Privacy Policy

Introduction

WatchSecure Inc. ("WatchSecure," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security awareness training platform and related services.

Information We Collect

We collect information in the following ways:

• Account Information: Name, email address, company name, job title, and contact details when you create an account.
• Usage Data: Information about how you interact with our platform, including training completion, simulation responses, and login activity.
• Device Information: IP address, browser type, operating system, and device identifiers for security and analytics purposes.
• Communication Data: Records of correspondence when you contact our support team or respond to surveys.

How We Use Your Information

We use collected information to:

• Provide, maintain, and improve our security awareness training platform
• Deliver phishing simulations and track training progress
• Generate reports and analytics for your organization
• Communicate with you about your account, updates, and support requests
• Detect, prevent, and address security threats and technical issues
• Comply with legal obligations and enforce our terms of service

Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

• Your Organization: Administrators can access training data and reports for their employees.
• Service Providers: Third-party vendors who assist with hosting, analytics, and customer support under strict confidentiality agreements.
• Legal Requirements: When required by law, court order, or to protect our rights and safety.
• Business Transfers: In connection with a merger, acquisition, or sale of assets.

Data Security

We implement industry-standard security measures including AES-256 encryption at rest, TLS 1.3 encryption in transit, multi-factor authentication, regular security audits, and SOC 2 Type II certified infrastructure. However, no method of transmission over the Internet is 100% secure.

Data Retention

We retain your information for as long as your account is active or as needed to provide services. Training records are retained for a minimum of 3 years for compliance purposes. You may request deletion of your data subject to legal retention requirements.

Your Rights

Depending on your location, you may have rights to:

• Access and receive a copy of your personal data
• Correct inaccurate or incomplete information
• Delete your personal data (right to erasure)
• Restrict or object to certain processing activities
• Data portability in a machine-readable format
• Withdraw consent where processing is based on consent

International Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses for EU data transfers.

Contact Us

For questions about this Privacy Policy or to exercise your rights, contact us at: