Beauceron Privacy Policy

Updated July 2, 2018

This Privacy Policy describes how Beauceron Security Inc.  ("Beauceron", "our", "we" or "us") collects, uses, discloses, stores and otherwise processes information when you use our websites and services. 

We may review and update this policy periodically without prior notice. We will post a notice on www.beauceronsecurity.com to inform of any changes to this policy. We indicate when it was last updated. Your continued use of our websites after changes have been posted to this privacy policy will constitute your acceptances of such changes. 

By providing your personal data to Beauceron, you agree you are authorized to provide that information and are accepting this Privacy Policy. If you do not agree with our practices, please do not register, subscribe, create an account or otherwise interact with our websites or services. 

The data controller of your personal data is Beauceron Security Inc. We are located at 61 Carleton Street, Suite 3, Fredericton, New Brunswick, Canada. E3B 3T2. Our data protection officer is our chief security officer (CSO), reachable at privacy@beauceronsecurity.com. 

Our commitment to privacy

We strive to adhere to the principles of privacy by design (PbD) in our business operations and services.  We appreciate any feedback on how we can further improve to meet this goal. 

Information collected 

This Privacy Policy applies to Personal Data (defined below) and other information collected by Beauceron or its service providers from or about visitors to, or users of, Beauceron websites or services.

The term “Personal Data” in this Privacy Policy refers to information that does or is capable of identifying you as an individual. Personal Data may include the following: name, address and contact data (i.e. email address, telephone number, job title and employer name).

Beauceron only collects minimum Personal Data required to offer our services. 

Your Personal Data may be provided to us by our Clients.  In such cases, Beauceron shall process such Personal Data as a data processor on behalf of those Clients who use our services. In such instances, our client’s privacy policy, rather than this Privacy Policy, will apply to our processing of your Personal Data.

We collect de-personalized, pseudo-anonymized data that does not identify you or our clients ("aggregate data") and use such data to improve our website and services. 

We collect Technical Information provided about you when from your web browser when you interact with our website or application. This "Technical Information" does not, by itself, identify a specific individual but could be use to indirectly identify you. Our website and applications automatically record Technical Information, which includes your Internet Protocol "IP" address, browser type and version, language and the data and time of your request. We use this information to improve our website and services. 


How we collect information

Website

We collect information when you visit our website, submit your information via our web forms or use our services. 

E-mail communications - marketing

We use pixel tags and cookies in our marketing e-mails so that we can track interactions with those messages, such as when they are opened or a link is clicked within them. We use these tools to help determine interest in our services and to improve our communications. 

E-mail communications - services

Our phishing simulation services use pixel tags, cookies and URL tracking when conducting exercises. These tools allow us and our clients to measure when simulated phishing e-mails are opened, when links are clicked on or if attachments are accessed. We use this information to help clients improve their cybersecurity awareness efforts. 

Log files

We use log files on our services. We use this to understand how our services are being used, to monitor for unauthorized account activity and to monitor the performance and availability of our services. 

Cookies

We collect information about your use of our website and services through the use of cookies. A cookie is a small text file stored on your device that can be used to track your interests, settings and preferences or to personalize your experience with our website or service. 

We use analytics and performance cookies and tracking code provided to us by Google Analytics and HubSpot. 


We may use your information to:

  • Provide personalized content;
  • Process and respond to inquiries;
  • Provide marketing information about services;
  • Improve our website;
  • Improve our services;
  • Deliver our services

We will use your information in accordance with our Terms of Service or any applicable Client Corporate Subscription Agreement, Maintenance and Support Agreement or any other fully executed agreement between the parties. 

You have the right to to know what Personal Data we may hold about you. You can submit a request to us at privacy@beauceronsecurity.com. We will supply Personal Data about you that we hold and will do so in as reasonable a timeframe as possible.  We reserve the right to charge a reasonable fee for repeated requests. 

How we use information


We will not sell or rent your information to a third-party. 

We may disclose your personal data with contracted third-party vendors and service providers who we work with and are contractually bound by confidentiality obligations. We only share Personal Data with vendors and service providers to help us provide our service to you.

Acquisition or sale

If Beauceron sells any or all of its operations, we may transfer Personal Data in connection with such a sale. In the event of a sale, where possible, Beauceron will contact those whose data will be disclosed. 

Lawful access

We reserve the right to disclose information, by law, litigation or as a matter of national security to comply with valid legal processes including subpoenas, court orders or search warrants. We may also disclose Personal Data in the event of an emergency that threatens an individual's life, health or security. 

We will provide information to law enforcement or government officials when provided with a production or court order. Where permitted by law or order, we will inform you of any lawful access requests. 

To date, we have not had any lawful access requests. 

Information Sharing


Opt-out.  You may contact Beauceron at any time to opt-out of:

  • Any marketing communications or commercial electronic message (e-mail, text, social media message)

Access.  You may access the data we hold about you at any time by contacting us directly or viewing your personal profile in our service.

Move.  You may receive an extract all of your personal data in a CSV format for your personal use or use in another platform. 

Erase and Forget. If the data we have about you is not correct or no longer relevant, you can request we erase your data. 

Individual Rights


We use reasonable administrative, technical and physical safeguards to protect Personal Data from unauthorized access, modification or disclosure. Only necessary people and third-parties have access to personal data. 

We require our third-party service providers and partners agree to keep all confidential information shared with them secure and to use any information shared with them to perform their obligations we have in place with them. We provide third parties with only the information required to perform the function for which we have engaged with them. Any information you provide directly to them independently is subject to their respective privacy polices. 

Liability

Any and all liabilities related to any security incidents will be as outlined in our Terms of Service, any Client applicable Client Corporate Subscription Agreement, Maintenance and Support Agreement or any other fully executed agreement between the parties.

Unless stated in those agreements, Beauceron will not be responsible for any damages or liabilities related to the loss, damage, abuse, alteration or disclosure of Personal Data to the fullest extent permitted by law. 

Notification

Upon confirmation of any security incident involving your personal data, we will notify you of any such loss, misuse or alteration of Personal Data that may affect you so that you can take the appropriate actions for the due protection of your rights. We will do as soon as possible or as required by law, whichever is lesser. 

Security


Website

Our public website (www.beauceronsecurity.com) is hosted in the United States with data related to it processed and stored in the United States.

Service

Our service is hosted, processed and stored in Canada and Europe by a third-party acting on our behalf.  

Retention - Beauceron

Beauceron retains information for business purposes for as long as an account is active and/or as long as is reasonably required to provide you with our services. We will retain your information for as long as reasonably necessary to comply with any and all legal obligations, resolve disputes or to enforce agreements.  Data requested to be deleted may be retained in backup systems for up to 90 days. 

Retention - Clients

Our clients have the ability to customize the retention of Personal Data in their respective service.  Data retention periods will be subject to those settings.

Data retention and storage


Links to other websites or services

Our website or services may link to third-party websites. Beauceron is not responsible for any personal data collected by those third-party sites or services. Information collected by third-party websites is subject to their privacy policy. 


If you have any questions, concerns, or suggestions regarding this Privacy Policy, please contact us by email at privacy@beauceronsecurity.com.

Contact


We reserve the right to change this privacy policy without any prior notice. We will strive to update users of any material changes with 30 days. 

Change log

July 2, 2018

  • Fixed typo in Individual Rights, Access. Removed unnecessary "to". 

June 26, 2018

  • Launched expanded privacy policy.

Changes