This Acceptable Use Policy (this “Policy”) describes prohibited uses of the hosted application as well as other services (the “Service”) offered by Information Security Xperts, Inc. (“ISX”) and the related website located at https://www.isxconsulting.com/ (the “Site”).

If you violate this Policy, ISX may suspend or terminate your use of the Service or access to the Site. ISX’s right to suspend or terminate your use of the Service or Site applies even if a breach is committed unintentionally or without your authorization if ISX believes that suspension or termination is necessary to ensure compliance with laws or to protect the rights, safety, privacy, security or property of ISX, its customers or third parties.

ISX may modify this Policy at any time by posting a revised version on the Site. By using the Service or accessing the Site, you agree to the latest version of this Policy.

Intellectual Property

You may not use the Service or Site in any manner that would result in an infringement, dilution, misappropriation or any other violation of intellectual property or proprietary rights of others, including but not limited to copyrights and rights arising from patents, trademarks, and trade secrets.

Inappropriate Content

You are solely responsible for any content published or made available by you through the Service or Site. You may not use the Service or Site to transmit, store, display, distribute or otherwise make available content that is defamatory, libelous, threatening, harassing, abusive, hateful, deceptive, fraudulent, obscene, pornographic, indecent, harmful to minors, or otherwise objectionable, including without limitation content that constitutes child pornography.

Harmful Content

You may not use the Service or Site transmit, store, display, distribute or otherwise make available content or technology that may damage, interfere with, surreptitiously intercept, or expropriate any system, program or data, including without limitation viruses, Trojan horses, bots, worms, scripting exploits, time bombs or other malicious code.

No Framing or Scraping

You may not frame or mirror the Site without ISX’s express prior written consent. You may not use any robot, spider, site search/retrieval application or other manual or automatic device to retrieve, index, “scrape,” “data mine,” or in any way gather any messages, text, files, images, photos, video, sounds, profiles, works of authorship, or any other content from the Service or Site or reproduce or circumvent the navigational structure or presentation of the Service or Site without ISX’s express prior written consent. Notwithstanding the foregoing, ISX grants to the operators of public search engines the permission to use spiders to copy material from the Site for the sole purpose of, and solely to the extent necessary for, creating publicly available searchable indices of such material, but not caches or archives of such material. ISX reserves the right to revoke these exceptions either generally or in specific cases.

Email and Unsolicited Messages

You may not use the Service or Site to transmit unsolicited email or other messages, including without limitation unsolicited bulk email (“spam”), or email or messages that are excessive and/or intended to harass or annoy others. You may not continue to send email or other messages to a recipient who has indicated that he/she does not wish to receive them. You may not alter or obscure email or message headers or assume a sender’s identity (including without limitation by engaging “spoofing”, “phishing” or similar attacks) without the sender’s explicit permission.

System Security

You may not use the Service or Site to violate the security or integrity of any network, computer or communications system, software application or computing device (each, a “System”), including without limitation by attempting to: (a) probe, scan or test the vulnerability of a System or breach or circumvent security or authentication measures without authorization; (b) make network connections to, or otherwise access, a System without authorization; (c) monitor data or traffic on a System without authorization; (d) tamper, reverse-engineer, hack, interfere with, disrupt or disable a System, including without limitation by means of overloading, “flooding,” “mailbombing,” “crashing,” or denial of service attacks; (e) forge any TCP/IP packet header or any part of the header information in any e-mail or newsgroup posting; (f) use another party’s account name or persona without authorization; or (g) take any action in order to obtain a Service to which you are not entitled.

Privacy

You may not use the Service or Site to violate the privacy or confidentiality of others, including by transmitting, storing, displaying, distributing or otherwise making available others’ private or confidential information (including without limitation their account names or personal data associated with their Service or Site account) without authorization.

Compliance with Laws

Without limiting the foregoing prohibitions, you may not use the Service or Site for any illegal purpose or in violation of any laws (including without limitation data, privacy, consumer protection, and export control laws).

No High-Risk Use

You may not use the Service in any situation where failure or fault of the Service could lead to death or serious bodily injury of any person, or to physical or environmental damage. For example, you may not use, or permit any other person to use, the Service in connection with aircraft or other modes of human mass transportation or nuclear or chemical facilities.

Responsibility for End Users

You are responsible for violations of this Policy by anyone using the Service or Site with your permission or using your account on an unauthorized basis. Your use of the Service or Site to assist another person in an activity that would violate this Policy if performed by you is a violation of this Policy. This Policy applies to anyone accessing or using the Service or the Site; however, each prohibition included in this Policy shall be interpreted to include, and apply to, any action directly or indirectly taken, authorized, facilitated, promoted, encouraged or permitted by a user of the Service or Site, even if such person did not themselves violate the prohibition.

