Last Updated: 21 January 2025

This Privacy Policy (“Policy”) describes how Loon Cyber Consulting LLC (“Loon Cyber Consulting,” “we,” “us,” or “our”) collects, uses, discloses, and otherwise processes your personal data when you use our services, website(s), communications, or otherwise interact with us (collectively, the “Service”). We are committed to protecting your privacy and will handle your data in accordance with applicable data protection and privacy laws.

1. Objective

This Policy applies to all processing of personal data carried out by Loon Cyber Consulting LLC. Its objective is to inform you of how we collect, use, and protect your personal data, and your rights in relation to your personal data.

2. Contact – How Can I Reach You?

If you have any questions regarding this Privacy Policy or wish to exercise any of your rights, please contact us through the following means:

• Mailing Address:
  Loon Cyber Consulting LLC
  2112 Broadway St NE Ste 225, #239,
  Minneapolis, MN 55413, USA

• Phone: 320-412-LOON (5666)

• Email: hello@looncyber.com

Data Protection Officer (DPO)

• Trade Name (Controller): Trevor Barthel
• Address: 2112 Broadway St NE Ste 225, #239, Minneapolis, MN 55413
• Email: [email protected]

3. Legal Framework

We comply with relevant privacy and data protection regulations, including but not limited to:

• Regulation (EU) 2016/679 (GDPR)
• Argentine Law No. 25,326 (Argentine LPDP)
• General Data Protection Law of Brazil, Law No. 13,709 (LGPD)
• California Privacy Rights Act (CPRA)

These laws grant certain rights to individuals regarding their personal data and require that organizations processing personal data follow certain obligations and principles.

4. Processing Identification – How Do We Collect Personal Data?

We collect personal data from or about you in various ways, including:

1. Website Forms: When you fill out forms on https://looncyber.com (the “Site”).
2. Newsletter Sign-Ups: When you subscribe to our newsletter.
3. Surveys/Polls: When you answer polls or surveys.
4. Printed Forms: When you provide information on printed forms.
5. Communications: When you send us an email, call us, or communicate via SMS, and we input that data into our internal systems.

5. Personal Data Collected – What Information Do We Collect?

We may collect various types of personal data, including but not limited to:

• Contact Information: Name, email address, phone number, physical address.
• Credit Information: Necessary payment details to process transactions (e.g., last four digits of credit card, transaction IDs). We do not store full credit card numbers on our servers; such data is processed securely by our payment service providers (e.g., Stripe).
• Account Details: Username, password, security credentials.
• Location Data: If you provide or allow collection of geolocation data, we may use it to tailor certain features.
• Communications Data: Email messages, SMS messages, or phone logs sent to us.
• Cookies and Other Tracking Technologies: As described in Section 16 below, we may collect information through cookies and similar technologies.

Voluntary vs. Mandatory Data
Some data fields are marked as mandatory to enable us to provide the requested service. If you choose not to provide mandatory personal data, we may be unable to deliver certain features or services.

Accuracy and Updates
You declare and warrant that all personal data you provide is true, accurate, and up-to-date. You agree to promptly inform us of any changes.

6. Our Commitment: We Do Not Sell Your Personal Data

We understand the importance of your privacy. We will never sell or rent your personal data to third parties for their own marketing or commercial purposes. We only share personal data with service providers or partners under strict obligations (see Section 11), or when required by law.

7. Purpose – What Do We Use Your Personal Data For?

We collect and use your personal data for the following purposes:

1. Providing Our Service & Fulfilling Requests

   • To process and fulfill orders, requests, or subscriptions.
   • To communicate with you regarding changes to our Service or your account.

2. Identification and Authentication

   • To verify your identity when you log in, request information, or use certain features.
   • To enable secure login via two-factor authentication (2FA) or similar means.

3. Personalization

   • To tailor the content we show or send you (e.g., location-based services, customized emails).
   • To provide a more personalized user experience.

4. Marketing and Promotional Purposes

   • To send you newsletters, promotions, event updates, or offers.
   • To display relevant advertisements on our Site or third-party websites. (You can unsubscribe at any time—see Section 7.1 on Opt-Out.)

