top of page
Graphs

Privacy Policy

Last Revised: March 26, 2026 This Privacy Policy outlines how EDAO Group LLC (together with its affiliated companies – “EDAO”, “we”, or “us”) collects, stores, uses and discloses personal data when you interact with us, including when you visit or interact with our website, attend any of our events, interact with any of our online ads and content, newsletters, blogs, emails, sales and marketing channels, or other communications under EDAO’s control (collectively, “Business Engagements”) or access and use EDAO’s SaaS cybersecurity platform for small to medium-sized businesses (“Platform”), collectively the “Services”. This Privacy Policy is a part of our Terms of Service (the “Terms of Service”), which provides additional information on the Services and is incorporated herein by reference. Capitalized terms which are not defined herein shall have the meaning ascribed to them in our Terms of Service. By using our Services, you agree to the terms of this Privacy Policy and your continued use of the Services constitutes your ongoing agreement to this Privacy Policy. We collect, process and manage personal data on behalf of our business customers (“Customers”) through the Platform in our capacity as a “service provider” or “processor” (as such terms are defined under the Florida Digital Bill of Rights, Florida Statutes §§ 501.701 et seq. (“FDBR”), the EU/UK General Data Protection Regulation, or similar terms under other applicable data protection laws). EDAO processes such personal data in accordance with the Data Processing Agreement entered into between EDAO and its Customers. To learn about the privacy practices of our Customers, please contact them directly. If you have any questions or requests regarding Customer Data, please contact your organization directly. Please read this Privacy Policy carefully before accessing and using our Services. Please note — you are not obligated by law to provide us with any personal information. If you disagree with any term provided herein you should not use our Services. By accessing and/or using our Services, you agree to the collection and use of your information in accordance with this Privacy Policy. To the extent that you provide us with any personal information related to any third party or any other person or entity which is not you, including information related to any of your personnel or colleagues, you are solely responsible to receive, and hereby represent that you have and undertake that you shall have at all times maintained and received, the consent, authority, permission, and approval of such persons, and provided them with sufficient disclosures, to allow EDAO to access, store, collect, analyze and process such personal information as detailed herein. 1. What Information Do We Collect? When we use the term “Personal Information” or “Personal Data” in this Privacy Policy, we mean information that identifies an individual or that may, with reasonable efforts or together with additional information we have access to, enable the identification of an individual, or may be of a private or sensitive nature relating to an identified or identifiable natural person. Identification of an individual also includes the association of such individual with a persistent identifier such as a name, an identification number, persistent cookie identifier, etc. Personal Information does not include information that has been de-identified, anonymized or aggregated; provided that such information can no longer be used to identify a specific natural person. We collect the following categories of Personal Information when you interact with EDAO Business Engagements with respect to the following types of data subjects: •Customer’s Representatives (e.g., organization contact person and/or billing admin): we may collect name, organization, role, business email address and business phone, and any other Personal Information necessary to facilitate the business engagement between EDAO and Customer. •Prospects: we may collect contact and business details of prospective customer’s representatives: name, business email, business phone number, position, workplace and professional information, our communications with such individuals, feedback, and contractual and billing details. In addition, we may collect technical and aggregated usage data: IP addresses, device data (e.g., type, OS, device ID, browser version, language settings used), activity logs, session recordings, and other internet or electronic network activity information and other device or browser information. We collect the following categories of personal data in connection with your access and use of EDAO’s Platform with respect to the following types of data subjects: •Customer’s admin: name, phone, organization email address, role, IP address and log-in credentials (e.g., Google sign-up or other account authentication methods made available through the Services). •Customer’s end-users: device metrics, IP addresses, browser information, geolocation data, cookies, usage data and customer support interactions. If a Customer has opted to receive email security functionalities, EDAO will also process email headers, sender and recipient information, as well as other attributes related to email communication. We collect the following categories of Personal Information in connection with evaluating suitability of candidates who apply for job positions at EDAO: •Candidates Information. We may post job openings at EDAO on our website, LinkedIn, Facebook, and other social media or recruitment platforms. When evaluating candidates, we may collect personal information they provide, including their name, email, qualifications, and any other details necessary to assess their application. If applicable, we may also use this information for employment purposes. 2. How Do We Use Your Personal Information and the Legal Basis for Processing? We collect, process and use your information for the purposes described in this Privacy Policy, based on at least one of the following legal grounds: 2.1 With your consent. We ask for your agreement to process your information for specific purposes and you have the right to withdraw your consent at any time. 2.2 Performance of a contract. We collect and process your Personal Information in order to provide you with the Services, following your acceptance of this Privacy Policy; to maintain and improve our Services; to develop new services and features for our users; and to personalize the Services in order for you to get a better user experience. 