Monitoring and Enforcement

ISX reserves the right, but does not assume the obligation, to investigate any violation of this Policy or misuse of the Service or Site. ISX has the right in its sole discretion to edit, refuse to post or remove any material submitted to or posted on the Service or the Site that ISX finds to be in violation of this Policy. ISX may report any activity that it suspects violates any law or regulation to appropriate law enforcement officials, regulators, or other appropriate third parties. Such reporting may include disclosing appropriate customer data. ISX also may cooperate with appropriate law enforcement agencies, regulators, or other appropriate third parties to help with the investigation and prosecution of illegal conduct by providing network and systems information related to alleged violations of this Policy.

Reporting Violations

If you become aware of any violation of this Policy, you must immediately notify ISX by email at [email protected] and provide ISX with assistance, as requested, to stop or remedy the violation.

Privacy Policy

This Privacy Policy explains how information about you is collected, used and disclosed by Information Security Xperts, Inc. (collectively, “ISX,” “we” or “us”) when you use our website [https://www.isxconsulting.com/] (“Website”), online products and monitoring services (“Platform”) (collectively, “Services”), or when you otherwise interact with us. This Privacy Policy also describes your choices regarding use, access and correction of personal information collected about you through our Services. Please read this Privacy Policy carefully and ensure that you understand it before you start to use our Services.

This Website is owned and operated by, or on behalf of, ISX Inc. (“we”, “our” or “us”). We are the data controller in respect of personal information of our users based in the European Union.

By accessing and using the Services, you acknowledge that you have read and understood the content of this Privacy Policy. We reserve the right to update this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of the Privacy Policy and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you a notification). We encourage you to review the Privacy Policy whenever you access the Services or otherwise interact with us to stay informed about our information practices and the ways you can help protect your privacy.

Please use the links below to access the specific sections of this Privacy Policy:

  • Information You Provide to Us On through the Services Website
  • Information We Collect Automatically When You Use the Services
  • Information We Collect from Other Sources
  • Use of Information
  • Sharing of Information
  • Lawful Basis For Processing Your Information
  • Social Sharing Features
  • Log-in Features
  • Advertising and Analytics Services Provided by Others
  • Information Collected on Behalf of Customers in providing our Platform
  • Marketing
  • Security
  • Transfer of Information to the U.S. and Other Countries
  • Your Rights
  • Your Choices
  • Contact Us

INFORMATION WE COLLECT AUTOMATICALLY WHEN YOU USE THE SERVICES

When you access or use the Services we automatically collect information about you, including:

Log Files: We gather certain information about your use of the Services, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to the Services, and store it in log files. We do not monitor, or log data collected from your servers when using the Services, but we may log or monitor information about your access to our Services.

Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information, including cookies and web beacons. For more information about cookies, and how to disable them, please see our Cookie Policy page https://www.isxconsulting.com/legal/cookies/ and Your Choices below.

INFORMATION WE COLLECT FROM OTHER SOURCES

We may also obtain information from other sources and combine that with information we collect through our Services for purposes of advertising and user authentication. For example, if you create or log into your ISX account using your Google Apps credentials via single sign-on, we will have access to certain information such as your name and email address as authorized in your Google Apps profile settings.

USE OF INFORMATION

We may use information about you to:

  • Enable you to have full access to the Services;
  • Provide, maintain and improve the Services;
  • Provide and deliver the products and services you request, process transactions and send you related information, including confirmations and invoices,;
  • Send you technical notices, updates, security alerts, and support and administrative messages;
  • Respond to your comments, questions and requests, and provide customer support;
  • Create your ISX account and identify you when you sign-in to your account in accordance with your agreement with us;
  • Communicate with you about products, services, offers, promotions, rewards, and events offered by ISX and others, and provide news and information we think will be of interest to you;
  • Monitor and analyze trends, usage and activities in connection with the Services;
  • Detect, investigate and prevent fraud and other illegal activities and protect the rights and property of ISX and others;
  • Personalize and improve the Services and provide advertisements, content or features that match user profiles or interests;
  • Notify you about important changes to the Services, including changes or updates to this Privacy Policy;
  • Facilitate contests, sweepstakes and promotions and process and deliver entries and rewards;
  • Link or combine with information we get from others to help understand your needs and provide you with better service;
  • Consider you for possible employment at ISX in connection with an application that you submit; and
  • Carry out any other purpose described to you at the time the information was collected.

