Privacy Policy

Last Updated: October 17, 2025

1. Introduction

Jatagan Security Inc. (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, $\text{[[https://jatagan.com/](https://jatagan.com/)]}$ (the “Website”), or use our services.

We adhere to global privacy standards, including the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other applicable international laws.

2. Contact Information and Data Protection Officer

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Business Name: Jatagan Security Inc.
  • Business Address: 4630 Beloit Dr, Suite 10, Sacramento, CA 95838, USA
  • Contact Email: $\text{[info@jatagan.com]}$
  • Privacy Contact: The contact email above serves as the point of contact for all privacy and data protection inquiries, including exercising your data rights.

3. Personal Data We Collect

We may collect the following categories of personal data, which come from direct input, automatic collection (like analytics), or third-party services:

  1. Identifiers:
    • Examples: Name, email address, phone number, physical address, IP address, unique personal identifiers.
    • Sources of Data: Directly from you (forms), automatically (website analytics), third-party services.
  2. Professional/Employment Information:
    • Examples: Job title, company name, business address.
    • Sources of Data: Directly from you (business inquiries, resumes).
  3. Internet or Network Activity:
    • Examples: Browsing history, search history, information on your interaction with our website, application, or advertisements.
    • Sources of Data: Automatically (cookies, server logs).
  4. Geolocation Data:
    • Examples: General location derived from IP address.
    • Sources of Data: Automatically (server logs, analytics).
  5. Financial/Commercial Information:
    • Examples: Records of products/services purchased, billing details (though we do not store full payment card numbers).
    • Sources of Data: Directly from you (service enrollment).
  6. Inferences Drawn:
    • Examples: Profiles reflecting your preferences, characteristics, and interests (e.g., potential interest in certain security services).
    • Sources of Data: Automatically from collected data.

Sensitive Personal Information (SPI): We do not intentionally collect or process any Sensitive Personal Information, as defined by CPRA (e.g., health data, race, religion, sexual orientation), unless you voluntarily provide it for a specific purpose (e.g., in a job application resume).

4. How We Use Your Personal Data

We use your personal data for the following business purposes:

  • To provide and improve our services (e.g., security consulting, managed services).
  • To manage our relationship with you (e.g., billing, customer support).
  • To communicate with you about our services, promotions, and news.
  • To monitor and analyze usage and trends to improve your experience.
  • To detect, prevent, and respond to fraud, abuse, and security issues.
  • To comply with legal obligations.

5. Legal Basis for Processing (GDPR)

For individuals located in the European Economic Area (EEA), the UK, or Switzerland, we rely on the following lawful bases for processing your personal data, as established by GDPR Articles 6-7:

  1. Lawful Basis: Contract
    • Processing Purpose: Providing Services/Fulfilling Orders.
    • Explanation: Processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into a contract (e.g., a service agreement).
  2. Lawful Basis: Consent
    • Processing Purpose: Marketing/Non-Essential Cookies.
    • Explanation: You have given explicit, informed, and unambiguous consent for a specific purpose (e.g., signing up for a newsletter or accepting non-essential cookies). You can withdraw consent at any time.
  3. Lawful Basis: Legitimate Interest
    • Processing Purpose: Website Operation/Security/Improvement.
    • Explanation: Processing is necessary for the legitimate interests pursued by us or a third party, except where such interests are overridden by your interests or fundamental rights and freedoms (e.g., detecting fraud, ensuring network security, improving our Website).
  4. Lawful Basis: Legal Obligation
    • Processing Purpose: Compliance with Law.
    • Explanation: Processing is necessary for compliance with a legal obligation to which we are subject (e.g., tax, accounting, or audit requirements).

6. Disclosure and Sharing of Personal Data

We will not sell, rent, or lease your personal data to others. We share personal data only with the parties and for the purposes described below:

  • Service Providers: We engage trusted third-party companies and individuals to perform services on our behalf (e.g., web hosting, payment processing, email delivery, customer support). These parties are obligated to process your data only as instructed by us and in compliance with this Privacy Policy and applicable laws.
  • Business Transfers: In connection with a corporate transaction (merger, acquisition, asset sale), your data may be disclosed to the relevant parties.
  • Legal Compliance and Security: We may disclose your data if required by law, subpoena, or if we reasonably believe that such action is necessary to comply with the law, protect the security or integrity of our services, or protect our rights or the rights of others.

CCPA/CPRA Data Sale/Sharing Disclosure

We DO NOT sell your personal information in exchange for monetary consideration.

We DO NOT “share” your personal information for cross-context behavioral advertising.

In the preceding twelve (12) months, we have not sold or shared any personal information for cross-context behavioral advertising.

7. User Rights and Choices

Depending on your location and applicable law, you have the following rights regarding your personal data:

A. GDPR Rights (EEA, UK, Switzerland)

  • Right of Access (Article 15): The right to request copies of your personal data.
  • Right to Rectification (Article 16): The right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure / “Right to be Forgotten” (Article 17): The right to request that we erase your personal data under certain conditions.
  • Right to Restrict Processing (Article 18): The right to request that we restrict the processing of your personal data under certain conditions.
  • Right to Data Portability (Article 20): The right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • Right to Object to Processing (Article 21): The right to object to our processing of your personal data, particularly in relation to direct marketing or processing based on legitimate interests.
  • Right not to be subject to Automated Decision-Making (Article 22): The right to object to decisions based solely on automated processing, including profiling, which produces legal or similarly significant effects concerning you.