5. Research and Reporting

   • To administer surveys, questionnaires, or polls, both online and offline.
   • To learn more about user needs and evaluate the effectiveness of our communications or campaigns.

6. Compliance with Legal Obligations

   • To comply with applicable laws, regulations, or legal proceedings.
   • To cooperate with law enforcement or government requests.

7. Protecting Us and Others

   • To investigate, prevent, or take action regarding suspected fraud, illegal activities, or threats to persons or property.
   • To enforce our Terms and Conditions and this Privacy Policy.

8. Deidentified Data

   • We may anonymize or deidentify your data so that it no longer relates to an identifiable individual.
   • We may use this data for any lawful purpose, including analytics and performance tracking, provided it remains in deidentified form.

7.1 Opting Out of Marketing Communications
You have the right to opt out of receiving marketing or promotional emails at any time. You can do this by:

• Clicking the “unsubscribe” link within any marketing email you receive from us.
• Contacting us at [email protected] and requesting removal.

Once you unsubscribe, we will remove you from our marketing lists, but you may still receive essential transactional or account-related emails.

8. How Do We Use Your Information?

In addition to the purposes listed above, we may also use your personal data for:

• Creating User Accounts: Registering you for certain services or portals.
• Collecting Customer Feedback: To improve our product and service offerings.
• Enforcing Terms & Conditions: To investigate violations of our Terms.
• Technical Support: To diagnose and resolve technical issues.
• Payment Processing: Handled by secure third-party providers such as Stripe. We only receive limited payment details (e.g., confirmation, partial credit card info).

We will only use your personal data for these or other compatible purposes after obtaining your explicit or implied consent, unless otherwise required by law.

9. Retention Period – How Long Do We Keep Your Data?

We retain your personal data:

• For up to 24 months after user accounts remain idle or become inactive.
• As long as necessary to fulfill the purposes for which it was collected (see Section 7).
• As required by applicable law, regulations, or contractual obligations.

Once the retention period expires, or if the data is no longer needed, we will securely delete, anonymize, or archive your information.

10. Consent and Legal Bases for Processing

By providing your personal data to us, you:

1. Consent to the processing of your data fully and without reservation as described in this Policy.
2. Understand that the legal bases for processing include the performance of a contract, compliance with a legal obligation, legitimate interest, and/or your informed, unambiguous consent.

Where we process data under legitimate interest, we balance our interests with your fundamental rights and freedoms before proceeding.

11. Confidentiality, Sharing, and International Transfers – Do We Disclose Your Data to Third Parties?

11.1 Confidentiality

We treat your personal data as confidential and will not share it with third parties except as disclosed in this Policy or with your explicit consent.

11.2 No Sale of Personal Data

We do not sell your personal data to any third parties for their independent commercial or marketing use.

11.3 Service Providers and Affiliates

We may share personal data with:

• Employees and Service Providers under confidentiality agreements who need access to perform services on our behalf (e.g., hosting, payment processing, email services, analytics).
• Parent Companies, Affiliates, and Subsidiaries for legitimate business purposes, subject to this Policy.

11.4 Social Media and Third-Party Integrations

We use or link to:

• Google Maps
• Google Analytics
• Facebook
• Instagram
• LinkedIn
• Twitter

These platforms may collect your IP address and other data. Each has its own privacy policy and terms of service. When you interact with these services, you do so under their respective policies.

11.5 Business Transfers

If we undergo an acquisition, merger, asset sale, or bankruptcy, user data may be transferred as part of that transaction, subject to confidentiality obligations.

11.6 Legal Obligations, Protection, and Public Safety

We reserve the right to disclose your personal data if required by law, subpoena, court order, or other legal process, or if we believe it is necessary to prevent fraud or imminent harm and to ensure the security of our network and services.

11.7 International Transfers

Your data may be transferred to, stored, or processed in other countries where we or our service providers maintain operations. In such cases, we ensure appropriate safeguards and compliance with applicable data protection laws.

