Skip to content
Schedule a Consult
Schedule a Consult

    Privacy Policy

    Effective Date: August 28, 2023

    TABLE OF CONTENTS

    Purpose

    Policy Scope

    Our Data Processing Activities

    Our Site Tracking Activities

    How to Submit a Privacy Request

    Additional Information for California Residents

    Notice for Individuals in Europe and the United Kingdom

    Data Retention

    Data Security

    Changes To Our Policy

    How to Contact Us

    POLICY - OVERVIEW

    Black Talon Security, LLC (“Black Talon” or “us” or “we” or “our”) provides cybersecurity and incident response tools and services to our corporate, business and organizational clients (“Cyber Services”). To promote these Cyber Services, we own and manage the website available at blacktalonsecurity.com (“Site”). Collectively, the Cyber Services and associated promotional activities we engage in on our Site, as well as any other interactions in which you provide information to Black Talon, are collectively defined as the “Services.”

    Our contact details are here.

    Purpose

    The purpose of this Black Talon privacy policy (“Policy”) is to provide you with information on:

    1. Who and what this Policy applies to;
    2. How and where we collect, use, disclose, store, and protect (“process”) information that can directly or indirectly be associated with you, used to identify you or your household, or used to contact you (“personal data”) when you or personnel associated with your company or organization visit our Site or otherwise interact with our Services; and
    3. How you can make certain requests related to how we handle your personal data, or otherwise contact us.
    Policy Scope

    Who Does this Policy Apply To?

    This Policy only applies to the processing of personal data of adults over the age of 18 years old who use our Site or other Services. Our Services and the Site are intended for individuals operating in a business context who reside in the United States and are 18 years of age or older (“Covered Person”). If you are not a Covered Person, you are NOT permitted to access or use the Services or the Site. If you learn that anyone who is not a Covered Person provided us with personal data, please contact us, and we will take steps to delete such information.

    What Does this Policy Apply To?

    This Policy only applies to personal data that Black Talon or our service providers collect when you or other users of our Services provide such information to us directly, or certain information that could include personal data which Black Talon or our service providers collect automatically through your use of the Services or the Site.

    Please note that we may link to third-party services on our Site, including without limitation, social media platforms or services, and other external websites or mobile applications (“Third Parties”). However, we do not own nor control these Third Parties, and we are not responsible for the content or privacy practices of such Third Parties, including their level of data sharing with other third parties. Additionally, we are not responsible for the data processing practices of the internet browser service provider you choose to use when accessing our Site or any other Services that rely on an internet connection. Such Third Parties and internet browser service providers may have their own privacy policies, and you should consult those policies accordingly before using such Third Parties’ services or any Third Parties’ websites or apps.

    Our Data Processing Activities

    Our data processing activities may vary based on the particular Services you use. To learn more about how your personal data is handled, please see the tables below.

    Table 1: Personal Data We Collect About You

    Personal Data Personal Data Details Source Purpose

    Business to Business Information

    Name & business contact information (address, phone, & email), job title, and the name of your company or organization 

    When you provide it to us directly

    • To contact you in response to your inquiries, or for reasons such as policy changes, contractual arrangements, or Cyber Services notifications
    • To offer our Cyber Services to your company or organization, and to support commercial discussions between us
    • To send you information about new products and services, special offers, white papers, case studies, event information, newsletters, and relevant articles
    • To meet the requirements of a contract we entered into with your company or organization
    • To provide webinars, online trainings, and other events
    • To support internal administrative requirements

    Contact Form Information

    Any information you choose to provide when you submit a contact form on our Site  

    When you provide it to us directly

    • To contact you in response to your inquiries
    • To offer educational content and potential products and/or services based on the information you provide 

    Text and Chat Conversations

    Information you provide to Black Talon via the chat box on our Site and/or over the phone, including recordings of such communications  

    When you provide it to us directly

    • To communicate with you to address questions or concerns
    • To provide customer support and for training purposes 

    Online Reviews

    Customers testimonials that you permit us to add to our Site, which may include your voice and image

    When you provide it to us directly

    • To promote our Cyber Services 

    Resume Information

    Professional experience, educational history, and other information you provide on your resume or job application form

