UnderDefense MAXI Privacy Policy

Last updated on July 26, 2023 This privacy notice pertains to UnderDefense Inc. (“Company,” “we,” “us,” or “our“) and explains why and how we may collect, store, use, and/or share (“process“) your information when utilizing our services (“Services“). This includes:
  • Visiting our website, UnderDefense MAXI, or any of our websites linked to this privacy notice.
  • Engaging with us in other relevant ways, such as sales, marketing, or events.
If you have any questions or concerns, reading this privacy notice will provide you with an understanding of your privacy rights and options. If you disagree with our policies and practices, please refrain from using our Services. For further inquiries, please contact us at [email protected].

SUMMARY OF IMPORTANT DETAILS

Below is a summary of key points from our privacy notice. For more detailed information on each topic, you can click on the corresponding link or use the table of contents to find the desired section. What personal information do we collect? The personal information we process depends on your interactions, choices, and the specific features and products you use when engaging with UnderDefense Inc. and our Services. Learn more about the personal information you disclose to us. Do we handle sensitive personal information? We do not process sensitive personal information. Do we receive information from third parties? We may obtain information from public databases, marketing partners, social media platforms, and other external sources. Learn more about information collected from external sources. How do we process your information? We process your information to deliver, enhance, and manage our Services, communicate with you, ensure security and fraud prevention, and comply with applicable laws. With your consent, we may also process your information for other purposes. Our processing activities rely on valid legal grounds. Learn more about how we process your information. When and with whom do we share personal information? We share information with specific third parties in certain situations. Discover more about sharing your personal information and the parties involved. How do we safeguard your information? We have established organizational and technical measures to protect your personal information. However, since no transmission or storage method can guarantee complete security, we cannot assure that unauthorized third parties, such as hackers or cybercriminals, won’t be able to bypass our security and gain access to or modify your information. Find out more about how we protect your information. What are your rights? Depending on your geographical location, privacy laws may grant you specific rights regarding your personal information. Learn more about your privacy rights. How can you exercise your rights? Easily exercise your rights by visiting UnderDefense MAXI or contacting us. We will address and fulfill any requests in accordance with relevant data protection laws. Interested in learning more about how UnderDefense Inc. handles the information we collect? Please review the complete privacy notice.

TABLE OF CONTENTS

1. WHAT INFORMATION DO WE COLLECT?

Personal information you provide to us

In summary: We collect personal information that you voluntarily provide.

When you register on the Services, express interest in obtaining information about us or our products and Services, participate in activities on the Services, or contact us, we collect the personal information that you willingly provide.

Personal Information Provided by You: The personal information we collect depends on the context of your interactions with us, the choices you make, and the specific features and products you use. It may include, but is not limited to:

  • Names
  • Email addresses
  • Usernames
  • Passwords
  • Contact preferences

Sensitive Information: We do not process sensitive information.

Payment Data: If you make purchases, we may collect necessary data to process your payment, such as your payment instrument number and the associated security code. All payment data is stored by HubSpot. You can find their privacy notice link(s) here: https://legal.hubspot.com/privacy-policy.

Social Media Login Data: You have the option to register with us using your existing social media account details (e.g., Facebook, Twitter). If you choose this method, we will collect the information described in the “HOW DO WE HANDLE YOUR SOCIAL MEDIA LOGINS?” section below.

You must provide true, complete, and accurate personal information, and notify us of any changes to such information.

Automatically collected information

In summary: Certain information, such as Internet Protocol (IP) address, browser and device characteristics, is collected automatically when you visit our Services.

When you visit, use, or navigate our Services, we automatically collect specific information. This information does not identify you directly (e.g., name or contact details) but includes data related to your device and usage. It may comprise:

  • Internet Protocol (IP) address
  • Browser and device characteristics
  • Operating system
  • Language preferences
  • Referral URLs
  • Device name
  • Country
  • Location
  • Information about how and when you use our Services
  • Technical information regarding your usage

This information is primarily collected to maintain the security and functioning of our Services, and for internal analytics and reporting purposes.

