Privacy Policy | SC Media

Privacy Policy

Date of Last Revision: May 25, 2023

CyberRisk Alliance, LLC (“CyberRisk Alliance”, “our”, “us”, or “we”) wants to help you better understand how we collect, use, protect, and share your Personal Data. This Privacy Policy is designed to help you understand your privacy choices when you visit our Website or use our Mobile Apps or any of our Services. It does not apply to other websites or services that we do not control, including websites or services of other CyberRisk Alliance users. Unless otherwise defined herein, capitalized terms shall have the meaning ascribed them in the Terms of Service.

This Privacy Policy is incorporated into, and forms an integral part of, the CyberRisk Alliance Terms of Service (“Terms of Service”). Please note that our services may vary by region.

We encourage you to read this Privacy Policy carefully and take the time to get to know our privacy practices. By accessing the Websites, Mobile App, and/or the Services, you are bound by all terms and conditions in the Terms of Service and this Privacy Policy. If you do not wish to be bound, you may not access the Websites, Mobile App, and/or the Services.

  1. Definitions
    1. Information Types.
      1. “Account Information” means data about how and when a CyberRisk Alliance account is accessed and the features used.
      2. “Browser Information” means data or information provided by a browser, including the IP address, the website visited, network connection, device information, and other data, including Cookies.
      3. “Contact Information” means basic personal and business information, such as first and last name, company name, email address, postal address, phone number, and may include social media account information.
      4. “Device Information” means information about your device, such as device ID number, model, and manufacturer, version of your operating system and geographical region, collected from any devices when accessing our website, using the Mobile App, or any of our services.
      5. “Security Information” means user ID, password and password hints, and other security information used for authentication and account access.
      6. “Support Information” includes information about your hardware and software, authentication data, chat session contents, error reports, performance data, and other communication or technical information and may, with express permission, include remote access to facilitate troubleshooting.
      7. “Usage Information” means information collected when you interact with the CyberRisk Alliance website, mobile application or any of our services, including functionalities accessed, pages visited, and other interaction data.
    2. “Automated Decision Making” means a decision made solely by automated means without human involvement.
    3. “Controller” means an entity that determines the purposes and means of the Processing of Personal Data.
    4. “Cookie” means a small file that resides on your computer’s hard drive that often contains an anonymous unique identifier that is accessible by the website that placed it there, but is not accessible by other sites.
    5. “Member” means an entity or natural person that registers to become a member of the Services.
    6. “Mobile App” means the CyberRisk Alliance Mobile Application available through third-party app stores for mobile devices.
    7. “Personal Data” or “Personal Information” means information that (i) relates to an identified or identifiable natural person, or (ii) identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
    8. “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, including, but not limited to, alteration, collection, organization, recording, retrieval, storage, transmission, and use.
    9. “Processor” means the entity that processes Personal Data on behalf of the Controller.
    10. “Services” means all CyberRisk Alliance content, memberships, services, and materials located on or accessible through the Websites and the Mobile Apps.
    11. “Third-Party Products” means any third-party information, website, product, service, or materials referenced in, accessible through, or provided in connection with, the Website or Services.
    12. “User” means an entity or natural person that downloads, uses, or interacts with the CyberRisk Alliance Mobile Apps.
    13. “Visitor” means an entity or natural person that visits or interacts with the CyberRisk Alliance Websites.
    14. “Website” means the CyberRisk Alliance website located at (including all associated internet country codes).
  2. How Do We Collect Information and What Information Do We Collect?
    1. When a User or Member interacts with our Websites, CyberRisk Alliance may collect and control information such as Account Information, Browser Information, Contact Information, Support Information, Device Information, Security Information, Usage Information and set a Cookie.
    2. When a User or Member interacts with our Mobile Apps, CyberRisk Alliance may collect and control information such as Account Information, Contact Information, Device Information, Usage Information and Security Information.
    3. When visitors browse our Websites, or engage in communications with us online or offline, we may collect and control, as applicable, Browser Information, Support Information, Contact Information, and Usage Information submitted or communicated to us.
    4. We may collect the following types of information from you or your device(s):
      1. identifiers, such as Browser Information, Device Information, and Security Information;
      2. commercial information, such as Account Information, Contact Information, and Usage Information;
      3. internet or network information, such as Browser Information and Device Information;
