Effective Date: January 1st, 2025

 

1. Categories of Personal Information Collected

 We collect information such as:

  • Contact details (name, email, phone)

  • Client company info

  • User account data for our managed services

  • Device and network information

  • Usage logs for support and security

 

2. Purpose of Collection

  • Providing and improving managed security services

  • Detecting and responding to security incidents

  • Customer support and troubleshooting

  • Compliance with legal obligations

 

3. Disclosure/Sharing Practices

We do not sell personal information as defined by the CCPA/CPRA. We may share data with vendors, service providers, and legal authorities only as needed for business operations and protection.

 

4. California Consumer Rights

  • California residents have the right to:

  • Know the categories and specific pieces of personal information collected and disclosed

  • Request deletion or correction of personal information

  • Opt-out of the sale or sharing of personal data (“Do Not Sell or Share My Personal Information”)

  • Limit use of sensitive personal information (where applicable)

  • Nondiscrimination for exercising these rights

 

5. Submitting Requests

To exercise your California privacy rights, email us at privacy@firmguardian.com. We may require verification of your identity.

 

6. Data Retention and Security

We retain personal information and secure it following industry standard practices including, but not limited to:

  • Data Minimization: Collect only the personal information necessary for the specific business purposes stated.

  • Data Retention Controls: Retain personal information only as long as needed to fulfill legal, contractual, or business purposes, and securely delete or anonymize data afterward.

  • Data Security: Employ technical safeguards such as encryption, multi-factor authentication, firewalls, and regular security

  • Employee Training: Train employees regularly on privacy obligations, security awareness, data handling practices, and breach response protocols.

  • Vendor Management: Ensure all third-party vendors and service providers comply with the same privacy and security standards.

 

7. Non-Discrimination

We will not discriminate against you for exercising your rights under the CCPA/CPRA.

 

8. Updates

We update this policy as needed and review it at least annually. Any changes will be posted on this page with a new effective date.