Privacy Policy

‍Effective June 1, 2025

Pocket CISO’s Privacy Policy describes how Pocket CISO, LLC, collects, uses, and shares your personal data. This Privacy Policy applies to how we collect, use, disclose, and safeguard your information when you visit our website, engage with our consulting services, or interact with us through other channels.

‍

What is Personal Data at Pocket CISO? 

We adamantly believe that privacy is a fundamental human right and that those fundamental rights should not differ depending on where you are in the world. We classify any information that directly or indirectly identifies an individual human being, or can reasonably be used to do so, as 'personal data' in accordance with the General Data Protection Regulation (GDPR), regardless of the individual’s location or nationality. 

‍

Information we collect:
‍

1. Personal Information
   
   1. Name
   2. Email address
   3. Phone number
   4. Company name
   5. Job title
   6. Mailing address
   7. Any other information you voluntarily provide via our contact forms or consultation booking pages.
2. Non-Personal Information
   
   1. Browser type
   2. IP address
   3. Device information
   4. Site usage data (via cookies or analytics tools)

‍

Pocket CISOs Use of Personal Information 

‍

Pocket CISO uses personal data for our services to:
‍

• Process transactions.  To process financial transactions such as billing, invoicing, and receiving payments for consulting services rendered.  
  ‍
• Communicate with you.  To respond to communications, reach out for current services, communicate financial transactions, market our services, provide other relevant information, or request information or feedback.  We may use your personal data to send important notices, such as communications about changes to policies related to services. 
  ‍
• Security. To safeguard individuals, employees, and Pocket CISO, and to support loss prevention and fraud detection. For the protection of all users, we may pre-screen or scan uploaded content to identify potentially illegal material. 
  ‍
• Comply with Law. To comply with applicable laws, legal authorities or a lawful governmental request.  

‍

We may also use personal data for other purposes with your consent. 

‍

Personal Data Retention

Pocket CISO retains personal data only for so long as necessary to fulfill the purposes for which it was collected, including as described in this Privacy Policy or in our service-specific privacy notices, or as required by law. We will retain your personal data for the period necessary to fulfill the purposes outlined in this Privacy Policy, our service-specific privacy notices, and contractual obligations. When assessing retention periods, we first carefully examine whether it is necessary to retain the personal data collected and, if retention is required, work to retain the personal data for the shortest possible period permissible under law.

‍

Sharing information

Pocket CISO does not sell, rent, or trade your personal information. Pocket CISO does not use algorithms or profiling to make any decision that would significantly affect you without the opportunity for human review. Pocket CISO does not use or disclose sensitive personal data for any purposes that would require a user to exercise a right to limit processing according to California law.

‍

Pocket CISO does share information with:
‍

• Trusted third-party service providers who support our operations (e.g., email platforms, analytics tools, messaging platforms)
  ‍
• Legal authorities, if required by law or to protect our rights. 

‍

Pocket CISO does not sell your personal data, including how “sale” is defined in Nevada and California. Pocket CISO also does not “share” your personal data in how that term is defined in California.

‍

Protection of Personal Data at Pocket CISO

At Pocket CISO,  we believe strong privacy begins with strong security. That’s why we use a combination of administrative, technical, and physical measures to protect your personal data, taking into account the type of data, how it’s used, and potential risks. We continually improve these safeguards to help ensure your information remains secure.

‍

Cookies and Other Technologies

Pocket CISO’s websites, online services, and digital applications may use cookies and similar technologies such as web beacons. These tools help us better understand user behavior, improve security, detect and prevent fraud, analyze website traffic, and measure the performance of ads and search results.

‍

Types of Cookies We Use

‍

Communications Cookies. These cookies support the flow of data to and from our systems. They help us identify and resolve technical issues and ensure reliable access to our services.

‍

Strictly Necessary Cookies. These are essential for certain features or services you request. For example, they help display content in the correct format and language, verify your identity, and maintain items in your cart while shopping online.

‍

Other Cookies. These cookies help us understand how visitors interact with our site, assess the effectiveness of our marketing, and remember your preferences to enhance your experience.

‍

Managing Cookies. If you prefer not to use cookies, you can disable them through your browser settings. For example, if you’re using a browser, you can go to the Privacy tab and select “Block all cookies.”. Please note that disabling cookies may limit the functionality of certain features on our website.

‍

Your Privacy Rights

Depending on your jurisdiction, you may have rights to: 
‍

• Access the personal information we hold about you

• Request corrections or deletions

• Opt-out of marketing communications
  Withdraw consent where processing is based on consent

‍

To exercise your rights, please contact us using the information below.

‍

Privacy Questions

‍

If you have questions about Pocket CISO’s Privacy Policy or privacy practices, or you would like to contact our Data Protection Officer, you can contact us at privacyrequest@pocket-ciso.com. You can also ask us questions about how to submit a privacy complaint, a data privacy request, or a Data Subject Access Request (DSAR) and we will endeavor to help.

‍

Pocket CISO takes your privacy questions seriously. A dedicated human reviews your inquiry to determine how best to respond to your concern or question, including those inquiries received in response to a data access request. All substantive communications will receive a response. If you ask us, we will endeavor to provide you with information about relevant complaint avenues which may be applicable to your circumstances.