Logo

Privacy Policy

Effective date: November 4, 2025
Website: https://www.threatunknown.com/

This Privacy Policy explains how Threat Unknown ("Threat Unknown," "we," "us," or "our") collects, uses, discloses, and safeguards personal information when you visit our website or contact us about cybersecurity services. It also describes your privacy rights and how you can exercise them.

Scope. This policy covers personal information we collect through our public website, contact forms, email, and phone inquiries from prospective or existing clients. If we process data on behalf of a client as part of a services engagement, that processing is governed by our services agreement and (if applicable) a Data Processing Addendum (DPA) rather than this website policy.

Who we are and how to contact us

If you have questions or wish to exercise a privacy right, contact us at the email above.

Information we collect

We collect the following categories of personal information when you provide it or when it is collected automatically from your device:

Information you provide directly

  • Contact details: name, email address, phone number, company, role/title.
  • Inquiry content: the message you submit, meeting preferences, service needs, and any other details you choose to share.
  • Contract and billing info (if you become a client): business contact information, billing contacts, purchase orders, and similar administrative records.

Information collected automatically

  • Technical and usage data: IP address, device and browser type, pages viewed, referring/exit pages, and timestamps.
  • Cookies and similar technologies: used for essential site functionality and, if enabled, analytics and performance. See Cookies below.

We do not intentionally collect sensitive personal information through our website.

How we use personal information

We use personal information for the following purposes:

  • Provide and improve our website and services.
  • Respond to inquiries and provide proposals.
  • Operate our business. Including customer relationship management (CRM), record keeping, analytics (if enabled), and security monitoring.
  • Legal and compliance. To comply with applicable laws, enforce our terms, and protect our rights and the security of our services.

We use personal information only for purposes a reasonable person would consider appropriate in the circumstances. If we intend to use it for a materially different purpose, we will explain and seek consent where required by law.

Legal bases and consent (Canada)

When required, we obtain your consent to collect, use, and disclose personal information. Consent may be express (e.g., you submit a form) or implied (e.g., you contact us about services). We rely on recognized privacy principles such as identifying purposes, limiting collection, limiting use/disclosure/retention, accuracy, safeguards, openness, individual access, and accountability.

If you subscribe to marketing communications, you may opt out at any time using the unsubscribe link in the message or by emailing us. We comply with Canada's Anti‑Spam Legislation (CASL) where it applies.

Cookies and analytics

  • Essential cookies enable core site features and security.
  • Analytics cookies (if enabled) help us understand site usage to improve content and performance.

You can adjust your browser settings to refuse or delete cookies. If we use non‑essential cookies, we will provide a consent banner where legally required.

Disclosures and service providers

We share personal information only as needed, including with:

  • Service providers (e.g., website hosting, CRM, email service, analytics, security, consultants) bound by confidentiality and appropriate safeguards.
  • Business transfers in connection with a merger, acquisition, or asset sale.
  • Legal disclosures when required by law, regulation, or legal process, or to protect our rights, users, or the public.

We do not sell personal information.

International transfers

We are based in Canada and may store or process information in Canada, the United States, or other locations where our service providers operate. We implement appropriate safeguards for cross‑border transfers where required by law.

Security

We use reasonable physical, organizational, and technical safeguards designed to protect personal information against loss, theft, and unauthorized access, disclosure, copying, use, or modification. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security.

Retention

We retain personal information only as long as necessary to fulfill the purposes outlined in this policy and to comply with legal, tax, or accounting requirements. When information is no longer needed, we will delete or de‑identify it.

Your privacy rights

Your rights depend on where you live. We will make reasonable efforts to honor requests consistent with applicable law.

Canada (PIPEDA)

You may request access to your personal information, correction of inaccuracies, and information about our handling of your data. To submit a request, email privacy@threatunknown.com.

United States

Your rights vary by state. If you are a California resident, you may have rights to know/access, correct, delete, opt out of certain processing (e.g., sale or sharing for cross‑context behavioral advertising), and limit use of sensitive personal information (if applicable), subject to legal conditions. We do not sell personal information. To submit a request, email privacy@threatunknown.com and indicate you are a California resident.

We will verify your identity before responding and may refuse requests where an exemption applies or where verification is not possible.

Children's privacy

Our website and services are intended for business audiences and are not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child provided us personal information, contact us so we can delete it.

Third‑party links

Our site may link to third‑party websites or services we do not control. This policy does not apply to those third parties.

Changes to this policy

We may update this Privacy Policy from time to time. The Effective date above indicates when it was last revised. If we make material changes, we will take reasonable steps to provide notice as required by law.

How to contact us

If you have questions or complaints about this policy or our privacy practices, contact us at privacy@threatunknown.com. You may also have the right to contact the Office of the Privacy Commissioner of Canada or your local privacy regulator.

Quick summary

  • We collect contact details and inquiry content when you reach out about services.
  • We use information to respond to you, operate and secure our website, and run our business.
  • We share data with service providers under safeguards; we do not sell personal information.
  • You can request access or correction (Canada) and may have additional rights in some U.S. states (e.g., California).
  • Contact privacy@threatunknown.com with any questions or requests.