Our Privacy Policy

Bits&Digits Technical Data Privacy Policy

(“Bits&Digits”) is a counter social intelligence firm that provides bespoke cyber intelligence management, organization vulnerability analytics and security testing services on clients various technology platforms. For this purpose, Bits&Digits collects and processes pseudonymous data when we work with partners,and client platforms. If Bits&Digits collects personal data it will only do so with proactive consent from users when providing counter social intelligence services on behalf of partners and clients. Finally, Bits&Digits collects personal information from clients in order maintain client accounts and for billing purposes.

Revision 1.0 2017

Bits&Digits is a counter social intelligence firm that provides bespoke cyber intelligence management, organization vulnerability analytics and security testing services on clients various technology platforms as described on our website at https://www.bitsdigits.com

Our privacy policy describes how we may collect and use information from our own website and in connection with the services we provide to partners, including clients and affiliates we conduct social intelligence services for.

Your privacy is extremely important to us and our priority is to protect it. Not only do we adhere and surpass in most cases, applicable data security laws and regulations and follow industry best practices for security testing, we also never sell or share personal information.

For purposes of this Privacy Policy, personal information is information that can be used to identify a specific individual and would allow someone to determine the actual identity of and/or directly contact a specific living person. It includes information such as name, physical address, phone number and email address.

Note that this privacy policy does not apply to our clients and how they treat data, though we encourage the implementation of equal more security requirements. However we provide a solution that enables our clients to manage their digital data subject to adherence tot he data security requirements enforced by applicable laws.

If our clients are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that they are transferring information and permitting the transfer of information, including personal information, to a country and jurisdiction that does not have the same data protection laws as our jurisdiction, and they consent to the transfer of information to the U.S. and the use and disclosure of information about our clients, including personal information, as described in this Privacy Policy. Bits&Digits complies with the Principles of the EU-US Privacy Shield Framework (see below).

1. WHAT INFORMATION DO WE COLLECT AND WHAT DO WE DO WITH IT?

Non-Personal Information Collected from the Use of Our Services

We may obtain non-personal information about our clients, including de-identified location and other mobile and online usage information, from our clients in order to conduct data security assessments. For example, we may collect and use de-identified device location information provided by our clients telecommunications operator partners. This information does not enable us to personally identify you but may include a unique anonymous identifier associated with your device. Non-personal information collected from our partners is subject to their respective privacy policies and terms of services, not this privacy policy.

Non-Personal Information Collected When Using Our Services

This type of information does not enable us to personally identify people but may contain identifiers created the collection of our security reviews to store information on our servers and later retrieve it to enhance our analytic capabilities. We utilize this non-personal information to enhance our services to perform several tasks, such as improving the relevance of threat indicators as we believe that more relevant indications is more useful to you in addition to being more effective for advertisers, limiting the number of times a specific advertisement is presented to the same user, providing an advertisement to only certain types of users, providing reports to a partner or client, or improving the quality and design of the services we offer.

Any such information is received in accordance with the third party application or website’s privacy policies and subject to their terms and conditions.

2. WITH WHOM DO WE SHARE THE INFORMATION WE COLLECT?

We maintain a strict policy against sharing any data we may obtain.

When we deem it necessary or appropriate to provide such information to law enforcement authorities; to protect our rights, or to take precautions against liability;

to protect users of our services from fraudulent, abusive, or unlawful use of, or subscription to, such services; in the course of a sale, merger, transfer, exchange or other disposition (whether of assets, stock or otherwise) of all or a portion of our business, in which case information we have collected or otherwise acquired may be one of the assets transferred.

In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, Bits&Digits is potentially liable.

5. HOW DO WE SECURE YOUR PERSONAL INFORMATION?

We take above average efforts to maintain security protections in accordance with industry practices to protect data we collect from loss, alteration, destruction, misuse and unauthorized access or disclosure.

To prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of the personal information we may obtain, we have implemented physical, technical, and administrative procedures. We utilize hashing, FIPS 140-2 encryption and de-identification techniques to help ensure your privacy is safeguarded.

We have policies to help maintain control and physical security of the facilities used to store data and only allow access to authorized personnel, restrict access to data to those employees, contractors and agents that have a need to know the information in order to provide and support our services. All our employees are bound by confidentiality obligations and may be subject to disciplinary or legal action if they fail to meet these responsibilities.

We process information in a way that is compatible with and relevant for the purpose for which it was collected. To the extent necessary for those purposes, we take reasonable steps to ensure that any information in our care is accurate, complete, current and reliable for its intended use.

6. CHILDREN’s PERSONAL INFORMATION (COPAA)

Bits&Digits does not knowingly collect or solicit personal information from or about children under 13, except as permitted by U.S. federal law (for example, if a child under 13 sends us an email without being asked). If we discover that we have received any personal information from a child under 13 in violation of this Privacy Policy, we will delete such information from our servers and records promptly.

If you believe Bits&Digits has any information pertaining to anyone under 13, please contact us at privacy (at) Bits&Digits .com

7. DATA FROM THE EUROPEAN UNION

Bits&Digits complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Bits&Digits has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. A violation of our commitment to Privacy Shield may be investigated by the Federal Trade Commission and/or the United States Department of Commerce. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page once it is available, please visit https://www.privacyshield.gov.

In compliance with the EU-US Privacy Shield, Bits&Digits commits to resolve complaints about your privacy and our collection or use of your personal information. Persons from the European Union who have inquiries or complaints regarding this privacy policy should first contact us via: email at: privacy (at) Bits&Digits .com

Bits&Digits has committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to the BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

8. CHANGES TO PRIVACY POLICY

Bits&Digits reserves the right to change this Privacy Policy at any time. If Bits&Digits decides to change this privacy policy, we will post the changes on this page and revise the “Last Updated” date above. Any changes to our Privacy Policy will become effective upon our posting of the revised Privacy Policy on this page. Use of the Bits&Digits services or Site following such changes constitutes your acceptance of the revised Privacy Policy that is in effect.

9. CONTACT US

Questions and comments regarding this Privacy Policy should be directed to datalock (at) Bits&Digits dot com or mailed to Bits&Digits , Attn: Privacy Office 1225 Laurel St, Columbia, SC 29201