Privacy Policy

LAST UPDATED: APRIL 2026

Pilsen Cyber Advisors LLC ("Pilsen," "we," "us" or "our") respects your privacy. This Privacy Policy explains what information we collect, how we use it, who we share it with and your rights regarding your data. This policy applies to our website pilsencyberadvisors.com ("Website"), the Pilsen Shield application ("App") and all services we provide.

1. Information We Collect

Information you provide directly

DATA TYPE	WHEN COLLECTED	PURPOSE
Name, email, phone number	Contact forms, consultations, App signup	Service delivery, communication
Business name, address, industry	Consulting engagements, Scorecard tool	Customizing services to your business
Payment information	Service purchase, App subscription	Processing payments (handled by Stripe)
Email address, phone number (for monitoring)	Personal Shield subscription	Breach monitoring, alert generation
Security assessment responses	Scorecard tool, discovery sessions	Generating reports, identifying risks
Chat messages	App support chat	Customer support

Information collected automatically

DATA TYPE	HOW COLLECTED	PURPOSE
IP address, browser type, device info	Website and App usage	Security, analytics, troubleshooting
Pages visited, time on site	Website analytics	Improving our website

Information from third-party sources

DATA TYPE	SOURCE	PURPOSE
Breach exposure data (email, phone)	Security monitoring services	Personal Shield monitoring and alerts
Web mentions	Web monitoring services	Personal Shield monitoring
Payment and subscription status	Payment processor	Billing management

2. How We Use Your Information

We use your information to:

Deliver the services you requested (assessments, implementation, monitoring, reports).
Process payments and manage your subscription.
Monitor breach databases and web sources for your personal information (Personal Shield only).
Generate security reports and alerts.
Communicate with you about your account, services and support requests.
Improve our website, App and services.
Comply with legal obligations.

We do not sell your personal information. We do not use your information for advertising. We do not share your information for marketing purposes.

3. Who We Share Your Information With

We share your information only with the following categories of third parties, and only as necessary to provide our services:

CATEGORY	DATA SHARED	PURPOSE
Payment processor	Payment info, email	Processing payments and managing subscriptions
Cloud infrastructure providers	Account data as needed for service delivery	Application hosting, data storage, API hosting
Security monitoring services	Email, phone number	Breach detection and credential monitoring
Web monitoring services	Name, email, business name	Web mention monitoring
DNS and content delivery	IP address (transit only)	Website performance and security

We may also disclose your information if required by law, subpoena, court order or governmental request, or if we believe disclosure is necessary to protect our rights, your safety or the safety of others.

4. Data Security

We implement industry-standard security measures to protect your information including:

Encryption of data in transit (TLS/SSL) and at rest.
Access controls limiting who can view your data to authorized personnel only.
Secure authentication for the App using Supabase Auth.
Regular review of our security practices.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

Active subscribers: We retain your data for the duration of your subscription plus thirty (30) days after cancellation.
Consulting clients: We retain engagement records for two (2) years after the engagement ends unless a longer retention period is required by law or contract.
Scorecard leads: We retain your email, business name and assessment results for twelve (12) months unless you request deletion sooner.
Website analytics: Retained for twelve (12) months in aggregate form.

You may request deletion of your data at any time by contacting us (see Section 9).

6. Your Rights

Depending on your location you may have the following rights regarding your personal information:

Access: Request a copy of the personal information we hold about you.
Correction: Request that we correct inaccurate information.
Deletion: Request that we delete your personal information.
Portability: Request a machine-readable copy of your data.
Opt-out: Unsubscribe from non-essential communications at any time.

To exercise any of these rights contact us at gio@pilsencyberadvisors.com. We will respond within thirty (30) days.

7. Cookies and Tracking

Our Website may use essential cookies for basic functionality. We do not use advertising cookies or third-party tracking pixels. We do not participate in cross-site tracking or targeted advertising.

8. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will delete it promptly.

9. California Privacy Rights

If you are a California resident you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information we collect, use and disclose.
Right to delete your personal information.
Right to opt out of the sale of personal information. We do not sell personal information.
Right to non-discrimination for exercising your privacy rights.

10. Illinois Privacy Rights

We comply with the Illinois Personal Information Protection Act (PIPA). If a data breach occurs involving your personal information, we will notify you as required by Illinois law. We do not collect biometric information as defined under the Illinois Biometric Information Privacy Act (BIPA).

11. HIPAA

If you are a healthcare provider or other HIPAA-covered entity, the handling of Protected Health Information (PHI) is governed by a separate Business Associate Agreement executed between us. This Privacy Policy does not supersede any BAA obligations.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on the Website with an updated "Last Updated" date. For Personal Shield subscribers, material changes will also be communicated through the App. Your continued use of our services after changes are posted constitutes acceptance.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at:

Pilsen Cyber Advisors LLC
Email: gio@pilsencyberadvisors.com
Phone: (224) 505-3937