Similar to many businesses, we also collect information using cookies and comparable technologies.

We gather the following details:
Data on Logs and Usage: This includes service-related, diagnostic, usage, and performance information that our servers automatically collect when you access or use our Services. It is recorded in log files and may consist of your IP address, device details, browser type and settings, and information about your activity within the Services (such as timestamps associated with your usage, viewed pages and files, searches, and other actions taken, including feature usage). It also encompasses device event information (such as system activity, error reports or “crash dumps,” and hardware settings).

Information from External Sources

In Brief: We may acquire limited data from public databases, marketing partners, social media platforms, and other external sources.

We may obtain information about you from external sources to improve our ability to provide relevant marketing, offers, and services, as well as update our records. These sources include public databases, joint marketing partners, affiliate programs, data providers, social media platforms, and other third parties. The information obtained may include mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs, and customized profiles, all for the purposes of targeted advertising and event promotion. When you engage with us on a social media platform using your social media account (e.g., Facebook or Twitter), we receive personal information about you, such as your name, email address, and gender. The collection of personal information from your social media account is subject to your social media account’s privacy settings.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Brief: We process your information to provide, improve, and administer our Services, communicate with you, ensure security and prevent fraud, and comply with legal obligations. We may process your information for other purposes with your consent.

We process your personal information for various reasons, depending on your interaction with our Services, including:

  • Facilitating account creation and authentication, as well as managing user accounts.
  • Delivering and facilitating the requested services.
  • Responding to user inquiries and providing support.
  • Sending you administrative information about our products, services, and changes to our terms and policies.
  • Fulfilling and managing orders, including payments, returns, and exchanges made through the Services.
  • Enabling user-to-user communications.
  • Requesting feedback and contacting you regarding your use of our Services.
  • Sending you marketing and promotional communications based on the personal information you provide. You may opt out of our marketing emails at any time (see “WHAT ARE YOUR PRIVACY RIGHTS?” below for more information).
  • Analyzing usage trends to improve our Services.
  • Protecting individuals’ vital interests to prevent harm.

In Brief: We process your personal information when necessary, based on valid legal reasons, such as your consent, compliance with laws, fulfilling contractual obligations, protecting your rights, or serving our legitimate business interests.

If you are in the EU or UK, the following legal bases apply:

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the legal bases we rely on for processing your personal information. We may rely on the following legal bases:

  • Consent: We may process your information if you have given us permission for a specific purpose. You can withdraw your consent at any time.
  • Performance of a Contract: We may process your personal information to fulfill our contractual obligations to you, including providing our Services or fulfilling a request before entering into a contract.
  • Legitimate Interests: We may process

    your information if it is reasonably necessary to achieve our legitimate business interests, provided they do not outweigh your interests and fundamental rights and freedoms. For instance, we may process your personal information to:

  • Send users information about special offers and discounts.
  • Analyze the usage of our Services to improve user engagement and retention.
  • Understand how our users interact with our products to enhance user experience.
  • Legal Obligations: We may process your information when necessary to comply with our legal obligations, such as cooperating with law enforcement or regulatory agencies, defending our rights, or providing evidence in litigation.
  • Vital Interests: We may process your information to protect your vital interests or those of a third party, especially in situations involving potential threats to someone’s safety.

If you are in Canada, the following applies:

We may process your information based on your permission (express consent) in specific situations, or when your permission can be reasonably inferred (implied consent). You can withdraw your consent at any time.

In exceptional cases permitted by applicable law, we may process your information without your consent, including:

  • Collection being in an individual’s best interests and obtaining consent in a timely manner is not feasible.
  • Investigations, fraud prevention, or business transactions under certain conditions.
  • Information contained in a witness statement necessary for assessing, processing, or settling an insurance claim.
  • Identifying injured, ill, or deceased individuals and communicating with next of kin.
  • Reasonable grounds to believe an individual has been, is, or may be a victim of financial abuse.
  • Expectation that collection and consent would compromise information availability or accuracy, in cases related to investigating a breach of an agreement or violation of Canadian laws.
  • Disclosure required by a subpoena, warrant, court order, or court rules concerning record production.
  • Information produced by an individual during employment, business, or professional activities, consistent with the purpose for which it was collected.
  • Collection solely for journalistic, artistic, or literary purposes.
  • Publicly available information specified by regulations.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Brief: We may share information in specific situations outlined in this section and/or with the third parties listed below.