2.3 Legitimate interests. We process your information for our legitimate interests while applying appropriate safeguards that protect your privacy. This means that we process your information for things such as detecting, preventing, or otherwise addressing fraud, abuse, security, usability, functionality or technical issues with our Services; protecting against harm to the rights, property or safety of our properties, our users, or the public as required or permitted by law; enforcing legal claims, including investigation of potential violations of this Privacy Policy; and in order to comply with and/or fulfill our obligations under applicable laws, regulations, guidelines, industry standards and contractual requirements, legal process, subpoena or governmental request, as well as our Terms of Service. 2.4 Compliance with legal obligations. We process your information as necessary to comply with applicable laws and regulations, including the Florida Digital Bill of Rights (Fla. Stat. §§ 501.701 et seq.), the Florida Information Protection Act of 2014 (Fla. Stat. § 501.171), and other federal and state laws to which EDAO is subject. 3. How We Share or Disclose Your Personal Data We may share your information with third parties (or otherwise allow them access to it) only in the following manners and instances: Third Party Services. We may share your information with a number of selected service providers whose services and solutions complement, facilitate and enhance our Services and operations. Such third party service providers may have access to, or process on our behalf, Personal Information obtained through your use or access to the Services. These third parties include hosting, database and server co-location services (e.g., Google Cloud, Amazon Web Services), data analytics services (e.g., Google Analytics), and our business, legal and financial advisors (collectively, “Third Party Service Providers”). Our Third Party Service Providers act as our processors and may only process your Personal Information according to our instructions (which are made in accordance with the terms hereof). We remain responsible for any Personal Information processing done by such Third Party Service Providers on our behalf not in accordance with the terms hereof, except for events outside of our reasonable control and except for such Third Party Service Providers with whom you have a direct contractual relationship. Specifically, EDAO’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Integrated Third-Party Cybersecurity Providers. EDAO’s Platform may incorporate or integrate with cybersecurity products and services provided by third-party vendors, including without limitation SentinelOne, Inc., Check Point Software Technologies Ltd., Guardz Cyber Ltd., NinjaOne, LLC, and Tenable, Inc. (collectively, the “Integrated Providers”). When the Customer subscribes to or activates services involving an Integrated Provider, certain Personal Information may be transmitted to, processed by, or stored with that Integrated Provider as necessary for the provision of the relevant service. Such processing by an Integrated Provider is governed by the Integrated Provider’s own terms of service and privacy policy, in addition to any applicable provisions of EDAO’s Terms of Service (including Schedule 1 thereto). Customer is responsible for reviewing and complying with the privacy practices of any Integrated Provider whose services Customer chooses to use. Law enforcement, legal proceedings, and as authorized by law. We may disclose or otherwise allow access to Personal Information pursuant to a legal requirement or request, such as a subpoena, search warrant or court order, or in compliance with applicable laws and regulations. Such disclosure or access may occur with or without notice to you, if we have a good faith belief that we are legally required to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing. Protecting Rights and Safety. We may share your Personal Information with others, with or without notice to you, if we believe in good faith that this will help protect the rights, property or personal safety of EDAO, any of our users, or any members of the general public. Our Affiliated Companies. We may share Personal Information internally within our family of companies, whether current or future, for the purposes described in this Privacy Policy. In addition, should we or any of our affiliates undergo any change in control, including by means of merger, acquisition or purchase of substantially all of our assets, your Personal Information may be shared with the parties involved in such event. If we believe that such change in control might materially affect your Personal Information then stored with us, we will notify you of this event and the choices you may have via e-mail and/or prominent notice on our website or Services. No Sale of Personal Information. EDAO does not sell Personal Information in exchange for monetary consideration, as the term “sale” is defined under the Florida Digital Bill of Rights or other applicable U.S. state privacy laws. For the removal of doubt, we may share your Personal Information in additional manners pursuant to your explicit approval, or if we are legally obligated to do so. Additionally, we may transfer, share or otherwise use non-personal information in our sole discretion and without the need for further approval. 