Privacy Policy

Last updated: March 2026

Overview

Exposure Security LLC ("Exposure Security," "we," "us," or "our") respects your privacy. This policy explains what information we collect, how we use it, and your rights regarding that information. It applies to all visitors and users of exposuresecurity.com and our products and services.

Information We Collect

Information You Provide

We collect information you voluntarily provide when you:

  • Submit a consultation request or contact form (name, email address, company name, phone number, and details about your security needs)
  • Subscribe to our mailing list or newsletter (email address)
  • Purchase a product (name, email address, and payment information processed by Stripe)
  • Correspond with us via email

Information Collected Automatically

When you visit our website, we automatically collect certain information through Google Analytics, including:

  • IP address (anonymized)
  • Browser type and version
  • Operating system
  • Pages visited, time spent on pages, and referring URLs
  • Device type (desktop, mobile, tablet)
  • Geographic location (country/region level)

How We Use Your Information

  • Service delivery: To respond to consultation requests, provide cybersecurity services, and fulfill product purchases
  • Communications: To send transactional emails related to your purchases or inquiries, and marketing communications if you have opted in
  • Analytics: To understand how visitors use our website and improve our content and services
  • Legal compliance: To comply with applicable laws and regulations

We do not sell, rent, or share your personal information with third parties for their marketing purposes.

Third-Party Services

We use the following third-party services that may process your data:

  • Google Analytics: Website analytics. Google's privacy policy applies to data collected through their service. We use IP anonymization. You can opt out using the Google Analytics Opt-out Browser Add-on.
  • Stripe: Payment processing for product purchases. Stripe processes payment information directly — we do not store credit card numbers. Stripe's privacy policy governs their handling of your payment data.

Cookies and Tracking

Our website uses cookies and similar technologies:

  • Essential cookies: Required for basic website functionality
  • Analytics cookies: Google Analytics uses cookies to distinguish unique users and track sessions. These cookies (such as _ga, _gid) collect anonymized usage data

You can control cookies through your browser settings. Disabling analytics cookies will not affect your ability to use our website. Most browsers allow you to refuse or delete cookies — consult your browser's help documentation for instructions.

Data Retention

We retain personal information only as long as necessary to fulfill the purposes described in this policy. Contact form submissions and email correspondence are retained for the duration of our business relationship and a reasonable period thereafter. Analytics data is retained according to Google Analytics' default retention settings.

Data Security

As a cybersecurity company, we take the security of your data seriously. We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure.

Your Rights Under CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following rights:

  • Right to know: You may request disclosure of the categories and specific pieces of personal information we have collected about you
  • Right to delete: You may request deletion of your personal information, subject to certain exceptions
  • Right to opt out of sale: We do not sell personal information. No opt-out is necessary
  • Right to non-discrimination: We will not discriminate against you for exercising your CCPA rights

To exercise these rights, contact us at privacy@exposuresecurity.com. We will respond within 45 days.

Your Rights Under GDPR (EEA/UK Residents)

If you are located in the European Economic Area or United Kingdom, the General Data Protection Regulation (GDPR) provides you with the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate personal data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Restriction: Request restriction of processing of your personal data
  • Portability: Request transfer of your personal data in a structured, machine-readable format
  • Objection: Object to processing of your personal data for direct marketing

Our legal basis for processing personal data is legitimate interest (responding to inquiries and providing services) and consent (marketing communications). To exercise these rights, contact us at privacy@exposuresecurity.com.

CAN-SPAM Compliance

We comply with the CAN-SPAM Act. When we send marketing emails:

  • We will not use false or misleading subjects or email addresses
  • We will identify the message as an advertisement where required
  • We will include our physical mailing address
  • We will honor opt-out/unsubscribe requests within 10 business days
  • Every marketing email includes a clear unsubscribe mechanism

You may unsubscribe from marketing communications at any time by clicking the unsubscribe link in any email or by contacting us at privacy@exposuresecurity.com. Unsubscribing from marketing emails will not affect transactional emails related to your purchases or active service engagements.

Children's Privacy

Our website and services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us and we will promptly delete it.

Changes to This Policy

We may update this privacy policy from time to time. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of our website after changes constitutes acceptance of the updated policy.

Contact

For questions about this privacy policy or to exercise your data rights:

Email: privacy@exposuresecurity.com
General inquiries: info@exposuresecurity.com