We may need to share your personal information in the following situations:

Business Transfers: We may share or transfer your information in connection with, or during negotiations of, a merger, sale of company assets, financing, or acquisition of all or part of our business by another company.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Brief: We may use cookies and similar technologies to collect and store your information.

We may employ cookies and similar tracking technologies (such as web beacons and pixels) to access or store information. For specific details on how we use these technologies and how you can refuse certain cookies, please consult our Cookie Notice.

6. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

In Brief: If you choose to register or log in to our Services using a social media account, we may access specific information about you.

Our Services offer the option to register and log in using your third-party social media account details (e.g., Facebook or Twitter logins). If you opt for this method, we will receive certain profile information from your social media provider. The profile information can vary but often includes your name, email address, friends list, profile picture, and other publicly available information on the social media platform.

We will only use the received information for purposes described in this privacy notice or made clear on the relevant Services. Please note that we do not control or bear responsibility for other uses of your personal information by your third-party social media provider. We encourage you to review their privacy notice to understand their collection, use, and sharing of your personal information, as well as the privacy preferences you can establish on their platforms.

7. HOW LONG DO WE RETAIN YOUR INFORMATION?

In Brief: We keep your information for as long as necessary to fulfill the purposes described in this privacy notice, unless otherwise required by law.

We retain your personal information only as long as necessary to fulfill the outlined purposes, unless a longer retention period is mandated or permitted by law (e.g., tax, accounting, or legal requirements). No purpose in this notice necessitates keeping your personal information longer than the duration during which users have an account with us.

Once we no longer have a legitimate business need to process your personal information, we will either delete or anonymize it. If deletion is not currently possible (e.g., due to storage in backup archives), we will securely isolate your personal information from further processing until deletion becomes feasible.

8. HOW DO WE ENSURE THE SAFETY OF YOUR INFORMATION?

To put it simply, we strive to safeguard your personal information by employing a combination of organizational and technical security measures.

We have implemented appropriate and rational security measures, both technical and organizational, to protect the security of any personal information we handle. However, despite our diligent efforts to secure your data, it is important to note that no transmission over the Internet or storage method is completely foolproof. We cannot guarantee that unauthorized third parties like hackers or cybercriminals won’t be able to overcome our security measures and unlawfully collect, access, steal, or alter your information. While we make every effort to protect your personal data, you use our Services at your own risk. It is advisable to access the Services in a secure environment.

9. DO WE COLLECT INFORMATION FROM MINORS?

To be concise, we don’t knowingly collect data from or target individuals under the age of 18.

We do not intentionally request data from or direct marketing at individuals who are under 18 years of age. By using our Services, you confirm that you are either at least 18 years old or, in the case of a minor, that you are their parent or guardian and consent to the minor using our Services. If we discover that we have collected personal information from individuals under 18 years old, we will deactivate the account and take appropriate steps to promptly delete such data from our records. If you become aware that we may have collected personal information from children under the age of 18, please contact us at [email protected].

10. WHAT ARE YOUR PRIVACY RIGHTS?

In brief, depending on your location, such as the European Economic Area (EEA), United Kingdom (UK), and Canada, you may possess certain rights granting you increased access to and control over your personal information. You maintain the ability to review, modify, or terminate your account at any time.

In specific regions, including the EEA, UK, and Canada, you have specific rights as per relevant data protection laws. These rights may include (i) the right to request access to and receive a copy of your personal information, (ii) the right to request rectification or erasure of your personal information, (iii) the right to restrict the processing of your personal information, and (iv) where applicable, the right to data portability. Additionally, there may be circumstances where you have the right to object to the processing of your personal information. You can make such requests by contacting us using the contact information provided in the “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” section below.