12. SMS Communications – How Do We Handle Text Messages?

We may collect and process your phone number to send you SMS messages for:

1. Two-Factor Authentication (2FA): Security-related codes or login confirmations.
2. Transactional Updates: Order statuses, appointment reminders, or shipping confirmations.
3. Conversational Messaging: Responses to inquiries you initiate.
4. Marketing and Promotions (Opt-In Only): Occasional promotional texts if you have explicitly consented.
5. Customer Care & Feedback: Surveys or requests for feedback.

Opt-Out: You can unsubscribe from marketing texts at any time by replying STOP, CANCEL, or UNSUBSCRIBE. Standard message and data rates may apply.

13. Security – How Do We Keep Data Safe?

We employ technical and organizational measures to protect the confidentiality, integrity, and availability of your data. These include:

• Encryption: SSL/TLS encryption for data transmission (especially for payment information).
• Access Controls: Limiting data access to authorized personnel on a need-to-know basis.
• Secure Hosting: Servers in controlled facilities with advanced firewalls and intrusion detection.

While we strive to use commercially acceptable means to protect personal data, no method of transmission over the internet or method of electronic storage is 100% secure. In the event of a data breach that presents a significant risk, we will notify the relevant supervisory authorities and affected individuals in accordance with applicable laws.

14. Rights of Data Subjects – What Are Your Rights?

Depending on your jurisdiction and the applicable law (e.g., GDPR, CPRA, LGPD), you may have the following rights:

• Access: Request a copy of your personal data and information on how it is processed.
• Rectification: Correct inaccurate or incomplete data.
• Erasure (Deletion): Request deletion of your data where it is no longer needed or if processing is unlawful.
• Restriction: Ask us to limit processing in certain circumstances.
• Objection: Object to processing based on legitimate interests or for direct marketing purposes.
• Portability: Request to receive your data in a structured, commonly used, machine-readable format, and ask us to transmit it to another controller when feasible.
• Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
• Complaint: Lodge a complaint with your local data protection authority if you believe your rights have been infringed.

To exercise these rights, please contact us at [email protected] or at the physical address in Section 2. We may request additional information to verify your identity before responding to your request.

15. Children’s Privacy

We do not knowingly collect or process personal data from children under the age of 13 without verifiable parental or guardian consent, unless permitted by law. If you are a parent or guardian and believe we may have collected your child’s personal data without appropriate consent, please contact us, and we will take prompt steps to delete such information.

For California Residents: We do not sell the personal information of consumers 16 years old or younger unless we have obtained appropriate prior parental or guardian authorization.

For EU/EEA Residents: We do not process personal information of individuals under 16 years old without explicit parental or guardian consent.

16. Cookies – Do We Use Cookies?

Yes. We use cookies and similar technologies to:

• Track Advertising
• Collect Site Traffic Data
• Improve User Experience

You can delete or block cookies through your browser settings. However, blocking or disabling cookies may affect certain functionalities of the Site. For more details, see our Cookie Policy.

17. Third-Party Links

Our Site may contain links to third-party websites or services that have their own privacy policies. We have no control over these external sites and are not responsible for their content or data-handling practices. Once you leave our Site via an external link, you are subject to the terms and policies of that external site.

18. United States Residents – Specific Privacy Rights

If you reside in the United States, you may have additional rights depending on your state’s privacy laws (e.g., the California Privacy Rights Act). These may include:

• Right to Know/Access: The categories and specific pieces of personal information we collected about you, and how we use, disclose, or “sell” such data.
• Right to Delete: The personal data we hold about you, subject to certain exceptions.
• Right to Opt Out: We do not sell personal data, but you may still request to opt out of any future potential “sale” or “sharing” of your information.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

For more details on verification, authorized agents, and appeals, see the full text in the “Do United States residents have specific Privacy Rights?” section above or contact us at [email protected].

19. Modifications – Is This the Most Current Version?

This is the current version of Loon Cyber Consulting LLC’s Privacy Policy, last updated on January 21, 2025. We may update or modify this Policy at any time. Any changes will become effective upon posting the revised Policy on our Site or upon notifying you by other means. We encourage you to review this Policy periodically.

20. Approval

By using the Site or otherwise engaging with our Service, you acknowledge that you have read this Privacy Policy and agree to its terms. You also agree to any Terms and Conditions that may apply. If you do not agree, please discontinue use of our Service.