      4. geolocation data, such as Browser Information and Device Information;
      5. other Personal Information, such as Support Information; and/or
      6. information derived from other categories, which could include your preferences, interests, and other information used to personalize your experience.
  3. How We Use the Information We Collect? We use the information we collect in our role as a Controller to:
    1. provide our Services;
    2. confirm identities;
    3. to communicate with you, including required communications regarding your account, security, or updates regarding our Services or polices, and to send promotional communications;
    4. improve and personalize communications, interactions, and our Services, such as push notifications regarding your activities;
    5. provide support such as debugging, troubleshooting, automated decision making such as the detection of fraudulent account creation when signing up for our Services;
    6. for advertising and marketing, invoicing, to resolve incidents related to the use of our Websites and Services;
    7. to comply with legal requirements,
    8. create potential sales contacts (“Leads”);
    9. as may be necessary in a business transaction concerning the sale or transfer of our assets; and/or
    10. in other cases where the Visitor has given express consent.
  4. How We Share the Information We Collect? We may access, transfer, or disclose the Personal Data with your consent or if we have a good faith belief that doing so is necessary to: (i) comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; or (ii) protect the rights or property of CyberRisk Alliance, including enforcing the terms governing the use of the Services. We may access certain Personal Data, limited to First Name, Last Name, Email, Title, Title Level, Functional Area, Phone, Address or Street, City, Zip Code, State, Country, Company, Company Size, and Industry, in the creation of our Leads and we may transfer and disclose that certain Personal Data to the Third Parties that purchase our Leads and third-party data partners.
  5. Cookies.
    1. Usage. CyberRisk Alliance and its third-party service providers use cookies, web beacons, and similar tracking technologies to recognize you when you visit our Websites, remember your preferences, and give you a personalized experience. When you visit our Website, we, or an authorized third party, may place a Cookie on your device that collects information, including Personal Data, about your online activities over time and across different sites. Cookies allow us to track use, infer browsing preferences, and improve and customize your browsing experience.
    2. Persistence. We use both session-based and persistent Cookies on our Websites. Persistent Cookies remain on your computer when you have gone offline, while session Cookies are deleted as soon as you close your web browser. A website may set a Cookie if the browser’s preferences allow it. A browser only permits a website to access the Cookies that it has set, not those set by other websites.
    3. Types.
      1. Essential. These Cookies are necessary for our Websites to work as intended.
      2. Functional. These Cookies enable enhanced functionality, like videos and live chat. Without these Cookies, certain functions may become unavailable.
      3. Analytics. These Cookies provide statistical information on site usage. For example, these Cookies enable web analytics that allow us to improve our website over time.
      4. Targeting and Advertising. These Cookies are used to personalize content to enhance your experience.
    4. Control. It is possible to disable Cookies through your device or browser settings, but doing so may affect your ability to use our website. For instance, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Websites. The method for disabling Cookies may vary by device and browser, but can usually be found in preferences or security settings. Please use the following links for further instructions:
      1. Google Chrome
      2. Apple Safari
      3. Mozilla Firefox
      4. Microsoft Internet Explorer
    5. Other Resources.To find out more about Cookies, including how to see what Cookies have been set and how to manage and delete them, visit, or
  6. Third Parties. Third Party application stores, such as Apple’s App Store or Google’s Google Play, might collect additional information and share them with us. Please refer to the application store’s Privacy Policy to better understand how they process any of the personal information they collect and share with app publishers like ourselves. Third Party applications, such as Amazon Voice Service, may collect additional information. Please refer to the respective Third Party’s Privacy Policy to better understand how they process any of the personal information they collect and the purposes for collection. While we are dedicated to securing our Websites, Application, and Services, you are responsible for securing and maintaining the privacy of your passwords and account information. We are not responsible for protecting Personal Data shared with a Third Party based on an account connection that you have authorized.
  7. Data Subject’s Rights. Depending on where you reside, you may have data subject rights as set forth based on location of residency below.
    1. UK/UE/EEA Data Subject Rights under the General Data Protection Regulation (GDPR). If you are a resident of the United Kingdom, European Union, or European Economic Area (EEA), you may have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, object to the processing, restrict the processing, request a transfer, or limit the use of your Personal Information. You can exercise rights over your Personal Data against the Controller by submitting a request by clicking manage my personal information form, emailing us at [email protected], with the subject line “GDPR Data Subject Request”, or mail us at the address listed below. When collection is based on your consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal by applicable law. If applicable by national law, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data relating infringes your rights.
