Privacy Policy

This Privacy Policy explains how Ensure Endpoint Technologies Inc. ("we," "us") collects and uses personal information through ensureendpoint.com (the "Website"), the PosturePass™ application (the "Application"), and our deployment and web management portals (together, the "Services").

1. Our Role

PosturePass is enterprise security software. Our role depends on context:

• Website visitors and customer administrators, we act as a controller of your information.
• End-user device data, when an enterprise installs the Application on its workforce devices, we process device posture data on behalf of that enterprise as its processor (or service provider). If you are an employee or contractor of such an enterprise, your employer's privacy notice governs that data, and privacy requests should be directed to your employer.

2. What We Collect

From the Website: information you submit (such as your name, business email, company, job title, and message) and standard log data (IP address, browser, operating system, pages viewed, date/time), collected automatically through cookies and similar technologies.

From the Application and portals: device posture attributes (such as disk encryption, antivirus, OS and patch status, screen-lock, and firewall status), operational telemetry (software version, install status, error and diagnostic information), and portal account information (credentials, contact details, roles, MFA enrollment, and audit logs). We do not collect file contents, browsing activity, keystrokes, screenshots, or personal data stored on the endpoint.

3. How We Use Information

We use personal information to provide, secure, and improve the Services; authenticate users and prevent fraud and abuse; provide support; send service-related and (with consent where required) marketing communications; create aggregated or de-identified analytics; and comply with law.

4. Legal Bases (EEA, UK, Switzerland)

Where GDPR applies, we process personal information based on contract performance, our legitimate interests in operating and securing the Services and marketing to business contacts, your consent (for marketing or non-essential cookies, which you may withdraw), and compliance with legal obligations.

5. How We Share Information

We do not sell personal information and do not share it for cross-context behavioral advertising. We may share information with:

• service providers (hosting, infrastructure, security, support, analytics, email delivery, professional advisors) acting on our instructions;
• enterprise customers, who receive device posture data for devices their workforce has installed the Application on;
• authorities or courts where required by law or legal process; and
• parties to a merger, acquisition, financing, or other business transaction.

6. Cookies

The Website uses first-party and third-party cookies to operate the site, remember preferences, authenticate sessions, measure traffic, and support marketing. You can control cookies through your browser settings; disabling cookies may impair functionality. We honor the Global Privacy Control (GPC) signal where required by law. We do not respond to other "Do Not Track" signals. The Application and portals do not use tracking cookies on user devices.

7. Where We Store Information

We are based in the United States and store and process personal information only in the United States. If you access the Services from outside the U.S., your information will be transferred to and processed here. For transfers from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the EU Standard Contractual Clauses and UK Addendum where required.

8. Retention

We keep personal information only as long as needed to provide the Services, comply with our legal and contractual obligations, resolve disputes, and enforce our agreements. Website inquiries are typically kept up to 24 months after the last interaction; portal accounts are kept for the life of the account plus a reasonable period thereafter; device posture and telemetry are kept per the enterprise customer's configuration; aggregated or de-identified data may be kept indefinitely.

9. Security

We use administrative, technical, and physical safeguards including encryption in transit using current TLS standards, least-privilege access controls, audit logging, secure development practices, multi-factor authentication for our portals, and ongoing security monitoring. No system is perfectly secure; please keep your credentials confidential and tell us promptly about any suspected unauthorized access.

10. Your Rights and Choices

Subject to applicable law, you may request access to, correction of, or deletion of personal information we hold about you; opt out of marketing using the unsubscribe link in our messages; and contact us with privacy questions.

If you are in the EEA, UK, or Switzerland, you also have rights to data portability, restriction of and objection to processing, withdrawal of consent, and the right to lodge a complaint with your local data protection authority.

If you reside in California, Colorado, Connecticut, Virginia, Utah, or another U.S. state with a comprehensive privacy law, you have rights to know, access, correct, delete, opt out of "sale" or "sharing" and certain targeted advertising, limit the use of sensitive personal information, and be free from discrimination for exercising these rights. We do not sell personal information, do not share it for cross-context behavioral advertising, and do not use sensitive personal information beyond purposes permitted under applicable law without the required notice.

To exercise any right, contact us at info@ensureendpoint.com. We may need to verify your identity. If we hold your information as a processor for an enterprise customer, please direct your request to that customer, and we will assist.

11. Children

The Services are not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe we have, please contact us so we can delete it.

12. Changes

We may update this Privacy Policy from time to time. The current version is posted here with a revised "Effective Date." We will provide notice of material changes through the Services or by other appropriate means before they take effect.

13. Contact

Ensure Endpoint Technologies Inc., Boca Raton, Florida, USA. info@ensureendpoint.com

14. Governing Law

This Privacy Policy is governed by the laws of the State of Delaware, USA, without regard to conflict of law principles. The State and Federal Courts in Delaware have exclusive jurisdiction over any dispute arising under this Policy. If a translated version conflicts with the English version, the English version controls.

© Ensure Endpoint Technologies Inc. PosturePass is a trademark of Ensure Endpoint Technologies Inc.