Privacy Policy

Version 1.0, Effective Date: 22nd October 2024


At Gecko Security, Inc. ("we," "our," or "us"), safeguarding the privacy of our users and visitors is one of our core priorities. This Privacy Policy outlines the types of information we collect, how we use it, and how we protect it when you interact with our website and services.


If you have additional questions or require more information about this Privacy Policy, please contact us at privacy@gecko.security.

1. Consent

By using our website and services, you consent to this Privacy Policy and agree to its terms. If you do not agree with any part of this policy, you should discontinue your use of our website and services immediately.

2. Information

We Collect We collect both personal and non-personal information as part of providing and improving our services. The specific types of information we collect include:


  • Personal Data: This includes your name, email address, phone number, company name, and any other information you provide directly when contacting us or engaging with our services.

  • Automatically Collected Data: We automatically collect certain information about your interaction with our website, such as IP address, browser type, referring/exit pages, and the date and time of your visit. This information is gathered through cookies and similar tracking technologies.


If you contact us directly, we may collect additional information, including any attachments or details you provide.

3. How We Use Your Information

We use the information we collect in the following ways:


  • To operate, maintain, and improve our website and services.

  • To personalize your experience and tailor content to your preferences.

  • To understand and analyze website usage and user behavior.

  • To develop new products, services, and features.

  • To prevent fraud and maintain the security of our website and services.


  1. Lawful Basis for Processing

Where we process personal data of individuals in the European Economic Area, we rely on one or mor

of the following lawful bases:


  • Contractual necessity: to perform our obligations under any agreement with you;

  • Legal obligation: to comply with applicable laws and regulations;

  • Legitimate interests: for our business operations (e.g. security, fraud prevention, service improvements), provided your rights do not override those interests;

  • Consent: where you have explicitly agreed to certain processing (e.g. marketing, communications).

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy or to

comply with legal obligations. Typical retention periods are:


  • Account and profile data: retained for the duration of our customer relationship plus up to 2 years thereafter;

  • Transactional and billing records: retained for at least 7 years to satisfy tax or audit requirements;

  • Support correspondence and logs: retained for up to 3 years to ensure quality and traceability;

  • Analytical/usage data: aggregated or anonymized data may be retained indefinitely. Upon expiry of these periods—or upon your valid request for erasure—we will securely delete or anonymise your data.


6. Third-Party Sharing & Subprocessors

We may share your information with:


  • Service providers (e.g. hosting, analytics, payment processors) acting as our data processors;

  • Professional advisers (e.g. legal, accounting firms) under confidentiality obligations;

  • Affiliates within the Gecko Security group subject to this policy.


A current list of subprocessors and their roles is available on our website. We conduct due-diligence and

impose contractual security and confidentiality requirements on all processors.


7. International Transfer

Your data may be transferred outside the European Economic Area (EEA) or the UK. In such cases, we

ensure appropriate safeguards, such as:


  • Standard Contractual Clauses adopted by the European Commission;

  • Adequacy decisions for the recipient country; or

  • Other lawful transfer mechanisms under applicable data-protection laws.


8. Cookies and Web Beacons

Like most websites, Gecko Security, Inc. uses cookies to store information about visitors’ preferences and track the pages they visit on our website. Cookies help us optimise user experience by customising web content based on browser type or other information.


You can choose to disable cookies through your browser settings. However, please note that disabling cookies may affect your ability to fully interact with our website.


9. Security Certifications & Audits

We maintain independent attestation of our control environment, including SOC 2 compliance. In

addition to encryption, penetration testing and regular vulnerability assessments, we undergo annual third-

party audits to verify the effectiveness of our technical and organizational measures.


10. Data Breach Notification

In the event of a personal-data breach, we will:


  1. Notify the relevant supervisory authority within 72 hours, where required by law;

  2. Inform affected individuals without undue delay if the breach is likely to result in a high risk to

their rights and freedoms;

  1. Provide guidance on steps they can take to mitigate potential harm.


11. User Controls & Preferences

You may:


  • Access, correct or delete your personal data via your account dashboard or by contacting us;

  • Withdraw consent to processing at any time (where consent is the lawful basis);

  • Object to processing based on our legitimate interests;

  • Opt out of marketing communications using the unsubscribe link in any marketing email.


