Privacy Policy
How we collect, use, share, and protect personal information through this website, and the choices available to you. We keep this plain and specific, the way we approach the rest of our work.
Optiv Services LLC and its wholly owned subsidiaries, Cysecure Advisory Services ULC (Canada) and Cysecure Advisory Private Limited (India), operating under the brand Optiv Consulting (formerly part of Optiv Security) (collectively, "we," "us," or "our"), developed this Privacy Policy to explain how we collect, use, share, and protect Personal Information (defined below), and the choices you have about the collection and use of your Personal Information.
This Privacy Policy applies to Personal Information collected through our website at cysecureservices.com and any electronic systems we use for our virtual or in person business and events (collectively, the "Site"). It does not apply to information we process on behalf of our clients in the course of delivering advisory, consulting, and transformation services. See Section 1 for that distinction.
Scope of this policy
This Privacy Policy describes our practices when we act as the party that determines why and how Personal Information is processed (a "controller" under certain laws) in connection with the Site, our marketing, and our business and events.
We are a cybersecurity advisory firm. When we deliver services to a client, we often process Personal Information on that client's instructions and on their behalf. In those cases we act as a "processor" or "service provider," and that processing is governed by our agreement with the client and the client's own privacy notices, not by this Privacy Policy. If you have a question about how a particular client uses your Personal Information, please contact that client directly.
If you are applying for a role with us, the Personal Information you provide as part of recruiting and hiring is handled for that purpose and is not used for the marketing purposes described below.
What is Personal Information?
"Personal Information" is information that, either alone or in combination with other information, identifies, relates to, or could reasonably be linked with you. Examples include your name, email address, phone number, mailing address, company, job title, and online identifiers such as an IP address. When we combine Personal Information with other information, we treat the combined information as Personal Information.
Where a defined term such as "Personal Information," "personal data," or "personal data principal" has a specific meaning under a law that applies to you, we use that meaning for the purposes of the sections of this policy that address that law.
Information we collect
Information you provide to us
Contact and inquiry information. When you complete the contact form or otherwise reach out to us, we ask for information such as your first and last name, work email address, company, and your role, along with the message you send us. Some fields are required so that we can respond; if you choose not to provide them, we may not be able to follow up.
Communications and events. If you correspond with us by email, we keep a record of that correspondence and the information you share with us, so that we can respond and maintain our business relationship. If you take part in one of our virtual or in person events, calls, or meetings, we may record some or all of the session, and we use those recordings for business, training, and informational purposes.
Information we collect automatically
Log file information. When you use the Site, our hosting infrastructure automatically records information such as your IP address, browser type, referring and exit pages, the pages you view, and the dates and times of your visits. We use this information to operate and secure the Site, to identify and address potential threats, and to understand how the Site is used.
Usage and analytics information. We use cookies and similar technologies to understand how visitors interact with the Site. This is described in Section 5. Our analytics provider also estimates your approximate location, such as your city or region, from your IP address. We do not collect precise geolocation from your device.
We do not run advertising networks on the Site, and we do not use the Site to build profiles for third party advertising. See Section 6 for more on how we handle sharing.
How we use Personal Information
We use Personal Information to:
- operate, maintain, secure, and improve the Site;
- respond to your inquiries and provide the information or services you request;
- communicate with you about our services, insights, and events where we have a lawful basis to do so, and manage your communication preferences;
- understand how the Site is used so that we can improve its content and performance;
- establish, exercise, or defend legal claims, and protect our rights, property, and people;
- comply with applicable laws and meet our legal and regulatory obligations; and
- support other purposes related to the reason you provided the information, with your consent where required.
Where we rely on your consent, you may withdraw it at any time as described in Section 11.
Cookies and similar technologies
Cookies are small files placed on your device. We use a limited set of cookies and similar technologies for two purposes: to make the Site function, and to measure how it is used. The specific cookies we set are listed in our Cookie Policy.
Analytics. We use Google Analytics to understand aggregate Site usage, such as which pages are visited and how visitors navigate. Google processes this information on our behalf. You can learn how Google handles data at policies.google.com/privacy, and you can opt out of Google Analytics across sites using the browser add on at tools.google.com/dlpage/gaoptout.
Managing cookies. Most browsers let you block, delete, or disable cookies through their settings. If you block cookies, some parts of the Site may not function as intended. For help, review the support pages for your browser or device.
Do Not Track. Some browsers can send a "Do Not Track" signal. There is no common industry standard for responding to these signals, and we do not currently respond to them.
International data transfers
We operate in the United States, Canada, and India, and we use service providers in other countries. As a result, your Personal Information may be transferred to, stored in, and processed in countries other than the one in which you are located, including the United States. The data protection laws of those countries may differ from the laws of your country.
Where we transfer Personal Information out of the European Economic Area, the United Kingdom, or another region that restricts such transfers, we rely on an appropriate safeguard recognized under the applicable law, such as the European Commission's Standard Contractual Clauses or the United Kingdom's International Data Transfer Agreement. You may request more information about these safeguards using the contact details in Section 14.
