[/]

Privacy Policy

Last updated: October 19, 2025

1. Introduction

Undefined, Ltd. ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including our website, SaaS platforms, and professional services.

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access our services.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide when you:

  • Register for an account or subscribe to our services
  • Contact us via email or contact forms
  • Engage us for professional services
  • Participate in surveys, questionnaires, or feedback forms
  • Subscribe to our newsletters or marketing communications

This information may include:

  • Name and contact information (email, phone, address)
  • Company information and job title
  • Account credentials (username and password)
  • Payment information (processed securely through third-party payment processors)
  • Project requirements and business information
  • Any other information you choose to provide

2.2 Information Automatically Collected

When you access our services, we automatically collect certain information, including:

  • Usage Data: Information about how you use our services, including pages visited, features used, and actions taken
  • Device Information: IP address, browser type, operating system, device identifiers, and mobile network information
  • Log Data: Server logs including access times, error messages, and system activity
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to collect information about your browsing behavior

2.3 Information from Third Parties

We may receive information about you from third parties, such as:

  • Authentication services (if you use social login)
  • Payment processors
  • Analytics providers
  • Marketing partners
  • Publicly available sources

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Deliver professional services and custom development work
  • Respond to your inquiries and provide customer support
  • Manage your account and subscription

3.2 Communication

  • Send you service-related notices and updates
  • Respond to your questions and requests
  • Send marketing communications (with your consent)
  • Provide technical support and troubleshooting

3.3 Analytics and Improvement

  • Analyze usage patterns and trends
  • Monitor and improve service performance
  • Develop new features and services
  • Conduct research and analytics

3.4 Security and Compliance

  • Protect against fraud, abuse, and security threats
  • Enforce our Terms of Service and policies
  • Comply with legal obligations and regulatory requirements
  • Resolve disputes and troubleshoot problems

3.5 Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for processing your personal data includes:

  • Contract: Processing necessary to perform our contractual obligations
  • Consent: You have given explicit consent for specific purposes
  • Legitimate Interest: Processing necessary for our legitimate business interests
  • Legal Obligation: Processing required to comply with legal requirements

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

  • Cloud hosting and infrastructure providers
  • Payment processors and financial institutions
  • Email and communication services
  • Analytics and monitoring tools
  • Customer support platforms

These service providers are contractually obligated to protect your information and may only use it to provide services to us.

4.2 Business Transfers

If we are involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or government agencies).

4.4 Protection of Rights

We may disclose information when we believe it is necessary to:

  • Protect our rights, property, or safety
  • Protect the rights, property, or safety of our users
  • Prevent fraud or security threats
  • Enforce our Terms of Service

4.5 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Employee training on data protection practices
  • Incident response and breach notification procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When determining retention periods, we consider:

  • The nature and sensitivity of the information
  • The purposes for which we process the information
  • Legal, regulatory, or contractual obligations
  • Whether we can achieve those purposes through other means

Upon account termination or request for deletion, we will delete or anonymize your personal information within a reasonable timeframe, subject to legal retention requirements.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

You have the right to request access to the personal information we hold about you and receive a copy in a structured, machine-readable format.

7.2 Correction

You have the right to request correction of inaccurate or incomplete personal information.

7.3 Deletion

You have the right to request deletion of your personal information, subject to certain legal exceptions.

7.4 Restriction and Objection

You have the right to request restriction of processing or object to processing of your personal information in certain circumstances.

7.5 Withdraw Consent

Where we rely on consent to process your information, you have the right to withdraw that consent at any time.

7.6 Opt-Out of Marketing

You can opt out of receiving marketing communications by clicking the unsubscribe link in our emails or contacting us directly.

7.7 Exercising Your Rights

To exercise any of these rights, please contact us at reportphishing@apwg.org. We will respond to your request within 30 days (or as required by applicable law).

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of our services.

8.1 Types of Cookies We Use

  • Essential Cookies: Required for basic service functionality
  • Performance Cookies: Help us understand how visitors use our services
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Track your activity for advertising purposes

8.2 Managing Cookies

Most web browsers are set to accept cookies by default. You can usually modify your browser settings to decline cookies or alert you when cookies are being sent. Note that some features of our services may not function properly if cookies are disabled.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from your jurisdiction.

We take appropriate measures to ensure that your information receives an adequate level of protection, including:

  • Standard contractual clauses approved by relevant authorities
  • Data processing agreements with service providers
  • Compliance with applicable data protection frameworks

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

11. Third-Party Links and Services

Our services may contain links to third-party websites, services, or integrations. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.

12. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising your rights

We do not sell personal information as defined by the CCPA.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making
  • Right to lodge a complaint with a supervisory authority

14. Do Not Track Signals

Some web browsers have a "Do Not Track" feature that signals to websites that you do not want your online activities tracked. Currently, there is no standard for how to respond to these signals. At this time, we do not respond to Do Not Track signals.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on our website
  • Updating the "Last Updated" date at the top of this page
  • Sending you an email notification (for significant changes)

Your continued use of our services after such modifications constitutes acceptance of the updated Privacy Policy.

16. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Undefined, Ltd.

Email: reportphishing@apwg.org

For GDPR-related inquiries, you may also contact your local data protection authority.

By using our services, you acknowledge that you have read and understood this Privacy Policy and consent to our collection, use, and disclosure of your information as described herein.