Privacy Policy

Protected Harbor's business customers are the data controllers for most information entered into the Protected Harbor web application, website, and supporting systems or shared periodically with Protected Harbor employees to deliver services. This positions Protected Harbor as the data processor for most information stored and processed by Protected Harbor.

Some pieces of information are collected directly by Protected Harbor to facilitate security, logging, and application performance. These items include IP addresses and behavior within the Protected Harbor platform. For these pieces of information, Protected Harbor acts as the data controller and processor. Additionally, Protected Harbor employs a variety of technologies and partners that periodically act as sub-processors.

If users have any questions or concerns about the processing and handling of their personal information, they may communicate directly with the Privacy Officer.

It is important ethically and legally to provide reasonable transparency to data subjects concerning the processing and handling of their personal data. Protected Harbor maintains an up-to-date privacy notice that is made available to all customers and users of the Protected Harbor platform and services. Employees and contractors must read this privacy notice. If errors or concerns are discovered, findings must be shared with the Privacy Officer.

The concept of privacy by design must be applied to every new product, project, or service and if a change of substance to a current product, project, or service occurs. Privacy by design involves considering privacy at every project stage: planning, design, development, testing, launch, maintenance, and end of life.

In applying privacy by design, the following elements must be considered: types of data collected, the purposes of processing, legal basis of processing, data residency and cross-border transfer, retention time, and data subject rights.

A privacy impact assessment and a threat risk assessment must be conducted as part of the planning and design phases of the project. They must be updated before launch to factor in changes in scope that occur throughout the product development. Additionally, these assessments must be reviewed at least annually or in the event of a significant change in scope, business use case, architecture, or legal landscape.

Below are the legal bases for Protected Harbor to collect personal information:

Users have given their consent for one or more specific purposes. Provision of data is necessary for the performance of an agreement with the user. Processing is necessary for compliance with a legal obligation. Processing is necessary for the legitimate interests pursued by the controller or a third party.

Protected Harbor respects and upholds the rights of data subjects. These rights include the right to access personal data, the right to correct inaccurate data, the right to erasure, the right to restrict processing, the right to data portability, and the right to object to processing.

Requests related to data subject rights may be submitted directly to the Privacy Officer. Protected Harbor will respond to all valid requests within the timeframes required by applicable law.

For questions or concerns about this privacy policy or the handling of your personal information, please contact Protected Harbor's Privacy Officer directly.

Protected Harbor, Inc. Email: info@protectedharbor.com Phone: 201-957-1616