We will assess and respond to any requests in accordance with applicable data protection laws.

If you are located in the EEA or UK and believe that we are unlawfully processing your personal information, you also have the right to lodge a complaint with the data protection authority in your respective data protection authority or the UK data protection authority.

Residents of Switzerland can contact the Federal Data Protection and Information Commissioner.

Withdrawal of consent: If we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. You can do so by contacting us using the provided contact details in the “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” section below. However, please note that withdrawing consent will not affect the lawfulness of processing that occurred prior to withdrawal, nor will it impact processing based on lawful grounds other than consent, if permitted by applicable law.

Opting out of marketing and promotional communications: You have the option to unsubscribe from our marketing and promotional communications at any time. You can do this by clicking on the unsubscribe link in the emails we send, or by contacting us using the details provided in the “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” section below. Once you unsubscribe, you will be removed from our marketing lists. However, certain non-marketing messages necessary for account administration, service requests, or other relevant purposes may still be communicated to you.

Account Information

If you wish to review, modify, or terminate the information stored in your account, you have two options:

  1. Log in to your account settings and update your user account.
  2. Contact us using the provided contact information.

Upon requesting account termination, we will deactivate or delete your account and the associated information from our active databases. However, for the prevention of fraud, problem troubleshooting, assisting investigations, enforcing legal terms, or complying with applicable legal requirements, we may retain some information in our records.

Cookies and similar technologies: Most web browsers are initially set to accept cookies. However, you can usually adjust your browser settings to remove or reject cookies. Please note that disabling cookies may impact certain features or services provided through our Services. Additionally, you may opt out of interest-based advertising by advertisers on our Services.

If you have questions or comments regarding your privacy rights, please email us at [email protected].

11. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers, some mobile operating systems, and mobile applications offer a Do-Not-Track (“DNT”) feature or setting. Activating this feature signals your preference to prevent monitoring and collection of your online browsing activities. At present, there is no universally accepted technology standard for recognizing and implementing DNT signals. Therefore, we do not currently respond to DNT browser signals or any other mechanism that automatically conveys your choice of not being tracked online. Should a standard for online tracking be adopted in the future, requiring our compliance, we will update this privacy notice accordingly.

12. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

Briefly, yes. If you reside in California, you possess specific rights regarding your access to personal information.

Under the California Civil Code Section 1798.83, commonly known as the “Shine The Light” law, California residents who use our Services have the right to request and obtain, once a year and free of charge, information about the categories of personal information that we may have disclosed to third parties for direct marketing purposes and the names and addresses of such third parties during the preceding calendar year. If you are a California resident and would like to make such a request, please submit a written request to us using the contact information provided below.

California residents who are under 18 years of age, have a registered account with our Services, and reside in California have the right to request the removal of publicly posted data that they no longer wish to be publicly available. To make such a data removal request, please contact us using the provided contact information below and include the associated email address and a statement confirming your California residency. While we endeavor to remove the data from public display, please note that it may not be completely eradicated from all our systems (e.g. backups, etc.).

CCPA Privacy Notice

According to the California Code of Regulations, a “resident” is:

(1) an individual present in the State of California for purposes other than a temporary or transitory nature, and
(2) any individual domiciled in the State of California who is outside the state for a temporary or transitory purpose.

All other individuals are considered “non-residents.”

If you fall under the definition of “resident,” we are bound by certain rights and obligations concerning your personal information.

What categories of personal information do we collect?

