Privacy Policy
What Sets Us Apart
Guardians and Refuge Cyber Security Privacy Policy & Terms of Use
Effective Date: 8/27/2024 | Last Updated: 2/14/2026
1. Introduction & Security-First Statement
Welcome to Guardians and Refuge Cyber Security, operated by Guardians and Refuge, LLC (“Guardians and Refuge”, “G&R”, “we”, “us”, or “our”), a Texas limited liability company (“LLC”).
Security, privacy, technical integrity, and regulatory compliance are our highest values. ALL INTERACTIONS WITH THIS SITE, OUR NETWORK, OR OUR SERVICES ARE ACTIVELY MONITORED, LOGGED, AND SUBJECT TO FORENSIC ANALYSIS to protect our platform, users, clients, and the broader digital community.
By accessing [www.guardiansandrefuge.com](https://www.guardiansandrefuge.com) (“Site”) or utilizing our services, you (and any entity or employer you represent) agree that you have read, understood, and accepted these Terms and this Privacy Policy in full.
DISCONTINUE USE IMMEDIATELY IF YOU DO NOT AGREE.
2. Scope, Jurisdiction & Policy Amendments
This Policy is governed by the laws of Texas and the United States.
Where required, we also comply with the EU’s GDPR, UK GDPR, Swiss FADP, Canada’s PIPEDA, Japan’s APPI, the CCPA/CPRA, Massachusetts privacy, NY SHIELD Act, and other relevant regulations.
In any conflict, U.S. federal or Texas law prevails unless expressly superseded by binding international law.
We reserve the right to revise this Policy at any time. Substantial changes will be posted, and users will be notified by appropriate means. Continued use constitutes acceptance.
3. Intended Audience & User Warranty
This Site and services are not intended for children under 16, nor do we knowingly collect “child data.”
You represent and warrant that you are of legal age in your jurisdiction (minimum 18), and, if acting on behalf of a legal entity, that you have legal authority to bind your employer or principal.
Business/corporate users: You accept all Terms on behalf of your organization.
4. Definitions
Personal Data: Any information relating to an identified or identifiable individual, device, or network, including (but not limited to): name, email, phone, IP address, MAC, device/browser ID, user agent, geolocation, telemetry, ISP/ASN, and persistent/network identifiers.
Incident: Any detected or suspected breach, unauthorized access, anomaly, malware infection, fraud, DDoS, security misconfiguration, data corruption, or loss of system integrity.
Abuse: Any unauthorized, malicious, or fraudulent activity including but not limited to: probing, scanning, brute-forcing, scripting, scraping, social engineering, information pollution, or manipulation of vulnerabilities.
Monitoring: Continuous, automated, or human-supervised analysis across network, endpoint, and application layers using logs, SIEM, honeypot/honeynet, endpoint detection, AI/ML analytics, and packet capture.
5. Data Collection, Retention, & Logging
ALL activity, traffic, and technical interaction are subject to monitoring and forensic logging for security and legal compliance.
a. User-Provided Data
Name, contact details, company/employer, login credentials, direct user content (e.g. posts, support tickets, incident/vulnerability reports).
b. Digital/System Identifiers
IP address (mandatory, always logged for authentication, geofencing, security, and compliance).
MAC address, session tokens, device/browser fingerprints, persistent cookies, tracking pixels, geolocation, ISP/ASN, user agent strings.
Third-party and upstream data (cloud, CDN, DNS, analytics, security vendor telemetry) are also monitored and analyzed as relevant.
c. Behavioral & Security Telemetry
Clickstream, event logs, all login attempts (successful or failed), API traffic, resource access, utilization patterns, and any actions involving honeypot/honeynet environments.
d. Automated Security & Forensic Controls
Continuous deployment of endpoint detection, SIEM analytics, canaries, deception tech (honeypots/decoys), AI/ML-based threat hunting and anomaly detection.
e. Data Retention
Security logs and applicable personal data are retained for a minimum of 7 years (to support compliance, threat investigation, audit, litigation, and regulatory requirements), or longer as mandated/contractually required under state, federal, or international law.
6. Monitoring, Cookies, Tracking, and Third Party Technology
Active security monitoring, logging, and network traffic analysis (including IP, device, session, and endpoint data) are ALWAYS ON, CANNOT BE DISABLED, and are essential for defense and compliance, regardless of user location or jurisdiction.
- Non-essential cookies (analytics, marketing) are set only with your explicit, affirmative consent using a compliant cookie banner where required (GDPR/CCPA/ePrivacy).
Third-Party Tracking Disclaimer:
Our Site may present or load content, tags, widgets, APIs, social plugins, embedded software, or advertisements from external “Third Parties” (e.g. analytic services, SaaS, CDN, cloud, advertisers, application partners).
These third parties may set cookies, tracking pixels, device fingerprints, or deploy other tracking/data collection tools on your device, fully independent of Guardians and Refuge Cyber Security. We DO NOT control, process, audit, or accept liability for their data practices or responses to your browser/privacy settings.
With all third-party tracking, you must review the policies of each applicable party and direct all concerns, requests, or objections to them.
Guardians and Refuge Cyber Security explicitly DISCLAIMS all responsibility for any data collection, retention, or processing by such parties.
7. Use and Sharing of Data
For secure service provision, threat hunting, fraud prevention, incident handling, evidence-chain preservation, penetration/security testing, system optimization, audit, and regulatory compliance.