    2. California Consumer Privacy Act. If you are a California resident, or were within the last year or at any point since January 1, 2022, you have the following rights under applicable California law in relation to your Personal Information, subject to certain exceptions:
      1. Right to Know. You have the right to, up to twice in a 12-month period, request what Personal Information we collect, use, disclose, share, and/or sell, as applicable.
      2. Right to Delete. You have the right to request the deletion of your Personal Information that is collected by us.
      3. Right to Opt-Out of Sale. You have the right to opt-out of the sale of your Personal Information by a business. However, as noted above, we do not currently sell any Personal Information.
      4. Right to Non-Discrimination. You have the right not to receive discriminatory treatment for the exercise of the privacy rights described above.
      5. Right to Correct. You have the right to correct inaccurate Personal Information that we maintain about you.
      6. Right Not to Be Discriminated Against. You have the right not to receive discriminatory treatment by us for exercising your privacy rights, including the right not to be retaliated against.
We may sell or share (in the context of cross-behavioral advertising which means the targeting of advertising to a consumer based on the consumer’s personal information obtained from the consumer’s activity across businesses including distinctly-branded websites, applications, or services) Personal Information. If we do, you will be notified of it prior to or at the point of such collection for those purposes, and provided a link to opt-out of the selling/sharing of Personal Information.
These rights are not absolute, and there may be cases when we decline your request as permitted by law.
Any request you submit to us is subject to an identification and residency verification process as permitted by the CCPA.
To submit a request pursuant to this Section, please contact us by submitting a request by clicking manage my personal information form, [email protected], with the subject line “California Data Subject Request” or mail us. In the event you have an authorized representative submit a request to delete, request to correct or request to know on your behalf, you will have to provide written authorization demonstrating this grant of authority, which can include a Power of Attorney. Authorized representatives may not submit any other types of requests on your behalf.
For purposes of requests to delete, correct and to know, we will verify your identity based on information we have collected about you, including your name, address, and phone number, but will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the consumer about whom we collected the Personal Information. If we are unable to verify your identity, we may deny your request.
  1. If you are 16 years of age or older, you have the right to direct us not to sell your Personal Information at any time. We do not and will not sell Personal Information of consumers we actually know are less than 16 years of age unless we received affirmative authorization from the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age, to opt-in to the sale of their Personal Information. Upon the receipt of this request to opt-in, we will inform the minor of the right to opt-out later and of the process for doing so.
  2. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
  1. Do Not Track. Do Not Track is a privacy preference that users can set in their web browsers. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. At this time, we do not respond to web browser “do not track” settings or signals. We deploy Cookies and other technologies on our Services to collect information about you and your browsing activity, even if you have turned on the Do Not Track signal.
  2. Protecting Your Personal Information. We implement security measures designed to maintain the security of your Personal Information. These security measures are implemented both during transmission of Personal Information and once received. The security of your Personal Information is important to us. However, no method of safeguarding information is completely secure. While we use measures designed to protect Personal Information, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing the Services is or will be secure.
  3. Transfer of Data. Your Personal Information may be transferred to —and maintained on—computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States, please note that we transfer data, including Personal Information, to the United States and process it there. By using the Services, you understand and acknowledge that your Personal Information will be transferred to and processed in the United States, which may have different data protection rules than in your country We will take steps reasonably designed to treat your Personal Information securely and in accordance with this Privacy Policy, as further described below.
  4. Updates. We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws. You can see when this Privacy Policy was last updated by checking the “Date of Last Revision” date displayed at the top of this Privacy Policy.
  5. Contact Us. For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail or by mail using the details provided below:
CyberRisk Alliance, LLC
400 Madison Ave Ste 6C, New York City, New York, 10017
Attn: Joe Haddock