In the past twelve (12) months, we have collected personal information falling into the following categories:

Category Examples Collected

A. Identifiers

Contact details (e.g., real name, alias, postal address, telephone or mobile number, unique personal identifier, online identifier, Internet Protocol address, email address, and account name)

NO

B. Personal information categories listed in the California Customer Records statute

Name, contact information, education, employment, employment history, and financial information

YES

C. Protected classification characteristics under California or federal law

Gender and date of birth

NO

D. Commercial information

Transaction information, purchase history, financial details, and payment information

NO

E. Biometric information

Fingerprints and voiceprints

NO

F. Internet or other similar network activity

Browsing history, search history, online behavior, interest data, and interactions with our websites, applications, systems, and advertisements

NO

G. Geolocation data

Device location

NO

H. Audio, electronic, visual, thermal, olfactory, or similar information

Images, audio, video, or call recordings related to our business activities

NO

I. Professional or employment-related information

Business contact details to provide services at a business level, job title, work history, and professional qualifications for job applications

NO

J. Education Information

Student records and directory information

NO

K. Inferences drawn from other personal information

Inferences to create a profile or summary about individual preferences and characteristics using collected personal information

NO

L. Sensitive Personal Information

NO

We will use and retain the collected personal information as necessary to deliver the Services or for:
Category B – As long as the user has an active account with us
Additionally, we may collect personal information falling outside these categories when you interact with us in person, online, through phone calls, or via mail. Such instances include seeking assistance through customer support channels, participating in surveys or contests, or facilitating the provision of our Services and responding to inquiries.

How do we use and share your personal information?

For detailed information regarding our data collection and sharing practices, please refer to this privacy notice.

To exercise your rights under the California Consumer Privacy Act (CCPA), you can contact us by email at [email protected] or refer to the contact details provided at the bottom of this document.

If you authorize an agent to exercise your opt-out rights, we may deny the request if the authorized agent fails to provide proof of valid authorization to act on your behalf.

Will your information be shared with anyone else?

We may disclose your personal information to our service providers based on written contracts between us and each provider. These service providers are for-profit entities that process information on our behalf, following the same stringent privacy protection obligations mandated by the CCPA.

We may use your personal information for our own business purposes, such as internal research for technological development and demonstration. This activity does not qualify as “selling” your personal information.

UnderDefense Inc. has not disclosed, sold, or shared any personal information for business or commercial purposes with third parties during the preceding twelve (12) months. Furthermore, we will not sell or share personal information belonging to visitors, users, or other consumers of our website in the future.

Your rights regarding your personal data

Right to request data deletion – Request for deletion

You have the ability to request the deletion of your personal information. If you make such a request, we will respect it and delete your personal data, subject to certain exceptions as stipulated by applicable law. Exceptions may include, but are not limited to, the exercise of another consumer’s right to free speech, our legal compliance obligations, or data processing necessary to prevent illegal activities.

  • Right to be informed – Request to know
  • Depending on the circumstances, you have the right to know:
  • Whether we collect and use your personal information.
  • The specific categories of personal information we collect.
  • The purposes for which we collect personal information.
  • Whether we sell or share personal information with third parties.
  • The categories of personal information that were sold, shared, or disclosed for business purposes.
  • The categories of third parties to whom personal information was sold, shared, or disclosed for business purposes.
  • The business or commercial purpose for collecting, selling, or sharing personal information.
  • The specific pieces of personal information collected about you.

As per applicable law, we are not obligated to provide or delete consumer information if it has been de-identified or if it falls under publicly available information.

Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights

We will not discriminate against you if you choose to exercise your privacy rights.

Right to Limit Use and Disclosure of Sensitive Personal Information

We do not process sensitive personal information of consumers.

Verification process

Upon receiving your request, we will verify your identity to ensure that you are the individual about whom we have information in our system. This verification process entails asking you to provide information that can be matched with information previously provided to us. Depending on the nature of your request, we may ask for specific details to match with our records or contact you through previously provided communication methods (e.g., phone or email). Additional verification methods may be employed based on the circumstances.

Information provided in your request will only be used to verify your identity or authority to make the request. We will make all reasonable efforts to avoid requesting additional information for verification purposes. However, if we are unable to verify your identity using the provided information, we may request additional data to complete the verification and ensure security and fraud prevention. Once verification is completed, any additionally provided information will be promptly deleted.

