Legal
Privacy Policy
Jarvis Cyber Advisory LLC ("Jarvis Cyber Advisory," "we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you visit jarviscyberadvisory.com or engage us for consulting services.
1. Information We Collect
We collect information you provide directly, such as your name, business email, company name, and any details shared during an engagement scoping conversation, contract negotiation, or active consulting engagement. We may also collect technical information automatically when you visit our website, including IP address, browser type, and pages visited, through standard server logs and analytics tools.
Contact form submissions are delivered through our sub-processor Formspree, Inc., which receives the data before it reaches us. Formspree's independent handling of submission data is governed by their privacy notice at formspree.io/legal/privacy-policy/.
2. How We Use Information
We use the information we collect to respond to inquiries, deliver consulting services under signed engagement agreements, issue invoices and process payments, comply with legal obligations, and improve our website and services. We do not sell personal information to third parties.
3. Client Engagement Data
Information shared during a consulting engagement — including assessments, findings, evidence, and any sensitive business or technical details — is treated as confidential and is governed by the terms of the executed engagement agreement or master services agreement between Jarvis Cyber Advisory and the client. Engagement data is stored using encryption at rest and in transit and is accessed only by personnel directly assigned to the engagement.
4. Sub-processors
We rely on a small set of established service providers to operate our business. Each is bound by its own privacy and security commitments, and we share information with them only as needed to deliver services or support business operations.
| Sub-processor | Purpose | Data location |
|---|---|---|
| Stripe, Inc. | Payment processing and invoicing | United States |
| Microsoft Corporation | Email, productivity, and collaboration (Microsoft 365) | United States |
| Cloudflare, Inc. | Domain registration, DNS, and website hosting | United States and global edge network |
| Formspree, Inc. | Contact form submission delivery and processing | United States |
We may add or change sub-processors as our operations evolve. The list above will be updated to reflect any material changes.
5. Payment Processing
Payments are processed through Stripe, Inc., a PCI-DSS Level 1 certified service provider. We do not collect, store, or process payment card details on this website; all card information is captured and handled directly by Stripe. Stripe's handling of payment information is governed by Stripe's own privacy policy, available at stripe.com/privacy.
6. Sharing of Information
We share information only as necessary to deliver services or comply with law: with subcontractors or partners under written confidentiality obligations and only where the engagement requires it; with the sub-processors listed above acting on our behalf; or in response to lawful requests from public authorities. We will notify the client where legally permitted before disclosing engagement information.
7. Data Retention
We retain inquiry and engagement records for the period required by applicable law, professional obligations, and our internal records-retention policy. Clients may request that engagement-specific records be returned or destroyed at the conclusion of an engagement, subject to any legal hold or retention requirements.
8. Security
We use administrative, technical, and physical safeguards designed to protect the information we collect, including encryption, access controls, and multi-factor authentication on systems that hold client information. No method of transmission or storage is fully secure; we cannot guarantee absolute security.
9. Your Choices
You may request access to, correction of, or deletion of personal information we hold about you by contacting us at the address below. We will respond consistent with applicable law.
10. Children's Privacy
Our services are intended for businesses and are not directed to individuals under 18. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The "Effective date" above will reflect the most recent revision. Material changes will be communicated to active clients through their primary engagement contact.
12. Contact
Questions about this Privacy Policy may be directed to us by phone at +1 (208) 908-7475 (Mon–Fri, 9 am – 5 pm Mountain Time) or via our contact form.
Jarvis Cyber Advisory LLC
784 S Clearwater Loop, Ste B
Post Falls, ID 83854
United States