Privacy Policy

Last Modified February 3, 2026 

OnDefend, LLC (“OnDefend”) respects your privacy and is committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit our website (the “Website”) or use our software and services (the “Services”) and our practices for using, maintaining, protecting, and disclosing that information. By visiting our Website or using our Services, you agree to the collection and use of information as described in this Privacy Policy. 

  1. Information We Collect About You and How We Collect It 
  • Personal Information 

 
Our Services may ask you or provide an interface for you to provide personally identifiable information so we can contact or identify you, provide the Service, or assist you. OnDefend collects only the Personal Information reasonably necessary to provide the Services, fulfill the purposes described in this Privacy Policy, and support our legitimate business operations. Personal Information may include things like: 

  • Contact information – your email address, first name, last name, address, city, state, and ZIP code. 
  • Customer Support information – data you share when you contact us 
  • Information collected from you on our social media sites like LinkedIn, X, or YouTube. 
  • Information you provide when you interact with the Service or provide through a third party to us. 
  • Phone Number: required to send SMS/text messages or voice calls depending on your communication preferences. 
  • Usage Information, Cookies, and Tracking Technologies 
    Usage Information is information collected automatically when using our Website or Services. Usage Information may include information such as your device’s IP address, log data, browser type, browser version, the pages of the service that you visit, the time and date of your visits, time spent on a page, diagnostic data such as unique device identifiers, the types of content that you view or engage with, and the features you use and the actions you take. It might also include your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, computer connection, IP address, and the like. We use Cookies and similar technologies. The technologies we use may include: 
  • Web Beacons. Certain sections of our Website, Services, and emails may contain small electronic files known as web beacons that permit OnDefend, for example, to count users who have visited those pages or opened an email or to understand the popularity of a certain section of the Service. 
  • Cookies.  A cookie is a small file placed on your device. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Service. We may use Persistent Cookies that stay on your device, or Session Cookies, which are deleted when you close your browser session. 
  • Necessary / Essential Cookies. These Session Cookies are essential to provide you with the Website and Services. They help authenticate users, prevent fraudulent use, and enable core functionality that cannot operate without them. 
  • Preference Cookies. These Persistent Cookies remember your preferences and settings on the Website or Service, such as language or display options. 
  • Functionality Cookies. These Persistent Cookies allow us to remember your choices, such as your login details or language preference. 
  • Do Not Track Signals. Our Website currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. 
  1. OnDefend’s Use of Your Personal Information 
     

We may use Personal Information for the following purposes: 

  • To provide and maintain the Services, including monitoring usage. 
  • To manage your account and access different functionalities. 
  • To complete your order when you buy Services. 
  • To contact you by email or by other methods like SMS, with: 
  • Updates, including about security, when necessary or reasonable for their implementation. 
  • Offers, news, and general information about other goods, services, and events we offer, unless you have opted out. You may opt out of marketing communications by clicking “unsubscribe” in any marketing email, replying STOP to any SMS marketing message, or emailing privacy@ondefend.com.  Opting out of marketing communications does not affect transactional, service-related, or other non-marketing communications. 
  • To manage and respond to your requests to us. 
  • For business transfers.  We may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all our assets. 
  • For analytics, research, and service improvement.  We use your information to conduct data analysis, identify usage trends, develop new features and services, and evaluate and improve the Services and your experience. We may also use your information for other legitimate business purposes consistent with this Privacy Policy. 
  1. Sharing of Your Personal Information 

 
We may share your personal information with others in the following situations: 

  • With Service Providers: We may share your personal information with Service Providers, which are companies we hire and oversee to perform services and other functions to assist us in delivering the Services. Service Providers are used for our business purposes on our behalf to deliver email, SMS, and other communications to you on our behalf, operate web hosting and other cloud services, provide web analytics services, and perform other information technology duties that we instruct. 
  • For business transfers: as noted above. 
  • With Affiliates: We may share your information with our affiliates (entities that we control or that we are under common control with), in which case we will require those affiliates to honor this Privacy Policy.  
  • With other users: if you share personal information or otherwise interact with other users through the Services (such as if we offer a public forum functionality), such information may be viewed by the users you send it to or to the public.  
  • With your consent: We may disclose your personal information for any other purpose with your consent, for example, if you tell us you consent to link your account with another company’s product or service with our Services. OnDefend does not sell your Personal Information to third parties. 
  • OnDefend as Service Provider to Business Clients:  When OnDefend provides cybersecurity consulting and software services to business clients, we may process personal information on behalf of those clients as a service provider. In such cases, our processing is governed by our service agreements with those clients, and the client—not OnDefend—determines the purposes and means of processing and is responsible for compliance with applicable privacy laws. OnDefend processes such information solely in accordance with the client’s instructions and has no independent obligations to individuals whose data we process on behalf of clients. If you are an employee, customer, or other individual whose personal information is processed by OnDefend on behalf of one of our business clients, please direct any questions, requests, or concerns about the processing of your personal information to that client organization, as OnDefend cannot respond to such inquiries directly. 
  1. Retention of Your Personal Information 

 
OnDefend retains your Personal Information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, which typically includes: (a) the duration of your relationship with OnDefend, plus a reasonable period thereafter; (b) as required to comply with our legal, tax, accounting, and regulatory obligations; (c) as necessary to resolve disputes, enforce our agreements, or establish legal defenses; and (d) as otherwise required or permitted by applicable law. Retention periods vary based on the nature of the data and the purposes for which it was collected. Usage Information is generally retained for internal analysis purposes for up to three (3) years, or longer when used to strengthen security, improve Services functionality, or as required by law. OnDefend may retain aggregated or de-identified data indefinitely. 