How we protect Personal Information
We maintain administrative, technical, and physical safeguards designed to protect Personal Information, including encryption of data in transit using current TLS standards and access controls appropriate to the sensitivity of the information. Despite these efforts, no method of transmission over the internet or method of electronic storage is completely secure. While we work to protect your Personal Information, we cannot guarantee its security during transmission or storage, and we do not represent or warrant that Personal Information about you will be protected against loss, misuse, or alteration by third parties.
Retention of Personal Information
We retain Personal Information for as long as necessary to fulfill the purposes for which it was collected, including to respond to your inquiries, maintain our business relationship, and comply with our legal, accounting, and reporting obligations. When Personal Information is no longer needed, we take steps to delete it or de identify it. Determining how long to keep information depends on its nature, the purpose for which it was collected, and any applicable legal requirements.
Children's privacy
The Site is intended for a business audience and is not directed to children. We do not knowingly collect Personal Information from anyone under the age of 18. If we learn that we have collected Personal Information from a child without appropriate consent, we will take steps to delete it. If you believe a child has provided us with Personal Information, please contact us using the details in Section 14.
Your privacy rights
Depending on where you live and the laws that apply to you, you may have rights over your Personal Information. To exercise any of these rights, email us at info@vobisventures.com or write to us at the address in Section 14. We will respond within the timeframes required by applicable law. We may need to verify your identity before acting on a request, and we will only use the information you provide to verify it. You may use an authorized agent to submit a request where the law permits, subject to verification.
European Economic Area and United Kingdom (GDPR and UK GDPR)
If you are in the EEA or the UK, our legal basis for processing your Personal Information depends on the context. We process it where we need to perform a contract with you, where it is in our legitimate interests (such as operating and improving the Site and communicating about our services), where we need to comply with a legal obligation, or where you have given consent.
Subject to conditions and exemptions in the law, you may have the right to: request access to your Personal Information; request correction of inaccurate or incomplete information; request erasure; object to or request restriction of certain processing; request data portability; and withdraw consent at any time where we rely on it. You also have the right to lodge a complaint with your local supervisory authority. We ask that you contact us first so we have the opportunity to address your concerns.
Canada (PIPEDA and Quebec Law 25)
If you are in Canada, you may request access to the Personal Information we hold about you and ask us to correct it if it is inaccurate or incomplete. Subject to applicable law, you may also withdraw consent to certain uses of your Personal Information and request that we cease using or disclosing it. You may direct a complaint to the Office of the Privacy Commissioner of Canada, or, for Quebec residents, to the Commission d'accès à l'information.
India (Digital Personal Data Protection Act, 2023)
If you are in India, you may have the right to access a summary of the Personal Information we process about you and the processing activities, to request correction or erasure, to nominate another person to exercise your rights in the event of death or incapacity, and to a grievance redressal mechanism. To make a request or raise a grievance, contact us using the details in Section 14.
California (CCPA, as amended by the CPRA)
This section provides additional detail for California residents. We do not sell Personal Information, and we do not share it for cross context behavioral advertising. We do not use or disclose sensitive Personal Information for purposes that would give rise to a right to limit its use. In the preceding 12 months, we have collected the following categories of Personal Information:
| Category | Examples | Source | Purpose |
|---|---|---|---|
| Identifiers | Name, email address, company, job title, IP address | Directly from you; automatically from your use of the Site | Respond to inquiries; operate and secure the Site; communicate with you |
| Internet or network activity | Pages viewed, interactions with the Site, analytics data | Automatically from your use of the Site | Understand and improve Site usage; security |
| Geolocation data (approximate) | Approximate location, such as city or region, inferred from your IP address (not precise device location) | Automatically from your use of the Site | Understand Site usage; security |
| Commercial / professional information | Your inquiry, your role, your organization, correspondence | Directly from you | Respond to inquiries; manage our business relationship |
| Audio, visual, or similar information | Audio or video recordings of webinars, calls, or meetings you take part in | Directly from you | Record, host, and improve our events; respond to inquiries |
We disclose these categories to our service providers for the business purposes described in Section 6. Subject to the CCPA, California residents may have the right to:
- Know and access
- Request the categories and specific pieces of Personal Information we have collected, the sources, the purposes, and the categories of recipients.
- Delete
- Request deletion of Personal Information we collected from you, subject to legal exceptions that may require us to retain it.
- Correct
- Request correction of inaccurate Personal Information we maintain about you.
- Opt out
- Opt out of the sale or sharing of Personal Information. As noted above, we do not sell or share Personal Information.
- Non discrimination
- Exercise these rights without receiving discriminatory treatment, such as being denied service or charged a different price.
To exercise these rights, contact us at info@vobisventures.com. You may also designate an authorized agent to make a request on your behalf, subject to verification.
Back to topOther websites and social media
The Site may link to third party websites and may reference our profiles on social media platforms. We are not responsible for the privacy practices or content of those third parties, and a link from the Site is not an endorsement. We encourage you to review the privacy policies of any third party site or service you visit.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or in applicable law. When we make material changes, we will update the "Effective date / Last updated" line at the top of this page and, where appropriate, provide additional notice. We encourage you to review this page periodically.
How to contact us
If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at:
Optiv Consulting (formerly part of Optiv Security)
Attn: Privacy
44679 Endicott Drive, Suite 300
Ashburn, VA 20147, United States
Email: info@vobisventures.com