SHARING OF INFORMATION

  • We may share your personal information as follows or as otherwise described in this Privacy Policy:
  • With vendors, consultants and other service providers we have vetted and approved who need access to such information to carry out work on our behalf only to the extent necessary for the performance of any contract we enter into with you. This includes companies providing the following services for our Website and/or Platform: hosting services, authentication services, cyber security and anti-fraud services, and advertising;
  • In response to a request for information if we believe disclosure is permitted by, in accordance with, or required by, any applicable law, regulation or legal process such as to comply with a subpoena or applicable court order;
  • With any person to whom disclosure is necessary to enable us to enforce our rights under this Privacy Policy or under any agreement we enter into with you or to protect the rights, property and safety of ISX or third parties;
  • In connection with, or during negotiations of, any merger, sale of ISX assets, financing or acquisition of all or a portion of our business by another company;
  • Between and among ISX and all companies affiliated with ISX who may act for us for any of the purposes set out in this Privacy Policy, including our current and future parents, affiliates, subsidiaries and other companies under common control and ownership;
  • with analytics and search engine providers that assist us in the improvement and optimization of our Website, subject to our Cookies Policy; and
  • With your consent or at your direction.

We may also share aggregated or de-identified information, which cannot reasonably be used to identify you.

LAWFUL BASIS FOR PROCESSING YOUR INFORMATION

We are required to state the lawful basis under which we process the personal data of our users from the European Union. Accordingly, the lawful bases upon which we process your personal information are as follows:

Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it, for instance in relation to direct marketing, we will obtain and rely on your consent in relation to the processing concerned.

Otherwise, we will process your personal data only where the processing is necessary for compliance with a legal obligation to which we are a subject; or

For the purposes of the legitimate interests pursued by us in promoting our business, providing the Platform to our business customers pursuant to or legal agreements with them, and in ensuring the security, accessibility and improvement of our Website and Platform and the development of new technology and services.

EXTERNAL LINKS

The Website may, from time to time, contain links to external sites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. We are not responsible for the privacy policies or the content of such sites.

SOCIAL SHARING FEATURES

The Website may offer social sharing features and other integrated tools (such as the Twitter logo (Larry the Bird)), which lets you share information you find on our website with other media, and vice versa. The Twitter plugin is identifiable by the Twitter (Larry the Bird) logo on our Website. When you visit one of our pages the plugin establishes a direct connection between your browser and the Twitter server. Thus, Twitter receives information from your browser as set out in Twitter’s privacy policy (see below). Please note that we, as provider of the pages, have no knowledge as to the contents of the submitted data or its use by Twitter. For further information please see Twitter’s privacy policy at https://twitter.com/en/privacy#update. For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy policies of the entities that provide these features.

LOG-IN FEATURES

We may allow you to sign up and log in using your Google account. If you sign up using your Google email account, Google will ask your permission to share certain information from your Google account with us. This may include your first name, last name, gender, general location, your timezone and birthday. This information is collected by Google and is provided to us under the terms of Google’s privacy policy which you can find here: https://www.google.co.uk/intl/en/policies/privacy/. You can control the information that we receive from Google using the privacy settings in your Google account.

ADVERTISING AND ANALYTICS SERVICES PROVIDED BY OTHERS

We allow the following companies to serve advertisements on our behalf across the Internet and in applications: Google AdWords, Google analytics, Marketo, Twitter, Facebook, Adroll, Quora, Bing ads, Linkedin, Terminus, Demand base, Instagram, and Reddit using email address and cookies that are collected. These entities use technologies including cookies, web beacons, device identifiers and other tools to collect information about your use of the Services and other websites and applications, including your IP address, web browser, pages viewed, time spent on pages or in apps, links clicked and conversion information. This information may be used by ISX and ISX service providers to, among other things, analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on our Services and other websites and better understand your online activity. For more information about cookies, please see below and for further information about interest-based ads, or to opt out of having your web browsing information used for behavioral advertising purposes, please see ISX’s Cookie Policy at https://www.isxconsulting.com/legal/cookies/.

INFORMATION COLLECTED ON BEHALF OF CUSTOMERS IN PROVIDING OUR PLATFORM

In the case of personal information we handle or receive on behalf of a customer in connection with their access to, and use of, our Platform (“Customer PI”), we have no direct relationship with the customer’s employees or other individuals with whom that customer may interact with respect to the Platform. If you are such an employee or individual and are seeking access to, or would like to correct, amend or delete, Customer PI, you should direct your query to the applicable customer. We will respond within a reasonable timeframe to a customer’s request to remove Customer PI. Please note that the foregoing will not limit EU individuals from making certain requests relating to their personal data as provided in Your Rights below.

We will not use Customer PI except for the purpose of providing and supporting the Services for the applicable customer. Customer PI will be retained for as long as needed for that purpose and as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

MARKETING

Where permitted in our legitimate interest or with your prior consent where required by law, we will use your personal information for marketing and to provide you with promotional update communications by email about our products/services. You can object to further marketing at any time by selecting the “unsubscribe” link at the end of all our marketing and promotional electronic communications to you, or by contacting us using the contact details set out at in the Your Choices and Your Rights sections of this Privacy Policy.

