Commitment to Privacy: This Privacy Policy represents our ongoing commitment to protecting your personal information and maintaining transparency in our data practices. As a cybersecurity company, we understand the critical importance of data protection and apply the same rigorous standards to your privacy that we help our clients achieve.
Last Review Date: This policy is reviewed annually and updated as needed to reflect changes in technology, law, and best practices.
Privacy Policy
Effective Date: January 1, 2025
Last Updated: January 1, 2025
Your Privacy Matters: Ether Technology Inc is committed to protecting your privacy and securing your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cybersecurity services, websites, and applications.
1. Information We Collect
We collect several types of information from and about users of our Services, including:
1.1 Personal Information You Provide
Account Information:
- Name, email address, phone number
- Company name and job title
- Billing and payment information
- Account preferences and settings
Professional Information:
- Security clearance level (if applicable)
- Professional certifications (CISSP, CEH, etc.)
- Industry and organization type
- Use case and testing requirements
Communication Data:
- Customer support inquiries and correspondence
- Training session recordings (with consent)
- Feedback and survey responses
- Marketing communication preferences
1.2 Information Automatically Collected
Technical Information:
- IP address and geolocation data
- Device type, operating system, and browser information
- Network connection details
- Access logs and usage patterns
Usage Analytics:
- Tool usage statistics and performance metrics
- Feature utilization and session duration
- Error logs and diagnostic information
- Security test results and vulnerability data
1.3 Sensitive Information Handling
Security Testing Data: During authorized security assessments, our tools may incidentally access sensitive information. We implement strict data minimization practices and do not intentionally collect or store sensitive personal data discovered during testing.
2. How We Use Your Information
We use the information we collect for the following purposes:
2.1 Service Provision
- Providing and maintaining our cybersecurity services
- Processing payments and managing subscriptions
- Authenticating users and preventing unauthorized access
- Delivering customer support and technical assistance
2.2 Service Improvement
- Analyzing usage patterns to improve our tools and services
- Developing new features and cybersecurity solutions
- Conducting security research and threat analysis
- Enhancing user experience and interface design
2.3 Communication
- Sending service-related notifications and updates
- Providing security alerts and threat intelligence
- Delivering educational content and training materials
- Marketing communications (with your consent)
2.4 Legal and Security Purposes
- Complying with legal obligations and regulatory requirements
- Investigating and preventing fraud, abuse, or security incidents
- Protecting our rights and the rights of our users
- Maintaining audit trails for compliance purposes
3. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your personal data based on the following legal grounds:
| Processing Purpose |
Legal Basis |
| Service delivery and account management |
Contract performance |
| Payment processing |
Contract performance |
| Customer support |
Legitimate interest |
| Service improvement and analytics |
Legitimate interest |
| Marketing communications |
Consent |
| Legal compliance |
Legal obligation |
| Security and fraud prevention |
Legitimate interest |
4. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:
4.1 Service Providers
- Cloud hosting and infrastructure providers
- Payment processors and billing services
- Customer support and communication platforms
- Analytics and monitoring services
All service providers are bound by strict data processing agreements and security requirements.
4.2 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to equivalent privacy protections.
4.3 Legal Requirements
We may disclose your information when required by law, court order, or to:
- Comply with legal processes or government requests
- Protect our rights, property, or safety
- Investigate potential violations of our Terms of Service
- Prevent or address security or technical issues
4.4 Consent-Based Sharing
With your explicit consent, we may share information for purposes such as:
- Industry research and whitepapers (anonymized data only)
- Partner integrations and third-party services
- Educational case studies (with anonymization)
5. Data Security and Protection
Security is Our Priority: As a cybersecurity company, we implement industry-leading security measures to protect your data.
