PRIVACY NOTICE

Last updated October 13, 2025

This privacy notice for Vard & Wolfe Cybersecurity ("Company," "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"), such as when you:

• Visit our website at https://vardwolfe.com, or any website of ours that links to this privacy notice
• Engage with our contact forms to inquire about cybersecurity services
• Submit careers applications for job opportunities
• Interact with website analytics tools for site performance monitoring

Vard & Wolfe Cybersecurity is a cybersecurity firm based in the United States, specializing in protecting businesses from digital threats through services like threat detection, risk assessment, and security consulting. We are committed to complying with applicable data privacy laws, including the California Consumer Privacy Act (CCPA) for California residents and the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA) or where GDPR applies to our processing activities.

Table of Contents

1. Personal Information We Collect
2. How We Collect Personal Information
3. Why We Collect and Use Personal Information
4. How We Share, Sell, or Disclose Personal Information
5. Cookies and Other Tracking Technologies
6. Your Rights Over Your Personal Information
7. International Data Transfers
8. Data Retention
9. Children's Privacy
10. Universal Opt-Out Mechanisms
11. Data Security
12. Changes to This Privacy Notice
13. Contact Us

Personal Information We Collect

We collect personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household ("personal information"). In particular, we have collected the following categories of personal information within the last twelve (12) months:

• Identifiers, such as your name, email address, phone number, and IP address
• Commercial information, such as records of services inquired about or job applications submitted
• Internet or other similar network activity, such as browsing history, search history, and interactions with our website
• Professional or employment-related information, such as resume details, work experience, and education history from careers applications

Personal information does not include publicly available information from government records, deidentified or aggregated consumer information, or information that is not associated with an identifiable consumer.

We do not collect sensitive personal information as defined under applicable laws, such as precise geolocation, racial or ethnic origin, religious beliefs, or health data.

How We Collect Personal Information

We collect personal information directly from you, automatically through our website, and from third parties. Specifically:

• Directly from you: When you submit information via contact forms (e.g., name, email, phone, and inquiry details) or careers applications (e.g., resume, contact details, and professional history).
• Automatically: Through website analytics tools that collect data like IP addresses, browser types, and usage patterns to improve site functionality and security.
• From third parties: Such as analytics providers (e.g., Google Analytics) that share aggregated usage data, or job application platforms that forward candidate information.

Why We Collect and Use Personal Information

We process personal information for the following business and commercial purposes:

• To respond to inquiries and provide cybersecurity services or consultations via contact forms
• To review and process careers applications for recruitment purposes
• To analyze website traffic and improve user experience through analytics
• To communicate with you about our services, job opportunities, or updates
• To comply with legal obligations, prevent fraud, and enhance security
• For internal research, analytics, and business development related to cybersecurity offerings

Under CCPA, we do not sell personal information. We may use personal information for the purposes disclosed, and we will not use it for materially different, unrelated, or incompatible purposes without providing notice.

For GDPR purposes, our processing is based on legitimate interests (e.g., providing services and improving our website), consent (e.g., for marketing communications), or contractual necessity (e.g., processing job applications).

How We Share, Sell, or Disclose Personal Information

We may disclose personal information to the following categories of third parties for business purposes:

• Service providers, such as email platforms, analytics tools (e.g., Google), and hosting providers, who assist with website operations and data processing
• Professional advisors, like legal or HR consultants, for recruitment or compliance
• Business partners in cybersecurity collaborations, only as necessary for service delivery

We do not sell personal information. Disclosures are limited to what is necessary, and we require third parties to protect data through contracts. Under GDPR, we ensure appropriate safeguards for any international transfers.

Cookies and Other Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect information about your interactions with our website. These include:

• Essential cookies for site functionality
• Analytics cookies (e.g., Google Analytics) to track usage and performance
• Functional cookies to remember preferences

You can manage cookies through your browser settings. For more details, see our Cookie Policy. Under CCPA and GDPR, you have rights to opt out of certain tracking.

Your Rights Over Your Personal Information

Depending on your location, you may have the following rights:

• CCPA Rights (California Residents): Right to know categories of personal information collected, disclosed, or sold; right to delete personal information; right to opt out of sales (though we do not sell); right to non-discrimination.
• GDPR Rights (EEA Individuals): Right to access, rectify, erase, restrict processing, data portability, object to processing, and withdraw consent.

To exercise these rights, contact us at info@vardwolfe.com. We will verify your identity and respond within the legally required timeframe (e.g., 45 days under CCPA, one month under GDPR). For CCPA, you may also use an authorized agent.

International Data Transfers

As a US-based company, we may transfer personal information to the United States or other countries. For GDPR compliance, we use Standard Contractual Clauses or other approved mechanisms to ensure adequate safeguards for EEA data transfers.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this notice, or as required by law. For example:

• Contact form inquiries: Up to 2 years
• Careers applications: Up to 1 year after position closure, or longer if hired
• Analytics data: Aggregated and anonymized after 26 months

We securely delete or anonymize data when no longer needed.

Children's Privacy

Our Services are not directed to children under 13 years of age, and we do not knowingly collect personal information from children under 13. If we learn we have collected such data in violation of COPPA, we will delete it promptly. Parents or guardians who believe we have collected their child's data should contact us at info@vardwolfe.com.

Universal Opt-Out Mechanisms

We honor Global Privacy Control (GPC) signals and other universal opt-out mechanisms as valid requests to opt out of the sale or sharing of personal information under applicable US state laws.

Data Security

We implement reasonable administrative, technical, and physical safeguards to protect personal information from unauthorized access, loss, or misuse, including encryption, firewalls, and access controls appropriate for a cybersecurity firm. However, no system is completely secure, and we cannot guarantee absolute security.

Changes to This Privacy Notice

We may update this privacy notice from time to time. The updated version will be posted on our website with the "Last updated" date. We encourage you to review it periodically.

Contact Us

If you have questions about this privacy notice, our data practices, or wish to exercise your rights, please contact us:

Vard & Wolfe Cybersecurity
Atlanta, GA | Chicago, IL | Dallas, TX | Los Angeles, CA | New York, NY | Tallahassee, FL
Email: info@vardwolfe.com
Phone: 1 (877) 893-4393

For CCPA or GDPR-specific requests, use the details above. We do not currently offer a designated Data Protection Officer contact, but our team will handle all inquiries.