This Privacy Policy explains how [Legal Entity Name] ("ColdRecon", "we", "us") handles personal information when you visit coldrecon.com, subscribe to the Daily Brief, or use the ColdRecon platform (together, the "Service"). We keep what we collect to what the Service needs, and we explain it plainly here.
01Scope
This policy covers personal information we process as a controller through the Service. It does not cover third-party websites or services we link to, which have their own policies. By using the Service you agree to this policy.
02Information We Collect
We collect the following categories of personal information:
- Information you provide. Your email address when you subscribe to the Daily Brief. If you create an account or contact us, this may also include your name, company, role, and the contents of your message. For paid plans, billing details are collected and processed by our payment provider.
- Information collected automatically. When you use the Service we collect log and usage data such as IP address, browser and device type, pages viewed, links clicked, and the dates and times of access. We use this to operate, secure, and improve the Service.
- Communications. Records of correspondence when you contact us, and engagement data such as whether an email was opened or a link was followed.
We do not intentionally collect special categories of sensitive personal data, and we ask that you do not send them to us.
03The Intelligence We Compile
ColdRecon is an open-source intelligence service. The competitive intelligence in the Daily Brief and the platform is compiled from publicly available, published sources: vulnerability databases, vendor advisories and newsrooms, the security trade press, and public practitioner discussion.
We do not collect private or non-public information about the companies we analyze, and we do not gather personal data about individuals as part of that intelligence. Where public sources incidentally name individuals, such as a published executive announcement, we process only what is already public and only to the extent it is relevant to competitive analysis.
04How We Use Information
We use personal information to:
- Deliver the Daily Brief and operate the platform you have signed up for.
- Create and administer your account, and process payments for paid plans.
- Respond to your inquiries and provide support.
- Monitor, secure, debug, and improve the Service, and develop new features.
- Send service and, where permitted, occasional product communications. You can opt out of non-essential email at any time.
- Comply with legal obligations and enforce our Terms.
Where the law requires a legal basis, we rely on performance of our contract with you, your consent, our legitimate interests in operating and improving the Service, and compliance with legal obligations.
05Cookies and Similar Technologies
We use cookies and similar technologies to keep you signed in, remember preferences, measure usage, and improve the Service. Some are essential to the Service functioning. Others are optional, and where required we ask for your consent. You can control cookies through your browser settings, though disabling some may affect how the Service works.
06How We Share Information
We do not sell your personal information. We share it only as follows:
- Service providers. Vendors who process data on our behalf and under contract, such as hosting, email delivery, analytics, and payment processing. They may use it only to provide services to us.
- Legal and safety. Where we believe in good faith that disclosure is required by law, or necessary to protect the rights, safety, or property of ColdRecon, our users, or others.
- Business transfers. In connection with a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to this policy.
07Data Retention
We keep personal information for as long as needed to provide the Service and for the purposes described here, then for any period required to meet legal, accounting, or reporting obligations. When you unsubscribe or close your account, we delete or de-identify your personal information within a reasonable period, except where retention is legally required.
08Data Security
We use administrative, technical, and organizational measures designed to protect personal information, including encryption in transit and access controls. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work to protect your information and to respond promptly if an issue arises.
09Your Rights and Choices
Depending on where you live, you may have the right to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to withdraw consent. You can opt out of marketing email at any time using the unsubscribe link or by contacting us.
If you are in the European Economic Area or the United Kingdom, you have rights under the GDPR and UK GDPR, including the right to lodge a complaint with your supervisory authority. If you are a California resident, you have rights under the CCPA as amended, including the right to know, delete, and correct, and the right not to be discriminated against for exercising them. We do not sell or share personal information as those terms are defined under California law.
To exercise any right, contact us at [email protected]. We will verify your request and respond within the time the law requires.
10International Data Transfers
We may process and store information in countries other than the one where you live, including the United States. Where we transfer personal information across borders, we use appropriate safeguards required by applicable law, such as standard contractual clauses.
11Children's Privacy
The Service is intended for professional use by adults and is not directed to children. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, contact us and we will delete it.
12Changes to This Policy
We may update this policy as the Service evolves or as the law changes. When we do, we will revise the date above and, for material changes, provide a more prominent notice. Your continued use of the Service after an update means you accept the revised policy.
13Contact Us
Questions about this policy or your personal information can be sent to [email protected], or by mail to [Legal Entity Name], [Mailing Address].