This Privacy Policy, as amended or otherwise changed from time to time (the "Privacy Policy" or “Policy”), explains the manner in which Bastion Information Security OÜ, 16948250, Harju maakond, Tallinn, Kesklinna linnaosa, Tornimäe tn 3 // 5 // 7, 10145 (hereinafter "Bastion Information Security OÜ" or the “Company”) maintains and discloses user information obtained through its website https://www.bastion-infosec.com (the "Site"). The terms "we," "us," and "our" refer to the Company. By using the Site, you ("User") consent to the data practices prescribed in this Privacy Policy.
Your Personal Data is processed under this Privacy Policy and in accordance with applicable legislation, including the General Data Protection Regulation (2016/679) ("GDPR") and the applicable national data protection laws (“Data Protection Law”).
The Company acts as data controllers of your Personal Data.
On occasion, the Company may revise this Privacy Policy to reflect changes in the law, our personal data collection and use practices, the features on the Site, or advances in technology. If material changes are made to this Privacy Policy, the changes will be prominently posted on the Site.
By using this Site, you signify your acceptance of this Policy. If you do not agree to this Policy, please do not use our Site. Your continued use of the Site following the posting of changes to this Policy will be deemed as your acceptance of those changes.
In case you disclose any Personal Data regarding any third person (e.g. your employee, management board member, co-worker, contracting party, etc.) to us, you are obliged to refer them to this Policy.
We collect Personal Data and Anonymous Data, as described below.
We may collect Personal Data from you, such as:
If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the e-mail, in order to send you a reply.
Some information is collected automatically by our servers:
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).
In general, Personal Data you submit is necessary for contacting you in the context of the delivery of products or services and administering such products and services. Also, we use your Personal Data in the following ways:
The Company does not sell user and/or Anonymous Data to any third party.
It may be necessary to disclose your information to comply with any law, court orders, or government request, defend against claims, investigate or bring legal action against illegal or suspected illegal activities, enforce our Terms, or protect the rights, safety, and security of the Company, our users, or the public.
Other than as stated in this Privacy Policy, the Company does not disclose any of your personal information to third parties unless required to do so by law enforcement, court order, or in compliance with legal reporting obligations.
All third-party service providers that we share your data with shall be requested to only process your data in accordance with instructions from us and comply fully with this Privacy Policy, any applicable data protection laws and any other appropriate confidentiality and security measures. We may also share your personal data with competent authorities when this is necessary to comply with a legal obligation, court order or comparable official order issued by an authorized authority.
We may share some or all of your Personal Data in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset.
If another company acquires our company, business, or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy.
The Site may contain links to other third-party websites which are regulated by their own privacy policies. The Company is not responsible for the privacy policies of these third-party websites even if they were accessed using the links from our site.
We keep the data you have provided to us on your user account for the whole period of your customer relationship and as long as it is necessary with regard to the purposes of the processing described above.
Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:
You also have the right to lodge a complaint with a Data Protection Authority (“DPA”) if you think that your Personal Data is being processed incorrectly or your rights have been violated by the Company. The Estonian Data Protection Inspectorate is available at http://www.aki.ee/en.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights).
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. Please note that in certain circumstances it may be still lawful for us to continue processing your information even where you have withdrawn your consent if one of the other legal bases is applicable.
You can make a request regarding your information by emailing info@bastion-infosec.com.
Unless you have made a corresponding request, we will retain your information for as long as your account has not been closed or as needed to provide you access to your account.
If you wish to close your account, please contact support team via e-mail. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our Terms.
The information we collect is primarily stored on secure servers in Hamburg. We will take all steps reasonably necessary to ensure that personal information is treated securely and in accordance with this Privacy Policy and that any third parties that we share your information with are bound to employ similar organizational and technical measures to ensure your information's security.
We take the protection of your personal information seriously. We use industry-standard data encryption technology and have implemented restrictions related to the storage of and the ability to access your personal information. However, despite all of our efforts, please note that no transmission over the Internet or method of electronic storage can not be guaranteed to be 100% secure.
If you have any questions about our Privacy Policy as outlined above, please contact us at info@bastion-infosec.com