11. User Controls & Preferences

You may:


  • Access, correct or delete your personal data via your account dashboard or by contacting us;

  • Withdraw consent to processing at any time (where consent is the lawful basis);

  • Object to processing based on our legitimate interests;

  • Opt out of marketing communications using the unsubscribe link in any marketing email.

12. Log Files

Gecko Security, Inc. follows standard industry procedures in using log files. These files record visitors'

interactions with our website, capturing details such as your IP address, browser type, ISP, date and time

of access, referring/exit pages, and click counts. This information is not linked to any personally

identifiable information. We use this data to analyze trends, administer the website, track user

movements, and gather general demographic data.


13. CCPA Privacy Rights

Under the California Consumer Privacy Act (CCPA), California residents have the right to:


  • Request disclosure of the categories and specific personal data collected about them.

  • Request that we delete any personal data collected about them.

  • Opt out of the sale of their personal data.


If you wish to exercise any of these rights, please contact us. We will respond within one month.

14. GDPR Data Protection Rights

We are committed to ensuring full compliance with the General Data Protection Regulation (GDPR). You have the following rights:


  • Right to Access: You can request copies of your personal data.

  • Right to Rectification: You can request corrections of inaccurate or incomplete information.

  • Right to Erasure: You can request that we delete your personal data under certain conditions.

  • Right to Restrict Processing: You can request that we limit the processing of your personal data.

  • Right to Object: You can object to the processing of your personal data under certain conditions.

  • Right to Data Portability: You can request that we transfer your data to another organisation or directly to you under certain conditions.


If you wish to exercise any of these rights, please contact us. We will respond within one month.

15. Children’s Information

Gecko Security, Inc. does not knowingly collect personal information from children under the age of 13. If you believe that a child has provided us with personal information, please contact us immediately, and we will promptly take steps to remove such information from our records.

16. Security Practices

We take the protection of your data seriously and employ industry-standard security measures, including encryption, regular penetration tests, and vulnerability assessments. While we strive to safeguard all customer data, no system can be 100% secure. We encourage security professionals and researchers to report any vulnerabilities in our products through our responsible disclosure program. We appreciate contributions and will credit security researchers who help us identify and fix security issues.

17. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and significant changes will be communicated to you through email or by a prominent notice on our website. Your continued use of the website and services after such updates signifies your acceptance of the new policy.

Contact Information


For questions about this Privacy Policy or to exercise your data rights, please contact us at:


Email: gecko@gecko.security

Mailing Address:

Gecko Security, Inc.

Suite GB12463, 4283 Express Lane

Sarasota

Florida

34249

USA


Privacy Policy

Version 1.0, Effective Date: 22nd October 2024


At Gecko Security, Inc. ("we," "our," or "us"), safeguarding the privacy of our users and visitors is one of our core priorities. This Privacy Policy outlines the types of information we collect, how we use it, and how we protect it when you interact with our website and services.


If you have additional questions or require more information about this Privacy Policy, please contact us at privacy@gecko.security.


  1. Consent

By using our website and services, you consent to this Privacy Policy and agree to its terms. If you do not agree with any part of this policy, you should discontinue your use of our website and services immediately.


  1. Information

We Collect We collect both personal and non-personal information as part of providing and improving our services. The specific types of information we collect include:


  • Personal Data: This includes your name, email address, phone number, company name, and any other information you provide directly when contacting us or engaging with our services.

  • Automatically Collected Data: We automatically collect certain information about your interaction with our website, such as IP address, browser type, referring/exit pages, and the date and time of your visit. This information is gathered through cookies and similar tracking technologies.


If you contact us directly, we may collect additional information, including any attachments or details you provide.


  1. How We Use Your Information

We use the information we collect in the following ways:


  • To operate, maintain, and improve our website and services.

