington, DE 19804 USA We commit to promptly addressing and working towards the resolution of any issues raised.
BreachLock complies with the EU-US Privacy Shield framework and has self-certified to the Department of Commerce that it adheres to the Principles laid down in the Framework. If there is any conflict or vagueness in this Privacy Statement and the Privacy Shield Framework, the Privacy Shield Framework shall govern. To learn more about the framework, please visit the framework website.
If you have any questions related to this Privacy Policy, your personal data stored with BreachLock, your rights under the Privacy Shield Framework, and any matters related thereof, please contact our Compliance Manager:
Address: BreachLock, Inc. 3 Germay Drive, Unit 4 #1354 Wilmington DE 19804 Email: compliance@breachlock.com Phone: +1-917-779-0009
In case there is an unresolved issue, and we have not answered satisfactorily, please contact our independent dispute resolution provider – The EU DPAs – here. For individuals, this process is free of cost.
This Privacy reflects our information security and data protection practices. If any material changes are made in the contents of this policy, BreachLock will also let you know via email and/or a prominent notice on our services, prior the changes coming into effect and updating the “Effective Date” at the top of this Policy. Changes to this Policy are effective when they are published on this page.