As part of the registration process for events hosted by ISX which you register to attend, we may request personal data such as: your name, address, email address and telephone number, and details relevant to your occupation or employer. This information is required to process your registration for the event and to provide you with relevant event materials. This data may be shared with third party service providers engaged by us as more fully explained in the Sharing of Information section of this Privacy Policy. If you show an interest in an exhibitor at an event hosted by ISX, such as by consenting to have your attendee badge scanned, we will provide your data to such exhibitors who may contact you for their own direct advertising and marketing purposes. In that case, the exhibitors’ use of your information would be subject the exhibitors’ privacy policies. For events sponsored by ISX, the event host may provide your personal data to ISX, subject to your consent. ISX will use the data as set forth in the Use of Information section of this Privacy Policy.

SECURITY

We take reasonable steps, including physical, technical and organizational measures, to protect your personal information from unauthorized access and against unlawful processing, accidental loss, destruction and damage. Unfortunately, transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information submitted to us.

Your personal information will be retained by ISX for the duration of your account and may be retained for a period after this time as necessary and relevant to our legitimate interests, our terms of agreement with you and in accordance with applicable legal obligations. This may include retention necessary to meet our tax reporting requirements as well as time required to enforce the relevant terms of agreement or to identify, issue or resolve legal proceedings.

We may retain a record of your stated objection to the processing of your data, including in respect of an objection to receiving marketing communications, for the sole legitimate purpose of ensuring that we can continue to respect your wishes and not contact you further, during the term of your objection.

TRANSFER OF INFORMATION TO THE U.S. AND OTHER COUNTRIES

ISX is based in the United States. By accessing or using the Services or otherwise providing information to us, you understand that your information will be subject to processing, transfer and storage in and to the U.S. where you may not have the same rights and protections as you do under local law.

In connection with ISX’s processing of personal data it receives in the U.S. from the European Union (“EU Data”), ISX participates in, and complies with, the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (collectively, the “Frameworks”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. ISX has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. ISX is committed to subjecting all EU Data, in reliance on the Frameworks, to the Frameworks’ applicable Principles. For purposes of enforcing compliance with the Frameworks, ISX is subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Without limiting the above, ISX adheres to the Principle of Accountability for Onward Transfer. As noted in Sharing of Information above, we may transfer personal information (including EU Data) to our vendors, consultants and other service providers who need access to such EU Data to carry out work on our behalf. This personal data may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) that may not be subject to equivalent data protection law.

Please direct any inquiries or complaints regarding our compliance with the Principles to the point of contact listed in the Contact Us section below. If ISX does not resolve your complaint, you may submit your complaint free of charge to ISX’s U.S.-based third party dispute resolution provider and designated Privacy Shield dispute resolution provider here: https://feedback-form.truste.com/watchdog/request. Under certain conditions specified by the Principles and more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may also be able to invoke binding arbitration to resolve your complaint.

YOUR RIGHTS

EU individuals have rights in relation to their personal data which is processed by ISX. If you are an EU data subject, you may, by emailing us at [email protected] :

  • Request access to the personal data concerned.
  • Request that any incorrect personal data about you that we are processing be rectified.
  • Request that we erase the personal data concerned.
  • Withdraw your consent at any time where we are processing personal data relating to you on the basis of your prior consent to that processing, after which we shall stop the processing concerned.
  • Lodge a formal compliant with the Information Commissioner in Ireland (or your local EU supervisory authority if you live outside the UK) if you have a complaint about any processing of your personal data being conducted by us.

If the requested EU Data is Customer PI, please include the name of the applicable customer in your request; we will refer the request to that customer to respond directly to you and will support them as needed to respond to your request.

YOUR CHOICES

Account Information

Our customers may access, update or change personal information they have provided by logging into the Services or emailing us at [email protected]

Subject to the terms of their agreements with us, Customers may deactivate their accounts by emailing us at [email protected], but note that we may retain certain personal information as necessary to comply with our legal obligations or for legitimate business purposes, such as to resolve disputes or enforce our agreements. We may also retain cached or archived copies of personal information for a certain period-of-time.

If you are an individual with whom one of our customers interacts with respect to the Services (e.g., an employee of a customer), as noted above, you should direct any requests regarding access, modification or deletion of personal information to the applicable customer.

Cookies

Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services. For more information, please see ISX’s Cookie Policy at https://www.isxconsulting.com/legal/cookies/.

Promotional Communications

You may opt out of receiving promotional emails from ISX by following the instructions in those emails or by emailing [email protected] If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.

CONTACT US

If you have questions or concerns about this Privacy Policy, please contact us at: Information Security Xperts, Inc., 3235 Satellite Blvd Building 400 Suite 300 Duluth, Ga 30078; Email: [email protected].

ISXAcceptable Use