  • To personalize your experience and tailor content to your preferences.

  • To understand and analyze website usage and user behavior.

  • To develop new products, services, and features.

  • To prevent fraud and maintain the security of our website and services.


  1. Lawful Basis for Processing

Where we process personal data of individuals in the European Economic Area, we rely on one or mor

of the following lawful bases:


  • Contractual necessity: to perform our obligations under any agreement with you;

  • Legal obligation: to comply with applicable laws and regulations;

  • Legitimate interests: for our business operations (e.g. security, fraud prevention, service improvements), provided your rights do not override those interests;

  • Consent: where you have explicitly agreed to certain processing (e.g. marketing, communications).

  1. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy or to

comply with legal obligations. Typical retention periods are:


  • Account and profile data: retained for the duration of our customer relationship plus up to 2 years thereafter;

  • Transactional and billing records: retained for at least 7 years to satisfy tax or audit requirements;

  • Support correspondence and logs: retained for up to 3 years to ensure quality and traceability;

  • Analytical/usage data: aggregated or anonymized data may be retained indefinitely. Upon expiry of these periods—or upon your valid request for erasure—we will securely delete or anonymise your data.


  1. Third-Party Sharing & Subprocessors

We may share your information with:


  • Service providers (e.g. hosting, analytics, payment processors) acting as our data processors;

  • Professional advisers (e.g. legal, accounting firms) under confidentiality obligations;

  • Affiliates within the Gecko Security group subject to this policy.


A current list of subprocessors and their roles is available on our website. We conduct due-diligence and

impose contractual security and confidentiality requirements on all processors.


  1. International Transfer

Your data may be transferred outside the European Economic Area (EEA) or the UK. In such cases, we

ensure appropriate safeguards, such as:


  • Standard Contractual Clauses adopted by the European Commission;

  • Adequacy decisions for the recipient country; or

  • Other lawful transfer mechanisms under applicable data-protection laws.

  1. Cookies and Web Beacons

Like most websites, Gecko Security, Inc. uses cookies to store information about visitors’ preferences and track the pages they visit on our website. Cookies help us optimise user experience by customising web content based on browser type or other information.


You can choose to disable cookies through your browser settings. However, please note that disabling cookies may affect your ability to fully interact with our website.

  1. Security Certifications & Audits

We maintain independent attestation of our control environment, including SOC 2 compliance. In

addition to encryption, penetration testing and regular vulnerability assessments, we undergo annual third-party audits to verify the effectiveness of our technical and organizational measures.

  1. Data Breach Notification

In the event of a personal-data breach, we will:

  1. Notify the relevant supervisory authority within 72 hours, where required by law;

  2. Inform affected individuals without undue delay if the breach is likely to result in a high risk to

their rights and freedoms;

  1. Provide guidance on steps they can take to mitigate potential harm.

  1. User Controls & Preferences

You may:


  • Access, correct or delete your personal data via your account dashboard or by contacting us;

  • Withdraw consent to processing at any time (where consent is the lawful basis);

  • Object to processing based on our legitimate interests;

  • Opt out of marketing communications using the unsubscribe link in any marketing email.



  1. Log Files

Gecko Security, Inc. follows standard industry procedures in using log files. These files record visitors'

interactions with our website, capturing details such as your IP address, browser type, ISP, date and time

of access, referring/exit pages, and click counts. This information is not linked to any personally

identifiable information. We use this data to analyze trends, administer the website, track user

movements, and gather general demographic data.

  1. CCPA Privacy Rights

Under the California Consumer Privacy Act (CCPA), California residents have the right to:


  • Request disclosure of the categories and specific personal data collected about them.

  • Request that we delete any personal data collected about them.

  • Opt out of the sale of their personal data.


If you wish to exercise any of these rights, please contact us. We will respond within one month.

  1. GDPR Data Protection Rights

We are committed to ensuring full compliance with the General Data Protection Regulation (GDPR). You have the following rights:


  • Right to Access: You can request copies of your personal data.

