top of page

Grace Guard Security Privacy Policy

Effective date: August 20, 2025
Who we are: Grace Guard Security (“we,” “us,” “our”) provides cybersecurity consulting services to small businesses. We are based in San Diego, California.
​

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website, contact us, or use our services. It applies to our website and to our marketing and customer communications.

We use plain language and keep things short. If anything is unclear, contact us at info@graceguardsecurity.com.

​

1) What we collect

​

Information you give us

  • Contact and business details, for example name, email, phone, company, role, and the content of messages or forms

  • Booking and support details, for example requested service, meeting time, notes, and attachments

  • Payment details handled by our payment processor, for example cardholder name and billing address. We do not store full card numbers

Information collected automatically

  • Technical data, for example IP address, device and browser type, pages viewed, time on page, and general location based on IP

  • Cookies or similar technologies used for site operation, security, and basic analytics

​

Information from third parties

  • Leads or referrals from partners

  • Basic analytics from providers that help us measure site performance

​

Sensitive personal information

We do not intentionally collect sensitive personal information such as government IDs, precise geolocation, or health data through our website. If you send sensitive data to us by mistake, contact us so we can delete it.

​

2) How we use information

  • Provide and improve our website and services

  • Communicate with you, for example respond to inquiries, send booking confirmations, or service updates

  • Process payments and invoices through our payment processor

  • Secure our website and prevent fraud or abuse

  • Meet legal, tax, and compliance obligations

  • With your permission, send optional marketing communications that you can opt out of at any time

​

3) Cookies and analytics

We use essential cookies to run our site and keep it secure. We may use basic analytics to understand site traffic and improve content. You can control cookies in your browser settings. Blocking some cookies may limit site features.

​

4) Do Not Track and Global Privacy Control

Some browsers offer Do Not Track or a Global Privacy Control signal. Our site does not currently respond to these signals. You can still use the choices described in this policy to control marketing and certain data uses.

​

5) How we share information

We do not sell personal information. We do not share personal information for cross context behavioral advertising. We disclose personal information only to:

  • Service providers that work on our behalf, for example website hosting, analytics, email, scheduling, payment processing, document storage, and security

  • Professional advisors and compliance partners, for example legal, accounting, and insurance

  • Authorities when required by law, legal process, or to protect rights and safety

  • A buyer or successor in connection with a merger or similar transaction

Service providers may only use personal information as instructed by us.

​

6) Retention

We keep personal information only as long as needed for the purposes described above and to meet legal and tax requirements. Typical periods are:

  • Inquiry and booking records, up to 3 years

  • Contract, invoice, and payment records, up to 7 years

  • Security and server logs, up to 12 months
    We may retain records longer if required by law or to resolve disputes.

​

7) Your privacy rights

Depending on your location, you may have rights to:

  • Know the categories and specific pieces of personal information we collected about you

  • Access, correct, or delete your personal information

  • Receive a portable copy of certain information

  • Opt out of the sale or sharing of personal information, and limit use of sensitive personal information

  • Not receive discrimination for exercising your rights

​

How to exercise your rights

Send a request to info@graceguardsecurity.com. We will verify your identity before we act on a request. An authorized agent may submit a request with proof of authority.

​

8) California notice at collection

We collect the following categories of personal information for the purposes and retention periods listed below. We disclose these categories to service providers for the business purposes described in Section 5. We do not sell personal information. We do not share personal information for cross context behavioral advertising.

  • Identifiers, for example name, email, phone, IP address. Purpose: communicate, schedule, security, analytics. Retention: see Section 6

  • Customer records and commercial information, for example business contact details, service interest, invoices. Purpose: provide services, billing. Retention: see Section 6

  • Internet or network activity, for example pages viewed and interactions. Purpose: site operation, security, analytics. Retention: up to 12 months

  • Professional or employment related information you choose to provide, for example role or company. Purpose: scoping services, communication. Retention: see Section 6

  • Sensitive personal information: not collected through our website in the ordinary course

To submit a rights request, email info@graceguardsecurity.com. If we deny a request, you may reply to appeal.

​

9) Children’s privacy

Our website and services are directed to businesses and adults. We do not knowingly collect personal information from children under 13. If you believe a child provided personal information, contact us and we will delete it.

​

10) Security

We use administrative, technical, and physical safeguards appropriate to our business to protect personal information. No method of transmission or storage is fully secure. If we detect a security issue that may affect your information, we will act promptly and follow applicable laws.

​

11) International visitors

We are located in the United States. If you use our site from outside the United States, your information may be transferred, stored, and processed in the United States. By using the site, you agree to these transfers.

​

12) Third party links

Our site may link to third party sites or services. This policy does not cover third party practices. Review their privacy policies before providing your information.

​

13) Changes to this policy

We may update this Privacy Policy to reflect changes to our practices or for legal, operational, or regulatory reasons. We will post the updated version with a new effective date. If changes are material, we will provide a more prominent notice.

​

bottom of page