Privacy Policy

Effective Date: 20 April 2025

BFR Security & Observation Group, Inc. ("BFR Security", "we", "our", or "us") respects your privacy and is committed to protecting the personal information you share with us through our website and services. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or otherwise interact with us.

1. Who We Are

BFR Security is a California-based boutique private security and intelligence firm specializing in cybersecurity, OSINT (Open Source Intelligence), and high-threat protection for A-list clients and organizations. We operate in compliance with the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR), and other applicable data protection laws.

2. Information We Collect

We may collect the following categories of personal information from users and visitors of our website:

a. Personal Identifiers

Full name

Email address

Phone number

Company or organization name

IP address

Social media handles (if submitted)

b. Internet and Network Activity

Browser type and version

Device information

Pages visited and time spent on site

Referring URLs

c. Sensitive or Confidential Information

We do not intentionally collect sensitive personal information (e.g., health, biometric, financial) unless directly submitted by clients through secure and encrypted channels under a signed agreement or NDA.

d. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to provide analytics, improve user experience, and support security features. You may opt out of non-essential cookies via our Cookie Preferences.

3. How We Use Your Information

We use the collected information for the following purposes:

To operate and maintain our website and services

To respond to inquiries and client communications

To improve website performance and content

For security auditing and threat detection

To comply with legal obligations

For marketing with consent (e.g., newsletters or event updates)

4. How We Share Your Information

We do not sell your personal information. We may share your data with:

Authorized vendors and service providers (e.g., cloud storage, analytics)

Legal authorities or regulatory agencies when required by law

Business partners or subcontractors under strict confidentiality agreements for service delivery

International entities (e.g., secure data storage in Swiss/German jurisdictions) in compliance with GDPR and international transfer laws

5. Data Retention

We retain your personal information only as long as necessary for the purposes outlined above, including to comply with our legal obligations, resolve disputes, and enforce our agreements.

6. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

Under CCPA (California Residents):

Right to know what data we collect

Right to delete personal data

Right to opt-out of the sale or sharing of data (we do not sell)

Right to non-discrimination for exercising privacy rights

Under GDPR (EU Residents):

Right to access, correct, or delete your data

Right to object to processing

Right to data portability

Right to lodge a complaint with a supervisory authority

To exercise any of these rights, contact us at privacy@bfrsecurity.com or via our online Data Request Form.

7. Security Measures

BFR Security employs industry-standard administrative, technical, and physical safeguards to protect your information, including but not limited to:

TLS/SSL encryption for web traffic

Multi-factor authentication (MFA)

Encrypted data storage (AES-256) in secure jurisdictions (CH/DE)

Regular penetration testing and vulnerability scans

However, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining the highest level of protection.

8. Children’s Privacy

Our services and website are not directed toward individuals under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe we have collected information from your child, contact us to request deletion.

9. International Data Transfers

Where applicable, personal data may be transferred to and processed in countries outside your jurisdiction, including the United States, Switzerland, and Germany. These transfers comply with appropriate legal mechanisms such as Standard Contractual Clauses (SCCs) or adequacy decisions.

10. Third-Party Links

Our website may contain links to third-party websites, plugins, or services. We are not responsible for the privacy practices of those external sites. Please review their policies individually.

11. Updates to This Policy

We reserve the right to amend this Privacy Policy at any time. Updates will be posted on this page with the revised effective date. Continued use of the site after any changes constitutes acceptance of the revised policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact:

BFR Security & Observation Group, Inc.
Attn: Data Privacy Officer
Email: privacy@bfrsecurity.com
Phone: (323) 545-7131