  • Right to Rectification: You can request corrections of inaccurate or incomplete information.

  • Right to Erasure: You can request that we delete your personal data under certain conditions.

  • Right to Restrict Processing: You can request that we limit the processing of your personal data.

  • Right to Object: You can object to the processing of your personal data under certain conditions.

  • Right to Data Portability: You can request that we transfer your data to another organisation or directly to you under certain conditions.


If you wish to exercise any of these rights, please contact us. We will respond within one month.


  1. Children’s Information

Gecko Security, Inc. does not knowingly collect personal information from children under the age of 13. If you believe that a child has provided us with personal information, please contact us immediately, and we will promptly take steps to remove such information from our records.


  1. Security Practices

We take the protection of your data seriously and employ industry-standard security measures, including encryption, regular penetration tests, and vulnerability assessments. While we strive to safeguard all customer data, no system can be 100% secure. We encourage security professionals and researchers to report any vulnerabilities in our products through our responsible disclosure program. We appreciate contributions and will credit security researchers who help us identify and fix security issues.


  1. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and significant changes will be communicated to you through email or by a prominent notice on our website. Your continued use of the website and services after such updates signifies your acceptance of the new policy.


Contact Information

For questions about this Privacy Policy or to exercise your data rights, please contact us at:


Email: gecko@gecko.security

Mailing Address:

Gecko Security, Inc.

Suite GB12463, 4283 Express Lane

Sarasota

Florida

34249

USA


Privacy Policy

Version 1.0, Effective Date: 22nd October 2024


At Gecko Security, Inc. ("we," "our," or "us"), safeguarding the privacy of our users and visitors is one of our core priorities. This Privacy Policy outlines the types of information we collect, how we use it, and how we protect it when you interact with our website and services.


If you have additional questions or require more information about this Privacy Policy, please contact us at privacy@gecko.security.


  1. Consent

By using our website and services, you consent to this Privacy Policy and agree to its terms. If you do not agree with any part of this policy, you should discontinue your use of our website and services immediately.


  1. Information

We Collect We collect both personal and non-personal information as part of providing and improving our services. The specific types of information we collect include:


  • Personal Data: This includes your name, email address, phone number, company name, and any other information you provide directly when contacting us or engaging with our services.

  • Automatically Collected Data: We automatically collect certain information about your interaction with our website, such as IP address, browser type, referring/exit pages, and the date and time of your visit. This information is gathered through cookies and similar tracking technologies.


If you contact us directly, we may collect additional information, including any attachments or details you provide.


  1. How We Use Your Information

We use the information we collect in the following ways:


  • To operate, maintain, and improve our website and services.

  • To personalize your experience and tailor content to your preferences.

  • To understand and analyze website usage and user behavior.

  • To develop new products, services, and features.

  • To prevent fraud and maintain the security of our website and services.


  1. Lawful Basis for Processing

Where we process personal data of individuals in the European Economic Area, we rely on one or more of the following lawful bases:


  • Contractual necessity: to perform our obligations under any agreement with you;

  • Legal obligation: to comply with applicable laws and regulations;

  • Legitimate interests: for our business operations (e.g. security, fraud prevention, service improvements), provided your rights do not override those interests;

  • Consent: where you have explicitly agreed to certain processing (e.g. marketing, communications).


  1. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy or to comply with legal obligations. Typical retention periods are:


  • Account and profile data: retained for the duration of our customer relationship plus up to 2 years thereafter;

  • Transactional and billing records: retained for at least 7 years to satisfy tax or audit requirements;

  • Support correspondence and logs: retained for up to 3 years to ensure quality and traceability;

  • Analytical/usage data: aggregated or anonymized data may be retained indefinitely. Upon expiry of these periods—or upon your valid request for erasure—we will securely delete or anonymise your data.


  1. Third-Party Sharing & Subprocessors

We may share your information with:


  • Service providers (e.g. hosting, analytics, payment processors) acting as our data processors;

  • Professional advisers (e.g. legal, accounting firms) under confidentiality obligations;

  • Affiliates within the Gecko Security group subject to this policy.