    When you provide it to us directly

    • To assess your qualifications when you apply online to one of our open positions

    Device and Activity Information

    Information about your device (e.g., IP address and location) and about your interaction with our Site or certain Cyber Services, including particular webpages you visited, videos you viewed, articles you have read, podcasts you listened to, and interactive tools you used on our Site or through our Cyber Services

    Collected automatically from your interaction with the Site or Cyber Services

    • To analyze activity on our Services and Site so that we can provide a customized experience to Site visitors and users of our Services to market and provide advertisements to you for purposes of promoting our Services to your company or organization

    We may also use this Device and Activity Information to detect security incidents; protect against malicious, deceptive, fraudulent or illegal activity; facilitate investigation of such activities; analyze how our Services are being used;

    We will not ask for any sensitive personal data about you on our Site or pursuant to the Services, such as information about your race, ethnicity, sexual orientation, health, finances, or precise location. However, if you choose to voluntarily provide sensitive personal data to us, you hereby consent to us processing such sensitive personal data in accordance with our Policy.

    Any personal data described above, including any sensitive personal data you choose to provide to us, also could be processed for any of the following general purposes:

    • To provide customer / IT support;
    • To maintain our Site and other Services;
    • To respond to law enforcement requests, and/or as required by applicable law, subpoena, court order, or other legal process or government regulations;
    • To protect the property and safety of Black Talon, our customers or others;
    • To monitor for fraud or illegal activity;
    • To exercise our legal rights and carry out our obligations arising from any contracts related to your use of the Services, including for billing and collections;
    • To run our day-to-day business and facilitate transactions;
    • For our document retention/data storage purposes; and
    • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or to transfer some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or any similar proceeding, in which personal data held by us is among the assets transferred.

    Table 2: Personal Data Recipients

    Recipient Type Personal Data Type Purpose

    Data storage providers

    All personal data described in Table 1 above

    Document retention / data storage

    Web hosting providers

    (e.g., HubSpot) 

    All personal data described in Table 1 above

    To develop and maintain our Site

     Chatbot service provider

    (e.g., Tidio)

    Text and Chat Conversations

    To develop and service our Site chatbot

    Online seminar and event service providers

    (i.e., when you attend one of our webinars or events)   

    Business to Business Information and Device and Activity Information

    To provide technical and organizational support for our webinars and/or events

    Our business and event partners

    (i.e., when you attend one of our webinars or events) 

    Business to Business Information and Device and the particular online seminar, training, or event you attended

    To provide webinars and event services

    To offer related products and services to you 

    Our analytical, social media, and marketing providers

    (e.g., Google, AdRoll, Facebook, Instagram, LinkedIn, Twitter, and HubSpot) 

    Device and Activity Information

    To provide analytics information regarding our Site visitor volume and activity

    To market and provide advertisements to you 

    The following third parties may receive any personal data described in this Policy in certain instances including:

    • Our affiliates - to assist us with any purpose described in the tables above;
    • Law enforcement, regulatory authorities, and judicial bodies – in the event of a court order, legal requirement, request, inquiry, or investigation; and
    • Potential purchasers of Black Talon – in the event there could be a change in our ownership status.
    Our Site Tracking Activities

    Our Site uses cookies and other tracking technologies for a variety of purposes which are further described below.

    Cookies

    Cookies are small text files containing data that can be used to identity your device. When you visit a particular website, for example, a cookie may be filed to a folder within your browser so that when you visit the website in the future, the website will recognize your device and, depending on the type of cookie being used, will perform different activities when you interact with the website. There are four different types of online cookies: essential, analytical, personalization, or marketing.

    Essential Cookies. An essential cookie is a cookie that is needed to operate a website. Without these cookies, a website would not be able to function.

    Personalization Cookies. Personalization cookies are cookies that help a website remember certain choices you have made on the website (such as language preferences or log in information) to personalize your experience with the site.

    Analytical Cookies. Analytical cookies are used to track web traffic and how users interact with a website to allow us to better understand the website’s performance and how to improve a user’s site experience.

    Marketing Cookies. Marketing cookies are used so that a website, and in some cases other third parties, may send advertising, marketing or promotional content to you based on your website and browsing activity.

