Privacy Policy
Last Updated: Dec 31, 2025
1. Introduction
Guardianshield Cybersecurity ("we," "us," or "our") is committed to protecting your privacy and maintaining the security of your information. As an Authorized C3PAO (Certified Third-Party Assessor Organization), we hold ourselves to the highest standards of data integrity and confidentiality.
This Privacy Policy explains how we collect, use, and safeguard the information you provide when using our website and scoping forms.
2. Important Notice Regarding CUI
Do NOT submit Controlled Unclassified Information (CUI) through this website. Our website forms are intended for initial contact, scoping, and scheduling purposes only. Please do not enter, upload, or transmit any data marked as CUI, CTI (Controlled Technical Information), or ITAR-restricted data via our web forms. Secure transmission channels for sensitive assessment data will be established only after a Non-Disclosure Agreement (NDA) and formal contract are in place.
3. Information We Collect
We collect information that you voluntarily provide to us when you request services, schedule a simulation, or submit a scoping request. This includes:
Identity Data: Name, job title, and company affiliation.
Contact Data: Email address and phone number.
Business Data: CAGE Code, UEI Number, and general information about your compliance status (e.g., SPRS score targets, SSP completion status).
Conflict of Interest (COI) Declarations: Affirmations regarding prior consulting relationships with our firm.
4. How We Use Your Information
We use your data for specific business purposes, strictly separated by department to maintain CMMC impartiality:
For Assessment Requests: Data submitted via our "Formal Assessment" forms is routed exclusively to our Assessment Team (C3PAO unit) to evaluate eligibility, conduct conflict of interest checks, and define the assessment scope.
For Consulting Inquiries: Data submitted via our "Gap Analysis" or "Preparation" forms is routed to our Consulting/Operations Team to provide advisory support.
For Compliance: To verify your organization's identity and eligibility for CMMC certification in accordance with Cyber AB standards.
5. Conflict of Interest (COI) & Impartiality
To maintain our status as an authorized C3PAO, we adhere to strict ISO/IEC 17020 impartiality requirements.
We use the data you provide to cross-reference our internal client records.
If you indicate that you have received consulting services from us within the last 36 months, we will use your contact information to refer you to a partner C3PAO for your final assessment. We do not share your data with partners without your explicit consent.
6. Data Security
We implement industry-standard technical and organizational controls to protect your personal data against unauthorized access, loss, or alteration. Our intake forms utilize secure encryption (SSL/TLS) during transmission. Access to lead data is restricted based on role (Assessor vs. Consultant) to ensure separation of duties.
7. Third-Party Sharing
We do not sell, trade, or rent your personal information. We may share generic data with:
Service Providers: Trusted vendors who assist us in operating our website (e.g., Google Workspace, Squarespace), who are bound by confidentiality agreements.
Legal Authorities: If required by law or to protect our rights and safety.
8. Cookies and Tracking
Our website uses standard cookies to analyze site traffic and improve user experience. You can choose to disable cookies through your browser settings, though this may affect site functionality.
9. Contact Us
If you have questions about this policy or how we handle your data, please contact our Privacy Officer:
Guardianshield Cybersecurity LLC Attn: Compliance Officer Email: info@guardianshieldcyber.com