Privacy Policy

Last updated: January 1, 2025  ·  Effective date: January 1, 2025

1. Who We Are

MountainShield, Inc. ("MountainShield," "we," "us") operates the advisory cybersecurity service at mountainshield.example. For privacy-related questions, contact us at support@mountainshield.example.

2. Data We Collect

We collect the following categories of data:

  • Submitted content: URLs, message text, or files you provide for review, along with any context you add.
  • Contact information: Name and email address provided when you contact us or create an account.
  • Submission metadata: Time of submission, plan tier, and case reference ID.
  • Usage data: Pages visited, referrer, and basic interaction data via a minimal analytics stub. We do not use third-party advertising trackers.
  • Payment data: Processed by our payment provider; we do not store card numbers.

3. How We Use Your Data

We use collected data to:

  • Provide and fulfill the advisory service you requested
  • Communicate with you about your submissions and account
  • Detect and prevent fraud or abuse of the Service
  • Improve our assessment accuracy and service quality (in anonymized/aggregated form)
  • Comply with legal obligations

We do not sell your data. We do not use submission content for advertising targeting.

4. Data Retention

Submitted content (URLs, messages, files) is typically retained for 30–90 days after submission, after which it is deleted unless you request otherwise or legal retention obligations apply. Contact information associated with your account is retained while your account is active and for a reasonable period after closure. You may request deletion at any time.

5. Data Sharing

We may share data with:

  • Service processors: Hosting, infrastructure, and payment providers under data processing agreements — strictly for the purpose of delivering the Service.
  • Legal requirements: If required by law, court order, or to protect rights and safety.

We do not sell personal data to data brokers. We do not share submission content with marketing platforms.

6. Your Rights (GDPR and Beyond)

If you are located in the EU/EEA or other jurisdictions with applicable data rights, you have the right to:

  • Access: Request a copy of personal data we hold about you.
  • Deletion: Request erasure of your personal data ("right to be forgotten").
  • Rectification: Request correction of inaccurate data.
  • Portability: Receive your data in a machine-readable format.
  • Objection: Object to certain types of processing.
  • Restriction: Request that processing be limited in certain circumstances.

To exercise these rights, email support@mountainshield.example with "Privacy Request" in the subject line. We will respond within 30 days.

7. Security Measures

All data is transmitted over TLS. Access to personal data is restricted to authorized personnel. We apply minimal-retention practices to limit exposure. No security measure is perfect, and we cannot guarantee absolute security, but we implement reasonable technical and organizational safeguards.

8. Cookies

We use a minimal set of cookies: a session cookie for the contact form and a basic analytics stub. We do not use third-party advertising cookies or cross-site tracking. You may disable cookies in your browser; this may affect form functionality.

9. Children

Our Service is not directed to children under 13 (or 16 in the EU where applicable). We do not knowingly collect data from children. If you believe a child has submitted data, contact us for deletion.

10. Changes to This Policy

We may update this policy. We will notify you by email or site notice at least 14 days before material changes. Continued use after the effective date constitutes acceptance.

11. Contact

For privacy requests or questions: support@mountainshield.example · [Address, City, State, ZIP]