5.1 Technical Safeguards
- Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Multi-factor authentication and role-based access
- Network Security: Firewalls, intrusion detection, and monitoring
- Secure Development: Security-first coding practices and regular audits
5.2 Organizational Safeguards
- Regular security training for all employees
- Background checks for personnel with data access
- Incident response and breach notification procedures
- Annual third-party security assessments
5.3 Compliance Certifications
- SOC 2 Type II compliance
- ISO 27001 information security management
- Regular penetration testing and vulnerability assessments
- GDPR and CCPA compliance frameworks
5.4 Data Breach Response
In the unlikely event of a data breach:
- We will notify affected users within 72 hours
- Regulatory authorities will be notified as required
- We will provide detailed information about the incident
- Immediate steps will be taken to secure affected systems
6. Data Retention
We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy:
| Data Type |
Retention Period |
Justification |
| Account information |
Duration of account + 7 years |
Legal and tax obligations |
| Payment data |
7 years after last transaction |
Financial record requirements |
| Usage logs |
2 years |
Security monitoring and service improvement |
| Support communications |
3 years |
Quality assurance and training |
| Marketing data |
Until consent withdrawn |
Ongoing marketing activities |
| Security incident data |
7 years |
Legal and regulatory requirements |
6.1 Data Deletion
When retention periods expire or upon your request, we securely delete your data using:
- Cryptographic erasure for encrypted data
- Multi-pass overwriting for unencrypted data
- Physical destruction of storage media when necessary
- Verification of complete data removal
7. Your Privacy Rights
You have the following rights regarding your personal information:
Universal Rights (All Users)
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your personal data
- Opt-out: Unsubscribe from marketing communications
GDPR Rights (EEA Residents)
- Portability: Receive your data in a machine-readable format
- Restriction: Limit processing of your personal data
- Objection: Object to processing based on legitimate interest
- Automated Decision-Making: Opt-out of automated profiling
CCPA Rights (California Residents)
- Know: Right to know what personal information is collected
- Delete: Right to delete personal information
- Opt-out: Right to opt-out of sale (we don't sell data)
- Non-discrimination: Equal service regardless of privacy choices
7.1 Exercising Your Rights
To exercise your privacy rights:
- Email us at privacy@ethertechnology.com
- Use the privacy controls in your account settings
- Contact our Data Protection Officer (see contact section)
- Submit requests through our privacy portal
We will respond to requests within 30 days (or as required by applicable law) and may require identity verification.
8. International Data Transfers
We may transfer your personal information to countries outside your jurisdiction. When we do:
8.1 Transfer Safeguards
- Standard Contractual Clauses (SCCs) for EU data transfers
- Adequacy decisions where available
- Data Processing Agreements with all vendors
- Regular assessments of transfer mechanisms
8.2 Data Localization Options
For enterprise customers, we offer:
- Regional data residency options
- On-premises deployment solutions
- Hybrid cloud configurations
- Data sovereignty compliance packages
9. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience and analyze usage:
9.1 Types of Cookies
| Cookie Type |
Purpose |
Duration |
| Essential |
Core functionality and security |
Session |
| Analytics |
Usage statistics and performance |
2 years |
| Functional |
User preferences and settings |
1 year |
| Marketing |
Targeted advertising (with consent) |
1 year |
9.2 Cookie Management
You can control cookies through:
- Browser settings and preferences
- Our cookie consent banner
- Account privacy settings
- Third-party opt-out tools
10. Third-Party Services
Our Services may integrate with or link to third-party services:
10.1 Integrated Services
- Payment processors (Stripe, PayPal)
- Authentication providers (OAuth, SAML)
- Cloud services (AWS, Azure, GCP)
- Analytics platforms (Google Analytics)
10.2 Third-Party Privacy
These services have their own privacy policies. We recommend reviewing:
- Third-party privacy policies before use
- Data sharing permissions and controls
- Integration security and encryption
- Your rights regarding third-party data processing
11. Children's Privacy
Our Services are designed for business and professional use. We do not:
- Knowingly collect information from children under 16
- Target marketing to minors
- Allow account creation by individuals under 18 without parental consent
- Process personal data of children for educational purposes without proper safeguards
If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.
12. California Privacy Rights (CCPA)
For California residents, additional rights and disclosures apply:
12.1 Categories of Personal Information Collected
- Identifiers (name, email, IP address)
- Commercial information (subscription data, usage patterns)
- Internet activity (browsing behavior, search history)
- Professional information (job title, company, certifications)
- Inferences (preferences, characteristics, behavior)
12.2 Business Purposes for Collection
- Service provision and customer support
- Security and fraud prevention
- Business operations and analytics
- Legal compliance and protection
12.3 CCPA Rights Exercise
California residents can exercise CCPA rights by:
- Calling our toll-free number: [Phone Number]
- Submitting a request at: privacy@ethertechnology.com
- Using our online privacy portal
- Authorizing an agent to act on your behalf
13. Changes to This Privacy Policy
We may update this Privacy Policy to reflect:
- Changes in our services or business practices
- Legal or regulatory requirements
- Industry best practices and standards
- User feedback and requests
13.1 Notification of Changes
We will notify you of material changes by:
- Posting the updated policy on our website
- Sending email notification to registered users
- Displaying prominent notices in our services
- Providing 30 days' advance notice for significant changes
Your continued use of our Services after changes take effect constitutes acceptance of the updated Privacy Policy.
14. Contact Information
Response Times: We will respond to privacy requests within 30 days (or as required by applicable law). Complex requests may require additional time, and we will notify you if an extension is needed.