Privacy Policy

Last updated: February 8, 2026

1. Introduction

Zio Security, LLC ("Zio Security," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at ziosecurity.com and use our services, including External Risk Reviews, Penetration Testing as a Service (PTaaS), and CMMC Readiness Assessments.

Zio Security, LLC is based in Panama City, Florida. If you have questions about this policy, contact us at support@ziosecurity.com.

2. Information We Collect

Information You Provide

  • Account information: name, email address, company name, and domain names when you sign up or complete onboarding.
  • Contact form submissions: name, email, company, phone number, and message content.
  • Payment information: billing details processed securely through Stripe. We do not store your full credit card number on our servers.

Information Collected Automatically

  • Usage data: IP address, browser type, operating system, referring URLs, pages visited, and timestamps.
  • Cookies and similar technologies: We use essential cookies to maintain your session and preferences. See Section 5 for details.

Security Scan Data

When you use our External Risk Review or ongoing monitoring services, we scan your publicly accessible external infrastructure (domains, IP addresses, and related assets). This data is collected to provide our services and generate your security reports.

3. How We Use Your Information

  • To provide, operate, and maintain our services
  • To process your subscription and payments via Stripe
  • To send you security reports and service-related communications
  • To respond to your inquiries and provide customer support
  • To improve our website and services
  • To comply with legal obligations

4. Payment Processing

We use Stripe, Inc. as our payment processor. When you subscribe to our services, your payment information is collected and processed directly by Stripe in accordance with their Privacy Policy. We receive only limited information from Stripe, such as the last four digits of your card, expiration date, and billing address, to manage your account.

5. Cookies

We use the following types of cookies:

  • Essential cookies: Required for the website to function properly (session management, security).
  • Analytics cookies: Help us understand how visitors interact with our website so we can improve it.

You can control cookies through your browser settings. Disabling essential cookies may affect website functionality.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

  • Service providers: Such as Stripe (payments), Formspree (form processing), and Netlify (hosting), who process data on our behalf.
  • Legal requirements: When required by law, regulation, or legal process.
  • Business transfers: In connection with a merger, acquisition, or sale of assets.

7. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS/SSL), secure infrastructure, and access controls. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. We retain scan data and security reports for the duration of your subscription plus 90 days. You may request deletion of your data by contacting us.

9. Your Rights (Including CCPA)

Depending on your location, you may have the following rights regarding your personal information:

  • Right to know: Request what personal information we collect, use, and disclose.
  • Right to delete: Request deletion of your personal information.
  • Right to opt-out: We do not sell personal information, but you may opt out of non-essential data collection.
  • Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.

California residents may exercise these rights under the California Consumer Privacy Act (CCPA) by emailing support@ziosecurity.com.

10. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Zio Security, LLC
Panama City, Florida
support@ziosecurity.com