Other privacy rights

You have the right to object to the processing of your personal information.
You can request correction of your personal data if it is inaccurate or no longer relevant, or request restriction of its processing.
You can appoint an authorized agent to make a request under the CCPA on your behalf. We may deny a request from an authorized agent if they fail to provide proof of valid authorization as mandated by the CCPA.
You can choose to opt out of future selling or sharing of your personal information with third parties. Upon receipt of an opt-out request, we will honor it as soon as feasibly possible, but no later than fifteen (15) days from the submission date.
To exercise these rights, please contact us by email at [email protected] or refer to the contact details provided at the bottom of this document. If you have a complaint about how we handle your data, we would like to hear from you.

13. DO VIRGINIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

Certainly, residents of Virginia may possess particular rights regarding their access to and usage of personal information.

Virginia CDPA Privacy Notice

Under the Virginia Consumer Data Protection Act (CDPA):

  • “Consumer” refers to a natural person who is a resident of Virginia, acting solely for individual or household purposes. It does not pertain to a natural person acting within a commercial or employment context.
  • “Personal data” encompasses any information directly or indirectly linked to an identified or identifiable natural person. Personal data excludes de-identified data and publicly available information.
  • “Sale of personal data” denotes the exchange of personal data for monetary consideration.

If you fall under the classification of “consumer,” certain rights and obligations pertaining to your personal data apply.

The information we collect, use, and disclose about you varies depending on your interactions with UnderDefense Inc. and our Services. For more information, please visit the following links:

  • Personal data we collect
  • How we use your personal data
  • When and with whom we share your personal data

Your rights with respect to your personal data

  • Right to be informed whether we process your personal data
  • Right to access your personal data
  • Right to correct inaccuracies in your personal data
  • Right to request deletion of your personal data
  • Right to receive a copy of the personal data you previously shared with us
  • Right to opt out of the processing of your personal data for targeted advertising, sale of personal data, or profiling that significantly impacts decisions (“profiling”)

UnderDefense Inc. has not sold any personal data to third parties for business or commercial purposes. Furthermore, we will not sell personal data belonging to website visitors, users, or other consumers in the future.

Exercise your rights under the Virginia CDPA

For further details regarding our data collection and sharing practices, please refer to this privacy notice.

You may contact us via email at [email protected] or by visiting UnderDefense MAXI, or by using the contact details provided at the bottom of this document.

If you choose to exercise your rights through an authorized agent, we reserve the right to deny the request if the authorized agent fails to provide valid authorization demonstrating their authority to act on your behalf.

Verification process

Reasonable additional information may be requested to verify you and your consumer request. If you submit a request through an authorized agent, we may need additional information to verify your identity before proceeding with the request.

We will respond to your request promptly, but within forty-five (45) days from receipt, unless a reasonable extension of forty-five (45) days is necessary. Any such extension will be communicated, together with the reason for the extension, during the initial 45-day period.

Right to appeal

If we decline to take action on your request, we will provide an explanation of our decision. If you wish to appeal our decision, please email us at [email protected]. Within sixty (60) days of receiving an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, providing an explanation for our decisions. If your appeal is denied, you may contact the Attorney General to submit a complaint.

14. DO WE UPDATE THIS NOTICE?

Certainly, we will update this notice as needed to ensure compliance with relevant laws.

We may revise this privacy notice periodically. The revised version will be identifiable by an updated “Revised” date and will be effective immediately upon accessibility. If significant changes are made, we may provide clear notice of the changes by posting or directly sending a notification. We encourage you to review this privacy notice regularly to stay informed about how we safeguard your information.

15. HOW CAN YOU CONTACT US REGARDING THIS NOTICE?

For any questions or comments about this notice, please email us at [email protected] or reach out by post to:

UnderDefense Inc.
TC Energy Center, 39th Floor
700 Louisiana Street,
Houston, TX 77002
United States

16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

You have the right to request access to your personal information, make changes to it, or have it deleted. To review, update, or delete your personal information, please visit: UnderDefense MAXI