Privacy Policy — ImpactGuard

1. Information We Collect

When you take an assessment, we collect the answers you provide (industry, revenue range, employee count, and security posture questions). If you choose to create an account, we also collect your email address and company name. We do not collect passwords directly — authentication is handled by our identity provider.

2. How We Use Your Information

Your assessment answers are used solely to calculate your cyber risk profile and generate your report. We do not sell, share, or use your data for advertising. Aggregated, anonymized data may be used to improve our risk models.

3. Data Storage & Security

Your data is stored securely with encryption at rest and in transit. We use industry-standard security practices and regularly review our security posture.

4. Data Retention

Assessment data is retained for as long as your account is active. You may request deletion of your data at any time by contacting us at privacy@impactguard-site.

5. Cookies & Analytics

We use essential cookies for site functionality and may use analytics tools (such as Google Analytics 4) to understand how our service is used. You can disable cookies in your browser settings.

6. Third Parties

We do not share your personal data with third parties except as necessary to provide our service (e.g., payment processing via Stripe, email delivery via SendGrid). These providers are bound by their own privacy policies.

7. Contact

If you have questions about this policy, contact us at privacy@impactguard-site.