4. Why Do We Collect and Process Your Information? We may use information that we collect about you for the following purposes and applicable lawful bases for processing: •To provide, operate and improve our Services and related offerings, and to manage our business. [Lawful basis: Performance of a Contract; Legitimate Interest; Consent (to the extent applicable).] •To provide you with a better user experience, more fitted to your specific needs. [Lawful basis: Performance of a Contract; Legitimate Interest; Consent (to the extent applicable).] •To be able to contact users who requested such contact to be made, for the purpose of providing them with further information on EDAO and its Services. [Lawful basis: Performance of a Contract; Legitimate Interest; Consent (to the extent applicable).] •To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities, whether suspected or actual. [Lawful basis: Performance of a Contract; Legitimate Interest; Compliance with legal obligations.] •To comply with any applicable rule or regulation and/or to respond to or defend against legal proceedings against us or our affiliates. [Lawful basis: Performance of a Contract; Legitimate Interest; Compliance with legal obligations.] •To send you our newsletters and information in connection with the Services, where you registered to receive such messages or have otherwise provided us with your consent, or otherwise to provide important notices with respect to Services to which you have registered. [Lawful basis: Performance of a Contract; Legitimate Interest; Consent (to the extent applicable).] •To market our Services (including via our marketing service providers and at events), and to track and evaluate our marketing activities and their results, and attribute different marketing achievements to the respective marketing efforts. [Lawful basis: Legitimate Interest; Consent (to the extent applicable).] •To act upon and comply with requests you may make pursuant to this Privacy Policy and the privacy laws that apply to you. [Lawful basis: Performance of a Contract; Compliance with legal obligations.] 5. Direct Contact You hereby agree that we may use your contact details provided to us, pursuant to your consent, for the purpose of informing you regarding our products and services which may interest you. You may withdraw your consent by sending us written notice by email to the following address: privacy@edaogroup.io, or by pressing the “Unsubscribe” button in any marketing email received. In addition, the consumer rights afforded under the Florida Telemarketing Act (Fla. Stat. §§ 501.059, 501.616) and the federal Telephone Consumer Protection Act (47 U.S.C. § 227) and the CAN-SPAM Act (15 U.S.C. §§ 7701 et seq.) shall apply to EDAO’s telephone and email marketing practices, where applicable. Please note that EDAO may contact you with important information regarding our Services. For example, we may notify you (through any of the means available to us) of changes or updates to our Services’ terms, service maintenance, security incidents, etc. You will not be able to opt-out of receiving such service messages. 6. Cookies and Behavioral Tracking Technologies We use certain monitoring and tracking technologies, including ones offered by third party service providers. These technologies are used in order to provide a better experience to our users. For example, these technologies enable us to: (i) keep track of our users’ preferences, (ii) identify technical issues and improve the overall performance of our Services, and (iii) create and monitor analytics. Cookies. A cookie is a small data file that is downloaded and stored on your device when you access our Services. We and our service providers may use cookies because they are essential for us to provide our Services to you, and because they help us optimize, personalize and/or otherwise improve your experience and/or the performance of the Services. Most web browsers allow you to erase cookies on your computer, block cookies from your computer, or notify you when a cookie is stored on your computer. If you choose to disable or otherwise block certain cookies, you may be unable to use, or experience decreased functionality with, parts of the Services. Tracking Technologies. When you visit or access our Services, we may use (and may authorize third parties to use) cookies, web beacons, pixel tags, scripts, tags, APIs and other technologies (“Tracking Technologies”). The Tracking Technologies allow us to automatically collect information about you, your online behavior, and your device, in order to enhance your navigation on our Services, improve our Services’ performance, and customize your experience on our Services. We may also use this information to collect statistics about the usage of our Services and to perform analytics. Your interactions with these features are governed by the privacy policies of the company providing them. Do Not Track / Global Privacy Control. Some browsers and extensions transmit “Do Not Track” or Global Privacy Control (“GPC”) signals. To the extent required under the Florida Digital Bill of Rights or other applicable U.S. state privacy laws, EDAO will honor recognized opt-out preference signals received from your browser or device with respect to targeted advertising and the sale or sharing of Personal Information. 7. Minors To use our Services, you must be over the age of eighteen (18). Therefore, we do not knowingly collect Personal Information from minors under the age of eighteen (18) and do not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that minors under the age of eighteen (18) are not using the Services. EDAO complies with the federal Children’s Online Privacy Protection Act (“COPPA”), 15 U.S.C. §§ 6501–6506, and applicable provisions of the Florida Digital Bill of Rights regarding the personal information of minors. If you believe that we may have inadvertently collected information from a minor, please contact us immediately at privacy@edaogroup.io so that we may delete such information. 8. Information Security We take great care in implementing and maintaining the security of the Services and your Personal Information. We and our trusted service providers use a variety of industry-standard security technologies and procedures to help protect your Personal Information from unauthorized access, use, or disclosure. EDAO maintains reasonable security measures consistent with the requirements of the Florida Information Protection Act of 2014, Fla. Stat. § 501.171. