This Policy applies to personal information processed by Ghostwire in connection with the Services. It does not apply to information you submit to third-party websites or services we link to, which are governed by their own privacy practices. We are not responsible for the privacy practices of any third party.
“Personal information” means information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, with a particular individual or household, as defined by applicable law.
We collect only the categories of information we need to provide and operate the Services. The specific categories collected depend on which Service you use and how you interact with it. Categories may include:
We do not request or intentionally collect sensitive personal information (such as government identifiers, precise geolocation, biometric or health information, or financial-account numbers) unless a specific Service explicitly requires it and discloses that collection separately.
We obtain personal information from: (a) you directly, when you create an account, use a Service, or contact us; (b) automatically, as you interact with the Services; and (c) service providers that help us operate the Services (for example, hosting and infrastructure providers).
We use personal information to:
We do not sell your personal information, and we do not share it with third parties for cross-context behavioral advertising, as those terms are defined under applicable U.S. state privacy laws.
If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on one or more of the following legal bases when processing your personal information:
We share personal information only as described below:
We do not sell or rent personal information to third parties for their own marketing purposes.
We and our service providers use cookies, local-storage items, and similar technologies to operate the Services — for example, to keep you signed in, remember your preferences, and protect against abuse. You can control cookies through your browser settings, but disabling them may break parts of the Services that rely on them (such as staying signed in). The Site itself (ghostwiresystems.com) does not currently set tracking or advertising cookies.
We retain personal information for as long as is necessary to provide the Services to you, comply with our legal obligations, resolve disputes, and enforce our agreements. When we no longer need personal information, we will delete, de-identify, or aggregate it, or, if that is not feasible, securely store it and isolate it from further processing until deletion is possible. The specific retention period for any category of information depends on the nature of the information, the purposes for which it is processed, and applicable legal requirements.
We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. Examples include encryption of data in transit using industry-standard transport security, hashed credentials, access controls, and monitoring. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. Use of the Services is at your own risk.
We are based in the United States, and the personal information we process is stored and processed in the United States. If you access the Services from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, where data-protection laws may differ from those in your country. Where required by law, we put in place appropriate safeguards (such as standard contractual clauses) for international transfers.
The Services are not directed to children under the age of 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect personal information from children under that age. If we learn that we have collected personal information from a child under that age without verifiable parental consent, we will delete that information as soon as reasonably practicable. If you are a parent or guardian and believe your child has provided us personal information, please contact us at the address below and we will take appropriate action.
Depending on where you live, you may have certain rights regarding your personal information, including:
To exercise these rights, contact us using the details in Section 20. We will respond within the timeframes required by applicable law. We may need to verify your identity before responding; if you are an authorized agent submitting a request on someone's behalf, we may require proof of authorization. We will not discriminate against you for exercising any of these rights.
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you specific rights regarding your personal information:
Categories of personal information we have collected in the preceding 12 months are described in Section 2 of this Policy. Categories of sources are described in Section 3. Purposes are described in Section 4. Categories of recipients are described in Section 6.
To submit a request, contact us using the details in Section 20. You may also designate an authorized agent to submit a request on your behalf, subject to verification.
If you are in the European Economic Area, the United Kingdom, or Switzerland, in addition to the rights described in Section 12, you have the right to lodge a complaint with the data-protection supervisory authority in your country of residence. The legal bases on which we process your personal information are described in Section 5.
Some browsers transmit “Do Not Track” (DNT) signals or Global Privacy Control (GPC) signals. There is no industry consensus on how DNT signals should be interpreted, and the Services do not currently respond to DNT signals. Where required by law, we treat valid GPC signals as a request to opt out of the sale or sharing of personal information (which, as noted above, we do not engage in).
We do not use personal information to make decisions that produce legal or similarly significant effects about you based solely on automated processing.
The Services may contain links to third-party websites, applications, or services. We do not control and are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third party before providing them with information.
If a security incident affecting your personal information occurs, we will notify you and any applicable regulators as and when required by applicable law, using the contact information we have on file for you.
We may update this Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. If the changes are material, we will provide additional notice (such as by posting a prominent notice on the Site or, where appropriate, by sending you an email). Your continued use of the Services after an updated Policy becomes effective constitutes your acceptance of the updated Policy.
If you have questions, comments, or requests regarding this Privacy Policy or our privacy practices, contact us at:
Please include enough information for us to identify and respond to your request. We may need to verify your identity before processing certain requests.