B. CCPA/CPRA Rights (California Residents)

  • Right to Know: The right to request disclosure of the categories and specific pieces of personal information we have collected, the categories of sources, the business purposes for collecting, and the categories of third parties with whom we disclose that information.
  • Right to Deletion: The right to request the deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale/Sharing: The right to direct a business not to sell or share your personal information. (As stated in Section 6, we do not sell or share data, but we commit to honoring this right if our policy changes.)
  • Right to Limit Use and Disclosure of SPI: The right to limit the use and disclosure of sensitive personal information. (As stated in Section 3, we do not intentionally collect SPI.)
  • Right to Non-Discrimination: The right not to be discriminated against for exercising any of your CCPA/CPRA rights.

C. Exercising Your Rights

To exercise any of the rights listed above, please submit a verifiable consumer request to us at $\text{[info@jatagan.com]}$. We will respond to your request consistent with applicable laws.

8. Cookies Policy and Consent

Our Website uses “cookies” and similar tracking technologies (like web beacons and pixels).

A. What are Cookies?

Cookies are small text files placed on your device to collect standard Internet log information and visitor behavior information. They help the Website function, improve performance, and provide a better user experience.

B. Types of Cookies We Use

Our Website uses the following types of cookies, categorized by their necessity and consent requirements:

  1. Strictly Necessary Cookies
    • Purpose: Essential for the operation of the Website (e.g., security, authentication, load balancing).
    • Necessity/Consent: Necessary. Cannot be disabled. Lawful basis: Legitimate Interest.
  2. Performance/Analytics Cookies
    • Purpose: To analyze how visitors use the Website (e.g., page visits, error messages) to improve functionality and user experience.
    • Necessity/Consent: Non-Essential. Require prior opt-in consent (GDPR/ePrivacy).
  3. Functionality Cookies
    • Purpose: To remember your preferences (e.g., language, region) and provide enhanced, more personal features.
    • Necessity/Consent: Non-Essential. Require prior opt-in consent (GDPR/ePrivacy).
  4. Advertising/Targeting Cookies
    • Purpose: Used to deliver relevant advertisements and track advertising campaign effectiveness.
    • Necessity/Consent: Non-Essential. Require prior opt-in consent (GDPR/ePrivacy).

C. Consent and Management (GDPR/ePrivacy)

In compliance with GDPR and the ePrivacy Directive, we require your explicit, prior opt-in consent for all non-essential cookies (Performance, Functionality, Advertising).

When you first visit our Website, a clear cookie banner or consent tool will allow you to:

  1. Accept All Cookies
  2. Manage Preferences (allowing you to select which categories to accept)
  3. Reject Non-Essential Cookies

You can change or withdraw your consent at any time by accessing the consent management tool (usually a persistent icon or link on the Website) or by adjusting your browser settings to block or delete cookies.

9. International Data Transfers (GDPR)

Jatagan Security Inc. is based in the United States but serves global visitors. Consequently, your personal data may be transferred to and processed in the United States, which may not have the same data protection laws as your country.

For transfers of personal data originating from the European Economic Area (EEA), the UK, or Switzerland to countries without an adequacy decision (like the US), we implement appropriate safeguards, which may include:

  • Standard Contractual Clauses (SCCs): Implementing the European Commission-approved Standard Contractual Clauses with our service providers to ensure your data receives a level of protection consistent with EU/UK law.
  • Data Transfer Impact Assessments (DTIAs): Conducting regular assessments to ensure that the safeguards applied provide an adequate level of protection.

By using our Website or services, you understand that your data may be transferred to our facilities and those third parties with whom we share it as described in this Policy.

10. Data Security Measures

We are committed to maintaining the security of your personal data. We implement robust physical, technical, and administrative security measures designed to prevent unauthorized access, disclosure, alteration, and destruction of the data we hold. These measures include:

  • Encryption: Using SSL/TLS encryption for data transmission and strong encryption (e.g., AES-256) for data at rest where appropriate.
  • Access Controls: Implementing “least privilege” and “need-to-know” access principles, requiring multi-factor authentication (MFA) for internal systems, and regularly reviewing access lists.
  • Network Security: Employing firewalls, intrusion detection/prevention systems (IDS/IPS), and regular vulnerability scanning.
  • Regular Audits: Conducting regular security audits and penetration testing by independent third parties to identify and remediate vulnerabilities.
  • Employee Training: Providing mandatory and regular data protection and security training to all employees.

11. Data Retention Policy

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you (e.g., as long as you have an active account or service contract).
  • Whether there is a legal obligation to which we are subject (e.g., laws requiring us to keep transaction records for a certain period).
  • Whether retention is advisable considering our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).

Upon expiration of the applicable retention period, we will securely destroy your personal data in accordance with best practices.

12. Children’s Privacy

Our Website and services are not directed to individuals under the age of sixteen (16). We do not knowingly collect personal information from:

  • Children under 16 years of age (GDPR/CPRA): We do not knowingly collect or sell/share the personal information of consumers under 16 years of age.
  • Children under 13 years of age (COPPA): We do not knowingly collect personal information from children under 13.

If we become aware that we have collected personal data from a child without verifiable parental consent, we will take steps to delete that information promptly. If you believe we might have any information from or about a child, please contact us at $\text{[info@jatagan.com]}$.

13. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post the revised version on this page and update the “Last Updated” date at the top of the policy. We encourage you to review this Policy periodically for any changes. Your continued use of the Website after the changes are posted constitutes your acceptance of the revised Policy.