In response to lawful government, law enforcement, or regulatory requests.
For bona fide cyber threat intelligence sharing with appropriate global consortia (CERTs, ISACs, CISA, DHS, FBI, DOJ, Europol, ICO, CNIL).
To vendor partners supporting core technical operations (subject to DPA, NDA, and incident notification clauses).
For lawful business transfer (merger, acquisition), with user notice as required.
Data is NEVER sold or used for unrelated third-party marketing without opt-in consent.
Should a third-party, cloud vendor, or upstream provider experience or disclose a breach, we will notify affected users as legally required and coordinate a response.
8. Security, Forensics, and Incident/Breach Notifications
Encryption applied to all data at rest and in transit. Network segmentation, access controls, endpoint security, SIEM, vulnerability management, and incident response protocols are implemented and maintained.
Chain-of-custody-validated logs are maintained for all material forensic, incident, and legal purposes.
Security breaches involving Personal Data are disclosed as required by law (Tex. Bus. & Com. Code § 521, GDPR Arts. 33-34, CCPA, other applicable regulations).
Security researchers and whistleblowers acting in good faith may disclose vulnerabilities: [admin@guardiansandrefuge.com](mailto:admin@guardiansandrefuge.com).
9. Rights of Users & Data Use Limitations
Access/Portability: You may request copies of your data, subject to robust identification.
Correction/Erasure: Requests honored unless conflicting with law, defense, incident investigation, compliance, or system integrity.
Objection/Restriction: Permitted only for non-essential processing. Security monitoring, network telemetry, and compliance logging CANNOT be disabled, limited, or objected to as a condition of site usage.
Automated decisions/ML Profiling: Used solely for cyber risk/anomaly detection/mitigation; never as the sole basis for denial of service/account except when necessary to stop or prevent active threat.
Children’s Data: Not knowingly collected. Parents/guardians may contact us for suspected instances.
State & International Rights: California (CCPA/CPRA), Massachusetts, New York, GDPR/UK/Swiss/Canada/Japan users provided all rights as required where this does not conflict with legal or security mandates.
Withdrawal of Consent: Only for non-essential services; core monitoring/defense is mandatory.
10. Anti-Abuse, Enforcement & B2B User Representation
All abusive, unauthorized, or malicious activities (scanning, enumeration, exploitation, DDoS, script-driven access, fraud, fake reporting, social engineering) trigger logging, incident escalation, permanent bans, and report to appropriate authorities.
All attempts at IP, device, or network spoofing for malicious purpose are considered bad faith, subject to criminal, civil, and regulatory action.
Whistleblowers reporting in good faith are protected; false flag or information pollution attacks are prosecuted as business harm.
B2B users warrant authority to bind their organization/employer to these terms and bear responsibility for compliance internally.
11. Third-Party Services, Supply Chain & External Content
Guardians and Refuge Cyber Security assumes no liability for any direct/indirect loss or risk from third-party/SaaS/CDN/cloud, supply chain, routing anomalies, infrastructure, or legal/regulatory changes.
No control or liability over data handling, security, or privacy by such third parties. All inquiries about their use of data or tracking must be made directly to such providers.
12. Intellectual Property, User Content, and DMCA
All site content (text, software, code, video, trade dress, trademarks) is © Guardians and Refuge, LLC or its licensors.
Submit DMCA requests to [admin@guardiansandrefuge.com].
Users grant us global, non-exclusive, royalty-free rights for analysis, compliance, law enforcement, and company use.
13. Limitation of Liability & Indemnification
Guardians and Refuge Cyber Security, its officers/agents/partners assume no liability for loss/damage except where specifically required by Texas/U.S. federal law. All services provided “AS IS,” WITH NO WARRANTY.
Disputes subject to Texas law (venue: Dallas County, TX), and, where enforceable, binding arbitration is preferred before litigation.
You agree to indemnify and hold harmless Guardians and Refuge, its affiliates, and partners from all claims, costs, loss, legal fees, and regulatory actions arising from your acts, breaches, unlawful use, or attacks.
14. Accessibility and Contact
Accessibility: Alternate formats and accommodation available upon request.
Contact:
Guardians and Refuge Cyber Security — Guardians and Refuge, LLC
Privacy/Security Officer
[admin@guardiansandrefuge.com]
15. Policy Updates & Acceptance
This Policy may be updated any time. Material changes will be communicated. Continued use after updates means acceptance.
LEGAL & THIRD-PARTY MONITORING NOTICE
By accessing or using this Site, YOU CONSENT to monitoring, collection, and logging of all IP address, device/network data, and user behavior for security, legal, and compliance purposes. All abuse, threats, or unauthorized activities are permanently logged and may result in prosecution. DISCONTINUE USE immediately if you do not accept these terms.
Third-Party Tracking Disclaimer:
*Third parties—such as analytics, CDN, embedded services, or advertisers—may independently deploy cookies, device fingerprints, beacons, or app trackers over which Guardians and Refuge Cyber Security has no technical or legal control. All requests, inquiries, complaints, or opt-outs regarding such third-party tracking must be addressed directly to those businesses, per their published policies.*
Guardians and Refuge Cyber Security: Security, legal compliance, and unwavering vigilance are built into every connection. ALL access and activity is monitored for your protection and ours.