    Our Site uses essential, analytical and marketing cookies. More details about the cookies we have on our Site and how you might opt out of such cookies are further described below.

    Table 3: Cookies on our Site

    Cookie Type Source Expiration How to Opt Out More Information

    Essential

    Internal

    6 months

    You cannot opt out

    N/A

    Analytical & Marketing

    HubSpot

    6 months

    Please click our Site cookie banner and select "Reject All"

    HubSpot Privacy Policy

    Marketing

    NextRoll (formerly AdRoll)

    13 months

    NextRoll Privacy Policy

    NextRoll Web Browser Opt-Out

    General Browser Privacy Settings

    With respect to opting out of the use of cookies on our Site, most browsers also allow you to configure settings to block and delete cookies. You can change browser cookie settings to block/delete cookies after reviewing the applicable browser’s instructions for doing so (see Chrome, Safari, Firefox, & Internet Explorer). If you are using any other web browser, please review your browser’s official support documents.

    Plugins

    A plugin is a small piece of software that adds a specific functionality or content to a website or mobile application. Common types of plugins are used to help websites function, and may help run animation or videos, open PDF files, print documents, and customize website fonts and images, for example.

    Websites may also have one or more ‘social media plugins,’ which allow a user to connect to an organization’s social media page directly from the organization’s website. If the user has a social media account, the user may be able to interact with their social media account on websites the user visits. For example, the social media account user may be able to ‘like’ or ‘share’ content on a website which then may be shared on the social media page. When using social media plugins, certain information about website users may be collected and shared with any Third Parties that provide the applicable social media platform or services.

    On our Site, we use the following social media plugins. You may have options regarding how your personal data and other information is shared with Third Parties that provide social media services through plugins available on the Site, by following the directions noted in the links available through the table below.

    Table 4: Plugins

    Third Party Plugin How to Manage Privacy Settings More Information

    Facebook

    (Meta)

    Go to interest based ads settings for Facebook or Meta's privacy center

    Meta's Privacy Policy and Cookie Policy for Facebook

    Instagram

    (Meta)

    Go to privacy settings for Instagram or Meta's privacy center

    Meta's Privacy Policy and Cookie Policy for Instagram

    LinkedIn

    Go to manage cookie preferences for LinkedIn

    LinkedIn's Privacy Policy and Cookie Policy

    Tracking Pixels

    A tracking pixel is a tiny invisible image embedded within our Site or other websites that can be used to gather data related to your device and browser, including your IP address or meta data derived from your IP address, along with information about your activity while on our Site or another website (“Pixel Information”) such as:

    (i) which webpages you viewed;

    (ii) what ads, videos, or links for Third Parties that you clicked on while using our Site;

    (iii) which websites you visited before our Site;

    (iv) your approximate age, gender, interests, and preferred language;

    (v) your general location (city, state, and country) (based on IP address); and

    (vi) what items you may purchase on the Site.

    Black Talon may use this Pixel Information for the purposes of: (i) performing analytics to maximize a user’s experience on our Site; and (ii) advertising and marketing our Services, products and offerings. We may further share your Pixel Information with other third parties for targeted advertising purposes.

    A tracking pixel can also be used to help track the success of our email communications to you by seeing when you opened our email and/or clicked on any links embedded in our email.

    On our Site, we use the following tracking pixels. You can opt out of being tracked through these pixels by following the directions noted in the table below.

    Table 5: Tracking Pixels

    Third Party Pixel Source How to Manage Privacy Settings More Information

    Facebook and Instagram

    (Meta)

    See Table 4 (Plugins) above

    See Table 4 above

    Google

    (Analytics and DoubleClick personalized ads)

    Download and install the Google Analytics Opt-out Browser Add-on to opt out of certain data sharing that occurs through Google Analytics

    Go to Google settings for personalized ads

    Google's Privacy Policy

    LinkedIn

    (Insights for Ads)

    Go to LinkedIn's privacy settings

    LinkedIn's Privacy Policy

    Do Not Track Signals

    Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked.