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our Services, and we make no warranty, express, implied or otherwise, that we will prevent such access. In the event of a breach of security of Personal Information, EDAO will provide notification to affected individuals and, where required, to the Florida Department of Legal Affairs and other regulators in accordance with Fla. Stat. § 501.171 and other applicable U.S. federal and state breach-notification laws. We will store your Personal Information on our trusted cloud service providers which may be located in countries outside the United States, including within the European Union and other jurisdictions. The data protection and other laws of these countries may differ from those of the United States; in these instances we will take steps to ensure that an appropriate level of protection is given to your Personal Information consistent with applicable law. Where required, we rely on appropriate transfer mechanisms (such as Standard Contractual Clauses) for cross-border transfers of Personal Information. You hereby consent to the transfer of your Personal Information to and from countries outside your country of residence as described herein. If you feel that your privacy was treated not in accordance with our policy, or if any person attempted to abuse our Services or acted in an inappropriate manner, please contact us directly at privacy@edaogroup.io. 9. Data Retention We value your privacy and your control over your Personal Information, and therefore you may, at any time, change, update or request to remove (subject to any other legal obligation that may require us to keep the information) your Personal Information by contacting us at privacy@edaogroup.io. We will retain the information we collect for as long as needed to provide the Services and to comply with our legal obligations and contractual obligations with the Customer, resolve disputes and enforce our agreements. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. We may rectify, replenish or remove incomplete or inaccurate information at any time and at our own discretion. 10. Data Subject Rights Under certain laws — including the Florida Digital Bill of Rights (Fla. Stat. §§ 501.701 et seq.), other applicable U.S. state privacy laws, the EU and UK General Data Protection Regulation, and similar laws in other jurisdictions — individuals have rights regarding their Personal Information. You can exercise your rights at any time by contacting us at: privacy@edaogroup.io. Those rights may include, but are not limited to, the following: •Right of access. You may have a right to know what information we hold about you and, in some cases, to have the information communicated to you. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information. •Right to correct Personal Information. We endeavor to keep the information that we hold about you accurate and up to date. Should you realize that any of the information that we hold about you is incorrect, please let us know and we will correct it as soon as we can. •Data deletion. In some circumstances, you have a right to request that some portions of the Personal Information that we hold about you be deleted or otherwise anonymized. •Data portability. In some circumstances, you may have the right to request that we provide you with the Personal Information you have made available to us, in a portable and, to the extent technically feasible, readily usable format, so you can transfer it to another party. •Right to opt out of targeted advertising, sale, or profiling. Where applicable under the Florida Digital Bill of Rights or other U.S. state privacy laws, you have the right to opt out of the processing of your Personal Information for purposes of targeted advertising, the sale of Personal Information, or profiling in furtherance of decisions that produce legal or similarly significant effects. •Restriction of processing. In some cases, you may have the right to request restriction of the processing of your Personal Information, such as when you are disputing the accuracy of your information held by us. •Right to appeal. If we deny your request to exercise any of the rights described above, you may appeal our decision by contacting us at privacy@edaogroup.io. We will respond to your appeal within the timeframes required by applicable law. If your appeal is denied, you may have the right to contact the Florida Department of Legal Affairs or another applicable regulator. Please note that these rights are reliant upon the rights, obligations and restrictions set out under data protection and privacy laws applicable in your jurisdiction. EDAO may refuse requests to exercise data subject rights if there is a legitimate reason — for example, if we cannot authenticate your identity, if the request could violate the rights of a third party or applicable law, or if it would prevent us from delivering a service you requested. If you would like to make any requests or queries regarding personal data we process as a service provider or processor on our Customer’s behalf, including accessing, correcting or deleting your data, please contact the Customer (i.e., your organization or employer) directly. 11. Updates to this Privacy Policy We reserve the right to change this Privacy Policy at any time, so please re-visit this page frequently. We will notify you regarding substantial changes to this Privacy Policy by changing the link to the Privacy Policy in the Services and/or by sending you an e-mail regarding such changes to the e-mail address that you provided during registration. Such substantial changes will take effect seven (7) days after such notice was provided on our Services or sent by email. Otherwise, all other changes to this Privacy Policy are effective as of the stated “Last Revised” date and your continued use of the Services after the Last Revised date will constitute acceptance of, and agreement to be bound by, those changes. 12. Governing Law and Jurisdiction This Privacy Policy, its interpretation, and any claims and disputes related hereto, shall be governed by and construed in accordance with the laws of the State of Florida, without regard to its conflicts-of-laws principles. Any and all such claims and disputes shall be brought in, and you hereby consent to them being litigated in and decided exclusively by, the state and federal courts of competent jurisdiction located in Miami-Dade County, Florida, and you waive any objection to the exercise of jurisdiction by such courts and to venue therein. This Privacy Policy was written in English and may be translated into other languages for your convenience. If a translated (non-English) version of this Privacy Policy conflicts in any way with the English version, the provisions of the English version shall prevail. 13. Have Any Questions? If you have any questions or comments concerning this Privacy Policy, you are welcome to email us at privacy@edaogroup.io, and we will make an effort to reply within a reasonable timeframe. You may also contact us by mail at: EDAO Group LLC Attn: Co-Founder 3107 Bent Creek Dr. Valrico, Florida 33596 For questions regarding HIPAA or protected health information (PHI), please contact our HIPAA Compliance Officer at privacy@edaogroup.io (please include “ATTN: HIPAA Compliance Officer” in the subject line). — End of Privacy Policy —

bottom of page