Privacy Policy

Last updated: January 15, 2026

InfoSecPanda (“InfoSecPanda”, “we”, “us”, or “our”) operates https://www.infosecpanda.com (the “Site”). This Privacy Policy explains what personal information we collect, how we use it, and the choices you have when you use our Site.

1) Who we are

InfoSecPanda is the data controller for personal information processed through this Site.

Contact: info@infosecpanda.com

2) What information we collect

We collect information in the following ways:

A) Information you provide to us

When you submit a form (for example, Contact, PandaGRC waitlist, or a template/resource request), we may collect:

  • Name (if provided)

  • Email address

  • Organization / role (if provided)

  • Any details you include in your message

You can choose not to provide this information, but we may be unable to respond or provide what you requested.

B) Information collected automatically (basic website and security data)

When you visit the Site, we may automatically collect limited information such as:

  • IP address (and general location derived from IP, where applicable)

  • Browser type, device type, operating system

  • Pages visited, approximate time spent, and navigation patterns

  • Referring website or search terms (where available)

  • Cookies or similar technologies (see Section 6)

This information is used for site security, troubleshooting, and understanding aggregate usage of the Site.

C) Embedded content and third-party services

Some pages may include embedded content or services (for example, embedded dashboards, videos, or external forms). Those third parties may collect information directly from your browser (including through cookies) in accordance with their own privacy policies.

3) What we do NOT collect

  • We do not require you to create an account to use the free dashboards.

  • We do not collect or store your organization’s security posture from the dashboards (for example, your internal compliance status) unless you explicitly provide it to us through a form or direct communication.

  • We do not sell your personal information.

4) How we use your information

We use personal information to:

  • Operate, maintain, and improve the Site

  • Respond to inquiries and support requests

  • Provide requested resources (for example, templates) or product updates you asked for

  • Maintain security, prevent abuse, and debug technical issues

  • Understand Site usage in an aggregated manner (analytics)

5) Legal bases for processing (EEA/UK)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process personal information under one or more of the following legal bases:

  • Legitimate interests: to operate, secure, and improve the Site and respond to requests

  • Consent: where required (for example, certain cookies or communications you opt into)

  • Contract / pre-contract steps: to provide services or information you request

6) Cookies and similar technologies

We may use cookies and similar technologies to:

  • Ensure the Site functions properly

  • Help protect the Site and detect misuse

  • Understand how visitors use the Site (analytics)

  • You can control cookies through your browser settings. Disabling cookies may affect some Site functionality.

7) How we share information

We share personal information only in limited circumstances:

  • Service providers: hosting, website tools, and form/analytics providers who help us run the Site (they are permitted to use personal information only to provide services to us)

  • Legal and safety reasons: if required by law, or when we believe disclosure is necessary to protect our rights, investigate fraud, or protect the safety of users or others

8) Data retention

We keep personal information only as long as needed for the purposes described in this policy:

  • Form submissions: retained as needed to respond and maintain reasonable business records

  • Security logs / analytics: retained for a limited period to support security and performance monitoring

  • We may delete or anonymize information when it is no longer required.

9) International transfers

Your information may be processed in countries where we or our service providers operate (for example, Canada or the United States). Where applicable, we take reasonable steps to ensure appropriate safeguards are in place for cross-border transfers.

10) Your rights

Depending on your location, you may have rights regarding your personal information, including:

  • Access to personal information we hold about you

  • Correction of inaccurate information

  • Deletion of your information (subject to certain exceptions)

  • Restriction or objection to processing

  • Data portability (where applicable)

  • Withdrawal of consent (where processing is based on consent)

  • To exercise your rights, contact us at info@infosecpanda.com

11) Security

We use reasonable administrative, technical, and organizational measures to protect personal information. However, no website, system, or transmission method is completely secure, and we cannot guarantee absolute security.

12) Links to other websites

The Site may contain links to third-party websites that we do not own or control. We are not responsible for the privacy practices of those websites. Please review the privacy policies of any third-party sites you visit.

13) Children’s privacy

The Site is not intended for children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children.

14) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will update the “Last updated” date at the top of this page when changes are made.

15) Contact

If you have questions about this Privacy Policy or how we handle personal information, contact: info@infosecpanda.com

All rights reserved
Privacy
Terms & Conditions