Skip to content

Privacy Policy

 

1. Introduction

Veil Group, LLC ("Veil," "we," "our," or "us") values your privacy and is committed to
handling personal information in a responsible manner. This Privacy Policy explains how we collect, use, share, and protect information when you visit our website, veilgrp.com, or engage with our services.

This Policy applies to:
  • Visitors to veilgrp.com
  • Clients and prospective clients who request information or engage Veil's services
  • Individuals whose data may be processed by Veil as part of client-directed projects, such as breach analysis or compliance support

This Privacy Policy is intended to provide transparency into our data practices. It does not replace or override any specific contractual agreements that may govern our relationship with clients.

 

2. Information We Collect and How We Use It

We collect different types of information depending on how you interact with Veil and our services. The categories of information and their uses are outlined below.

Information You Provide to Us
  • Contact Details: Such as your name, email address, phone number, and company information when you fill out forms, subscribe to updates, or contact us.
  • Business Information: Details you share when inquiring about or engaging our services.
  • Client Data Sets: In the course of providing breach analysis, data mining, or compliance services, clients may provide regulated data, including personal information or protected health information (PHI).

We use this information to:

  • Provide requested services and manage client relationships.
  • Communicate with you about inquiries, proposals, and service updates.
  • Support breach response and compliance engagements in line with client instructions.
  • Maintain business records and fulfill contractual obligations.

Information Collected Automatically

When you visit veilgrp.com, we may automatically collect:

  • Technical Data: IP address, browser type, device identifiers, and operating system.
  • Usage Data: Pages visited, links clicked, time spent on the site, and referral sources.
  • Cookies and Tracking Technologies: Used to improve functionality, analyze traffic, and understand user interactions.

We use this information to:

  • Operate, secure, and improve our website and services.
  • Monitor site performance and usage trends.
  • Enhance user experience and tailor content.
  • Detect and prevent fraud or unauthorized activity.

How We Use Information Generally

Across both categories of information, Veil may use data for:

  • Protecting the security and integrity of our systems.
  • Meeting legal, regulatory, or contractual obligations.
  • Conducting internal reporting, audits, and operational improvements.

 

3. How We Share Information

Veil may share information in limited circumstances and only as consistent with this Privacy Policy and applicable law.

Service Providers and Vendors

We may share information with trusted third-party vendors who support the operation of our business and delivery of services. These may include hosting providers, software
platforms, analytics tools, and other infrastructure or support services. Such providers are authorized to use information only as necessary to perform services on our behalf.

Client-Directed Disclosures

When providing breach analysis, compliance support, or other contracted services, Veil may share data as directed by the client, including with legal counsel, regulators, or other designated partners.

Legal and Regulatory Requirements

We may disclose information if required to do so by law, regulation, subpoena, or other legal process, or when we believe disclosure is necessary to protect our rights, enforce our Terms of Use, or respond to government or regulatory requests.

Business Transactions

In the event of a merger, acquisition, restructuring, or sale of assets, information may be transferred as part of the business assets involved in the transaction.

No Sale of Personal Information

Veil does not sell personal information to third parties.

 

4. Data Security and Retention

Data Security

Veil takes commercially reasonable steps to protect information against accidental loss, unauthorized access, use, alteration, or disclosure. These measures may include administrative, technical, and physical safeguards designed to protect the integrity of our systems and the confidentiality of information processed.

No method of transmission over the internet or method of electronic storage is completely secure, and Veil cannot represent or imply that information will always remain free from unauthorized access or misuse. Users are encouraged to take appropriate steps to protect their own information, including the use of secure passwords and updated security software.

Data Retention

Veil retains information for as long as necessary to:
  • Deliver services and maintain client relationships.
  • Comply with legal, regulatory, or contractual requirements.
  • Support internal business operations such as audits, reporting, and dispute resolution.

When information is no longer required for these purposes, Veil may securely delete, anonymize, or otherwise limit access to it in a reasonable manner consistent with our business practices and applicable law.

 

5. Your Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding the personal information processed by Veil. These rights may include:

  • Access and Correction: You may request access to personal information we hold about you and request that inaccurate or incomplete information be corrected.
  • Deletion: You may request that certain personal information deleted, subject to legal, contractual, r operational requirements that may require retention.
  • Restrictions: You may request limits on how your personal information is processed in specific situations.
  • Portability: Where applicable, you may request a copy of certain personal information in a structured, commonly used, and machine-readable format.

Choices

  • Communications: You may opt out of receiving marketing communications from us by following the unsubscribe instructions included in those messages or by contacting us directly.
  • Cookies and Tracking Technologies: You may adjust your browser settings to block or limit cookies, though doing so may affect the functionality of the site.

Veil will review and respond to requests consistent with applicable laws. Certain requests may require verification of identity before action can be taken, and in some cases, legal or contractual obligations may limit the ability to fulfill a request.

 

6. International Data Considerations

Veil's operations are based in the United States, and the Services are primarily intended for use within the United States. Information provided to Veil or collected through veilgrp.com
may be processed and stored in the United States or in other jurisdictions where our trusted service providers operate.

When information is processed outside the United States, it may be subject to the laws of the country in which it is handled, which may provide different levels of protection than those available under U.S. law. Veil takes reasonable steps to oversee third-party service providers and requires them to handle information in a manner consistent with applicable legal and contractual obligations.

By interacting with the Services, you acknowledge that your information may be transferred to and processed in the United States and other jurisdictions necessary to support service delivery.

 

7. Compliance and Client Responsibility

Veil provides services that may include support for compliance obligations under laws and frameworks such as HIPAA, GDPR, and other U.S. federal or state regulations. Our role is to assist clients by identifying risks, providing analysis, and offering recommendations based on applicable standards.

While Veil takes care in providing these services, ultimate responsibility for meeting legal and regulatory requirements rests with the client. Use of Veil's services does not, by itself, establish or guarantee compliance with any law or regulation. Clients remain responsible for evaluating their own compliance obligations, implementing necessary policies and controls, and making final decisions about how to address identified risks.

 

8. Children's Privacy

The Services are not directed to children under the age of 13, and Veil does not knowingly collect personal information from children. In certain jurisdictions, additional protections may apply to children under the age of 16.

If we become aware that personal information has been collected from a child in violation of this Policy, we will take reasonable steps to delete the information or limit its use in accordance with applicable law. Parents or guardians who believe that their child may have provided personal information through the Services are encouraged to contact us so we can review the matter.

 

9. Updates to this Policy

Veil may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the functionality of our Services. When updates are made, the revised version will be posted on veilgrp.com with a new "Effective Date" noted at the top of the page.

Your continued use of the Services after the posting of an updated Privacy Policy indicates your acknowledgment of the changes. We encourage you to review this Policy periodically to stay informed about how we handle personal information.

Contact Us