Privacy Policy

Last updated February 10, 2024

This privacy notice for Ghost Security, Inc ("we", "us", or "our") describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"), such as when you:

• Visit our website at www.ghost.security, www.ghostsecurity.com, or any website of ours that links to this privacy notice

• Apply for jobs through our website

• Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@ghost.security.

1. WHAT INFORMATION DO WE COLLECT?

We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You

The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

• Name

• Title

• Company name

• E-mail address

• Phone number

If you apply for a job with us through our website, additional voluntarily provided information may include but not be limited to:

• CV/resume and all information contained therein

• Professional experience

• Educational experience

• References

All personal information that you provide us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Audio, Electronic, or Visual Information

If you attend a Ghost Security-hosted in-person or virtual event, or agree to be recorded in a telephone or virtual meeting, we may record some or all of that event or meeting. We may document the event in various ways, such as by taking photos, interviewing you, or recording your participation in a live question-and-answer or other interactive session. We use this information for business and marketing purposes, including to enhance our offerings and your customer or user experience.

Information Automatically Collected

We automatically collect certain information when you visit, use, or navigate our website and/or Services. This information does not reveal your specific identity (like your name or contact information), but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services and for our internal analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies. The information we collect includes:

• Log and Usage Data: This is service-related, diagnostic, usage, and performance information we automatically collect when you access or use our Services, which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings, and information about your activity in the Services (such as date/time stamps associated with your usage, pages viewed, and searches).

• Device Data: We collect device data such as information about your computer, phone, tablet, or other device used to access the Services. Depending on the device, this data may include your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, internet service provider, mobile carrier, operating system, and system configuration.

• Location Data: We collect location data about your device, which can be either precise or imprecise depending on the type and settings of your device.

2. HOW DO WE PROCESS YOUR INFORMATION?

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

• To deliver and facilitate the delivery of services to you.

• To respond to user inquiries and offer support.

3. WHAT LEGAL BASIS DO WE RELY ON TO PROCESS YOUR INFORMATION?

We only process your personal information when we believe it is necessary, and we have a valid legal reason to do so under applicable law, such as with your consent, to comply with laws, to provide you with services, to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

We may share or transfer your information in connection with:

• Business transfers: If there is a merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company or entity.

• Google Analytics: We may use Google Analytics to track and analyze the use of the Services. To opt out of being tracked by Google Analytics, visit https://tools.google.com/dlpage/gaoptout.

• Hubspot Analytics: We may share your information with Hubspot for tracking and analysis.

Third-Party Service Providers

We may use third-party service providers, who may collect, store, and/or process your information. Some third-party services we use include:

• AWS: https://aws.amazon.com/privacy/

• Google Analytics: https://policies.google.com/privacy

• LinkedIn: https://www.linkedin.com/legal/privacy-policy

• Hubspot: https://legal.hubspot.com/privacy-policy

• Zoom: https://explore.zoom.us/en/privacy/

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

We may use cookies and similar tracking technologies. For more details, refer to our Cookie Notice.

6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

Your information may be transferred to, stored, and processed by us in the United States and other countries. If you are a resident in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, please be aware that the data protection laws may differ from those in your country. We will take necessary measures to protect your personal information.

7. HOW LONG DO WE KEEP YOUR INFORMATION?

We will only retain your personal information for as long as necessary for the purposes outlined in this privacy notice unless a longer retention period is required or permitted by law.

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

We implement appropriate security measures to protect your information. However, no electronic transmission or storage is 100% secure, and we cannot guarantee complete security.

9. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly collect data from or market to children under 18 years old.

10. WHAT ARE YOUR PRIVACY RIGHTS?

• Withdrawing consent: You can withdraw your consent at any time by contacting us at privacy@ghost.security.

• Opting out of marketing: Unsubscribe via the link in our emails or by contacting us.

California Residents

California residents have specific privacy rights under the California Consumer Privacy Act (CCPA), including the right to opt out of the sale of personal information and the right to request data deletion.

11. POLICY CHANGES

We reserve the right to modify this policy by posting changes on our website.