    Our Site is not currently configured to respond to “do not track” signals. You also may opt-out of certain interest-based advertising by visiting http://www.aboutads.info/choices/. To learn more about other ways to possibly opt-out of certain kinds of tracking that occur when you browse the internet and lead to targeted advertising, visit the Network Advertising Initiative website and the Digital Advertising Alliance website.

    Options you select through these industry-provided opt-out tools are browser- and device-specific, and there is no guarantee that such tools will prevent all targeted advertising. As previously described in this Policy, third parties may collect or receive information through the Site or our other Services. Since it is possible that some of these third parties may respond differently than us to “do not track” requests, you should consult the applicable privacy policies of those third parties for further information.

    How to Submit a Privacy Request

    If you wish to submit a request to access personal data we have collected about you, or to correct or delete such personal data, subject to applicable legal exceptions (“Privacy Request”), we will use reasonable efforts to accommodate your Privacy Request, if we can verify your identity. To verify your identity, we may ask you to provide certain information about yourself and, in some cases, we may follow up with you to obtain additional information as necessary to authenticate your request. We will not fulfill your Privacy Request if we are not able to verify your identity.

    Please note that, with respect to deletion requests, we may not be able to ensure or guarantee complete and comprehensive removal of your personal data in all places and for all purposes. Your personal data may have been shared or reposted by other parties who act outside of any business relationship with us, or who may not cooperate with our request for them to delete your personal data. Additionally, we may not be able to fulfill your request due to applicable laws, or our internal policies may require maintenance of your personal data in our records. Please note that if the deletion request relates to personal data that we need to provide Services to you, you may not be able to use those Services properly moving forward.

    If you wish to submit a Privacy Request, please contact us using the contact details in the “How to Contact Us” section, below.

    Additional Information for California Residents

    Under California’s “Shine the Light Law,” individuals who reside in California and have provided their personal data to us may request, once per calendar year, information about our sharing of certain categories of personal data to third parties for their direct marketing purposes. Such requests should be submitted to us at privacy@blacktalonsecurity.com with inquiries about your personal data. Please list “PERSONAL DATA INFORMATION REQUEST” in the subject line of your communications.

    Notice for Individuals in the United Kingdom and Europe

    Individuals who reside in the United Kingdom (UK) and the European Economic Area (EEA) (the 27 Member States of the European Union, Iceland, Liechtenstein, and Norway) may have additional rights to make requests regarding the collection and processing of their personal data under applicable data protection and privacy laws or regulations in those jurisdictions. Below is a summary of rights that may be available to individuals who are subject to such laws and regulations in the UK and EEA.

    Legal Bases for Processing

    To the extent that Black Talon is subject to privacy laws of the UK and EEA, Black Talon relies on the following legal bases when processing the personal data of individuals in the UK or EEA:

    • The fulfillment of contractual obligations (e.g., processing personal data to provide Services to our customers pursuant to an agreement);
    • Compliance with applicable legal or regulatory requirements (e.g., processing personal data in response to a court order);
    • Protection of an individual’s vital interests, or performance of a task carried out in the public interest (e.g., processing personal data in the event of a threat to a person’s safety);
    • Pursuit of legitimate interests that are not overridden by the fundamental privacy rights or freedoms of a person in the UK or EEA (e.g., to provide you with direct marketing about Black Talon’s own Services or other offerings); or
    • Your consent where required.

    Please see the “Our Data Processing Activities” and “Our Site Tracking Activities” sections, above, for details on the categories of personal data and other information we collect, as well as how and why we use and disclose that information.

    Privacy Rights in the UK and EEA

    Under data protection and privacy laws in the UK and EEA, individuals located in those jurisdictions may have the right to submit requests to:

    • Know how their personal data is being processed, and the legal basis for any processing activity involving their personal data;
    • Not be subject to decisions based solely on automated processing, including profiling, which produce legal effects or would otherwise significantly impact the individual;
    • Access a copy of personal data that has been collected about that individual;
    • Delete personal data that was collected about that individual (subject to applicable legal exceptions);
    • Restrict how collected personal data is processed under certain circumstances;
    • Provide and/or withdraw consent for certain processing activities where such consent is legally required; and
    • Have the individual’s personal data provided to them in a portable, structured, commonly used and machine-readable format for the transfer of such personal data to another entity. 