  1. Transfer of Your Personal Information 

Your information, including Personal Information, is processed at OnDefend’s operating offices in the United States and may be transferred to and processed by service providers in other locations. We may also process Personal Information in cloud-based servers located in the U.S. By using our Website or Services, you acknowledge and consent to the transfer of your information to jurisdictions that may have different data protection laws than your jurisdiction. OnDefend uses appropriate safeguards for international transfers, which may include contractual protections with service providers, vendor security assessments, and other measures designed to help protect your Personal Information. 

  1. How to Delete Your Personal Information 

You have the right to delete or request that we assist in deleting the Personal Information we have collected about you. The Services may allow you to delete certain information about you from within the Service. You may also contact us at privacy@ondefend.com to request access to, correct, or delete any personal information. We will respond to verified requests within forty-five (45) days. If we require additional time due to the complexity or volume of requests, we will notify you of the extension, which will not exceed an additional forty-five (45) days. We may require verification of your identity before processing any request and may decline requests that are manifestly unfounded, excessive, or repetitive. Please note that we may need to retain certain information when we have a legal obligation or lawful basis to do so. 

  1. Legal and Other Disclosures of Your Personal Information 
  • Business Transactions 
    If OnDefend is involved in a merger, acquisition, or asset sale, your Personal Information may be transferred. We will provide notice before your Personal Information is transferred and becomes subject to a different Privacy Policy. 
  • Law Enforcement & Legal Requirements 
    Under certain circumstances, OnDefend may be required to disclose your Personal Information to respond to valid requests by public authorities (e.g., a court or a government agency) or in the good faith belief that disclosure is necessary to: 
  • Comply with a legal obligation 
  • Protect and defend the rights or property of OnDefend 
  • Prevent or investigate possible wrongdoing in connection with the Service 
  • Protect the personal safety of users of the Services or the public 
  • Protect against legal liability 
  1. Security of Your Personal Information 

OnDefend maintains an information security program that includes administrative, technical, and physical safeguards designed to protect Personal Information. Our security program is ISO 27001 certified. However, no method of transmission over the internet or electronic storage is completely secure, and OnDefend cannot guarantee the absolute security of your Personal Information. 

  1. Children 

The Website and Services are not intended for anyone under the age of 13, and we do not knowingly collect Personal Information from children under 13. If you are a parent or guardian and believe your child has provided us with Personal Information, please contact us at privacy@ondefend.com. If we become aware that we have collected Personal Information from a child under 13 without parental consent, we will take steps to remove that information. OnDefend is not responsible for any collection of Personal Information from individuals who misrepresent their age. 

  1. Links to Other Websites 
    The Website and Services may link to websites and services we don’t operate. We don’t control those third-party sites and aren’t responsible for their content, privacy policies, or practices. 
  1. International Users 

This Privacy Policy is governed by the laws of the United States. If you access our Website or Services from outside the United States, you do so at your own initiative and are responsible for compliance with local laws to the extent they apply. By using our Website or Services, you consent to the transfer and processing of your Personal Information in the United States and waive any claims that may arise under the laws of other jurisdictions. OnDefend makes no representation that the Website, Services, or this Privacy Policy comply with the laws of any jurisdiction outside the United States. 

  1. Changes to Our Privacy Policy 
    We will post any changes we make to our Privacy Policy on this page. Changes to this Privacy Policy are effective when they are posted on this page. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for periodically visiting our Website and this Privacy Policy to check for any changes. 
  1. Contact Us 

 
To ask questions or comment about this Privacy Policy and our privacy practices, please contact our Privacy Team at: 

By email: privacy@ondefend.com 
 

By U.S. Mail: 
OnDefend, LLC10151 Deerwood Park Blvd. 
Building 200, Suite 110 
Jacksonville, FL 32256 

Company

About Us Join Our Team Contact Us

Services

Network Penetration Testing Application Penetration Testing Cloud Penetration Testing Hardware & Integrated Systems Testing AI & LLM Penetration Testing Red Teaming Services Purple Teaming Services Social Engineering Operations

Solutions

Continuous Security Inspector (CSI) Security Control Validation Operational Technology (OT) Security Program Facilities Security Program Election Security Program

Stay up to date

Sign up to receive the latest updates from OnDefend.

© 2026 OnDefend - All Rights Reserved

Privacy

|

Terms

CEH