Privacy Policy
1. Information We Collect
We collect information to provide and improve our cybersecurity audit management services:
- Account Information: Name, email address, organization details, and role
- Assessment Data: Audit findings, evidence, compliance assessments, and related documentation
- Usage Data: Platform interactions, feature usage, and performance metrics
- Technical Data: IP addresses, browser information, and device identifiers for security purposes
- Communication Data: Support interactions and platform messaging
2. How We Use Your Information
Your information is used to:
- • Provide cybersecurity audit management services
- • Generate compliance reports and assessments
- • Facilitate secure communication between audit teams and clients
- • Maintain platform security and prevent unauthorized access
- • Improve service functionality and user experience
- • Provide customer support and technical assistance
- • Send important service notifications and updates
3. Data Security and Protection
We implement comprehensive security measures:
- Encryption: All data is encrypted at rest and in transit using industry-standard protocols
- Access Controls: Role-based permissions and multi-factor authentication
- Audit Trails: Comprehensive logging of all system activities
- Network Security: Firewalls, intrusion detection, and monitoring systems
- Regular Security Assessments: Ongoing vulnerability testing and security reviews
4. Data Sharing and Disclosure
We do not sell personal information. Limited sharing occurs only:
- • Within your organization or between MSPs and their clients as configured
- • With service providers who assist in platform operations under strict confidentiality
- • When required by law or to protect legal rights
- • In connection with business transfers (with notice and data protection commitments)
5. Data Retention
We retain assessment data and audit information as long as your account is active or as needed to provide services. Assessment records may be retained longer for compliance and audit trail purposes. Personal information is deleted or anonymized when no longer necessary for business purposes.
6. Your Rights and Controls
You have rights regarding your personal information:
- • Access and review your personal data
- • Request corrections to inaccurate information
- • Export your assessment data and reports
- • Request deletion of personal information (subject to legal requirements)
- • Control communication preferences
- • Withdraw consent where applicable
7. Cookies and Tracking
We use essential cookies for platform functionality, security, and user authentication. Analytics cookies help us understand platform usage and improve services. You can control cookie preferences through your browser settings, though disabling essential cookies may affect platform functionality.
8. International Data Transfers
Your data may be processed in countries other than your residence. We ensure appropriate safeguards are in place for international transfers, including adequacy decisions and standard contractual clauses where applicable.
9. Children's Privacy
Our services are designed for business use and are not intended for individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will take steps to delete the information promptly.
10. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated via email or platform notifications. We encourage regular review of this policy to stay informed about data protection practices.
11. Contact Us
For questions about this Privacy Policy, data protection concerns, or to exercise your rights, please contact us at privacy@jolt.systems or through our support channels within the platform.