Privacy Policy

Effective date: May 1, 2026

1. Who We Are

SecOps Gateway LLC ("SecOps Gateway," "we," "us," or "our") operates the platform at secopsgateway.com — a marketplace connecting security vendors, officers, and buyers. Our principal office is located at 17 Ivy Spring Ln, Fredericksburg, VA 22406.

Questions about this policy: privacy@secopsgateway.com

2. Information We Collect

Information you provide

  • Account registration: name, email, phone, password
  • Business information: company name, EIN, address
  • Compliance documents: business license, insurance certificates, officer credentials (uploaded for verification)
  • Payment information: processed by Stripe — we do not store card numbers
  • Profile content: biography, certifications, service areas, photos
  • Communications: messages sent through the platform, support tickets

Information collected automatically

  • Log data: IP address, browser type, pages visited, timestamps
  • Device data: operating system, device type
  • Location data: GPS coordinates at check-in/check-out only (not continuously tracked)
  • Usage data: features used, search queries, scheduling activity
  • Cookies: session management, authentication, preferences (see Section 7)

3. How We Use Your Information

  • Operate and provide the SecOps Gateway platform
  • Verify compliance documents and credentials
  • Facilitate job posting, bidding, matching, and scheduling
  • Process payments and prevent fraud
  • Send transactional emails (registration, job updates, scheduling alerts)
  • Send platform communications (product updates, security notices)
  • Enforce our Terms of Service and platform rules
  • Improve the platform through usage analytics
  • Comply with legal obligations

4. Information Sharing

We do not sell your personal information. We share it only in these circumstances:

  • Platform participants: contact information is unmasked only after a mutual job match is confirmed
  • Service providers: Stripe (payments), AWS (document storage and OCR), Twilio (SMS), hosting providers — each bound by data processing agreements
  • Legal requirements: when required by law, court order, or to protect the rights and safety of our users
  • Business transfers: in connection with a merger, acquisition, or sale of assets, with notice provided to users

5. Data Retention

  • Active accounts: retained while your account is active
  • Deleted accounts: personal data anonymized within 90 days, except where retention is required by law
  • Compliance documents: retained for 7 years for regulatory compliance purposes
  • Audit logs: retained for 3 years (minimum per state regulation)
  • Payment records: retained as required by Stripe and applicable tax law

6. Your Rights

All users

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your account (subject to legal retention requirements)
  • Export your data in a portable format
  • Opt out of non-essential marketing emails

Virginia residents (VCDPA)

Virginia residents have the right to opt out of the sale of personal data, targeted advertising, and profiling. We do not sell personal data. To exercise your rights, contact us at privacy@secopsgateway.com.

California residents (CCPA/CPRA)

California residents have the right to know what personal information is collected, to delete it, to opt out of its sale (we do not sell it), and to non-discrimination for exercising these rights. To submit a request: privacy@secopsgateway.com or use the form below.

Do Not Sell or Share My Personal Information

We do not sell or share personal information for cross-context behavioral advertising. This link is provided for California compliance purposes.

Submit CCPA Request

7. Cookies

We use cookies for:

  • Essential cookies: authentication sessions, CSRF protection — required for the platform to function
  • Preference cookies: theme (light/dark), display preferences
  • Analytics: usage patterns to improve the platform (no third-party ad tracking)

You can disable non-essential cookies in your browser settings. Disabling essential cookies will prevent login.

8. Security

We use industry-standard security measures: TLS encryption in transit, AES-256 encryption at rest for compliance documents, signed URLs for document access, audit logging for all sensitive actions, and periodic security reviews. No system is perfectly secure. If you discover a vulnerability, see our responsible disclosure policy.

9. Children

SecOps Gateway is not directed to children under 18. We do not knowingly collect personal information from anyone under 18. If we learn we have collected such information, we will delete it promptly.

10. Changes to This Policy

We will post changes to this page and update the effective date. For material changes, we will notify registered users by email at least 14 days before the change takes effect.

11. Contact

SecOps Gateway LLC
17 Ivy Spring Ln, Fredericksburg, VA 22406
privacy@secopsgateway.com

Terms of ServiceSecurity Policy