A current list of subprocessors and their roles is available on our website. We conduct due-diligence and

impose contractual security and confidentiality requirements on all processors.


  1. International Transfer

Your data may be transferred outside the European Economic Area (EEA) or the UK. In such cases, we

ensure appropriate safeguards, such as:


  • Standard Contractual Clauses adopted by the European Commission;

  • Adequacy decisions for the recipient country; or

  • Other lawful transfer mechanisms under applicable data-protection laws.

  1. Cookies and Web Beacons

Like most websites, Gecko Security, Inc. uses cookies to store information about visitors’ preferences and track the pages they visit on our website. Cookies help us optimise user experience by customising web content based on browser type or other information.


You can choose to disable cookies through your browser settings. However, please note that disabling cookies may affect your ability to fully interact with our website.

  1. Security Certifications & Audits

We maintain independent attestation of our control environment, including SOC 2 compliance. In

addition to encryption, penetration testing and regular vulnerability assessments, we undergo annual third-party audits to verify the effectiveness of our technical and organizational measures.

  1. Data Breach Notification

In the event of a personal-data breach, we will:

  1. Notify the relevant supervisory authority within 72 hours, where required by law;

  2. Inform affected individuals without undue delay if the breach is likely to result in a high risk to

their rights and freedoms;

  1. Provide guidance on steps they can take to mitigate potential harm.

  1. User Controls & Preferences

You may:


  • Access, correct or delete your personal data via your account dashboard or by contacting us;

  • Withdraw consent to processing at any time (where consent is the lawful basis);

  • Object to processing based on our legitimate interests;

  • Opt out of marketing communications using the unsubscribe link in any marketing email.



  1. Log Files

Gecko Security, Inc. follows standard industry procedures in using log files. These files record visitors' interactions with our website, capturing details such as your IP address, browser type, ISP, date and time of access, referring/exit pages, and click counts. This information is not linked to any personally

identifiable information. We use this data to analyze trends, administer the website, track user movements, and gather general demographic data.

  1. CCPA Privacy Rights

Under the California Consumer Privacy Act (CCPA), California residents have the right to:


  • Request disclosure of the categories and specific personal data collected about them.

  • Request that we delete any personal data collected about them.

  • Opt out of the sale of their personal data.


If you wish to exercise any of these rights, please contact us. We will respond within one month.


  1. GDPR Data Protection Rights

We are committed to ensuring full compliance with the General Data Protection Regulation (GDPR). You have the following rights:


  • Right to Access: You can request copies of your personal data.

  • Right to Rectification: You can request corrections of inaccurate or incomplete information.

  • Right to Erasure: You can request that we delete your personal data under certain conditions.

  • Right to Restrict Processing: You can request that we limit the processing of your personal data.

  • Right to Object: You can object to the processing of your personal data under certain conditions.

  • Right to Data Portability: You can request that we transfer your data to another organisation or directly to you under certain conditions.


If you wish to exercise any of these rights, please contact us. We will respond within one month.


  1. Children’s Information

Gecko Security, Inc. does not knowingly collect personal information from children under the age of 13. If you believe that a child has provided us with personal information, please contact us immediately, and we will promptly take steps to remove such information from our records.


  1. Security Practices

We take the protection of your data seriously and employ industry-standard security measures, including encryption, regular penetration tests, and vulnerability assessments. While we strive to safeguard all customer data, no system can be 100% secure. We encourage security professionals and researchers to report any vulnerabilities in our products through our responsible disclosure program. We appreciate contributions and will credit security researchers who help us identify and fix security issues.


  1. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and significant changes will be communicated to you through email or by a prominent notice on our website. Your continued use of the website and services after such updates signifies your acceptance of the new policy.


Contact Information

For questions about this Privacy Policy or to exercise your data rights, please contact us at:


Email: gecko@gecko.security

Mailing Address:

Gecko Security, Inc.

Suite GB12463, 4283 Express Lane

Sarasota

Florida

34249

USA