    If you are located in the UK or EEA, you also may have a right to lodge a complaint about our handling of your personal data with the appropriate supervisory authority in the jurisdiction where you live or work. For Privacy Requests related to the other rights identified above, please see the section titled “How to Submit a Privacy Request” for information on how individuals in the UK or EEA may submit requests to exercise rights that are available to them under applicable data protection and privacy laws in the UK and EEA.

    International Transfers of Personal Data 

    Black Talon is a company based in the United States. If you are located outside of the United States, you are responsible for complying with any applicable laws in your jurisdiction, and any use of the Services is at your own risk. The data protection laws of the United States may offer a different level of privacy protection in comparison to other jurisdictions. Accordingly, if you are outside the United States and provide personal data or other information through the Site or our other Services, you agree that such information may be transferred, accessed, stored, and/or otherwise processed in the United States as explained in this Policy. Black Talon has appropriate safeguards in place to allow for the processing of personal data collected from individuals within the UK or EEA in compliance with applicable data protection laws.

    Data Retention

    We retain personal data as needed to complete the Services or for other legitimate purposes such as ensuring security of our data and systems, complying with our legal obligations, complying with tax and audit requirements or other books and recordkeeping policies, resolving disputes, conducting internal investigations, and enforcing our agreements or other legal rights. Due to the different purposes for retaining your personal data, the actual retention timeframes may vary depending on the type of personal data we collect from you and the purposes for which we use your personal data. If we determine that your personal data is no longer needed for the purposes described in this Policy, such information will be deleted or anonymized so that it can no longer be attributed to you. Our collection times will be consistent with applicable law. Please note that residual copies of your personal data may be removed from backup systems subject to our backup data retention schedule.

    Data Security

    We have implemented technical and organizational measures to address the risk of loss, misuse, alteration, or unauthorized disclosure of personal data under our control. We limit access to your personal data to those employees, agents, contractors, and other third parties who have a need to know such information to provide the Services, unless disclosure is necessary in exceptional cases, such as in response to a physical threat to you or others, or as otherwise permitted by applicable law. We require that any third parties with access to your information only process your personal data to provide services to us or on our behalf, and to implement security measures that are reasonably designed to keep your personal data confidential and secure.

    While we have employed security technologies and procedures to assist safeguarding your personal data, no system or network is 100% secure, and we cannot guarantee that the information you send over the internet is fully secure. You should exercise discretion in what information you disclose and/or transmit through our Site. The transmitted information may be intercepted by others before it reaches us. If you are concerned about sending information to Black Talon online, please send the information by mail or call us to make other arrangements. We are not responsible for the security of information transmitted online. Likewise, when you click on any links for Third Parties from our Site, we cannot control the security measures used by such Third Parties.          

    Changes To Our Policy

    We reserve the right to change this Policy at any time. Since this Policy may change as we modify or expand our Services, or as needed to comply with changes in applicable laws, we suggest you check back from time to time to stay informed of such changes. Any changes will be immediately incorporated into this Policy and will be prospective only. We will not make any changes that have retroactive effect unless legally required to do so. Your continued use of the Services after any changes are made to this Policy constitutes your acceptance of the changes. If any changes are unacceptable to you, you should cease all use of the Services. We will not collect new types of personal data or use or share personal data for purposes beyond what is disclosed in this Policy without providing you notice prior to the collection of that personal data and, to the extent required under law, obtaining your consent.

    IF YOU DO NOT AGREE WITH ANY ASPECT OF THIS POLICY, THEN PLEASE DO NOT ACCESS OR USE THE SERVICES OR OTHERWISE PROVIDE US WITH YOUR PERSONAL DATA. YOUR CONTINUED USE OF OUR SERVICES SIGNIFIES YOUR ACCEPTANCE OF THIS POLICY.

    IF YOU LEARN OF A POTENTIAL VIOLATION OF THIS POLICY BY US OR AN OUTSIDE PARTY, PLEASE CONTACT US.

    How to Contact Us

    If you have any questions regarding this Policy, please contact us at:

    Email: privacy@blacktalonsecurity.com        
    Phone: 800-683-3797        
    Mail: Black Talon Security, LLC, 2875 Route 35, Katonah, NY 10536