Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.



411 University St, Seattle, USA

+1 -800-456-478-23

Privacy Policy

Last Updated: May 15th, 2023

This Privacy Policy (the “Privacy Policy”) governs all aspects of bladestack.io’s collection, use, maintenance, and disclosure of personal information from all users (each a “User” and collectively, “Users”) of its corporate website and its services.


bladestack.io is a leading cybersecurity and compliance professional services firm providing advisory services. When this Privacy Policy refers to bladestack.io the wider bladestack.io group of companies is meant. Depending on which entity is responsible for the processing of personal data and the underlying systems, the bladestack.io affiliate and/or bladestack.io are the data controllers of personal data as defined herein, which means they determine what personal data is needed and how it is used. Unless specifically stated otherwise herein, this Privacy Policy applies to bladestack.io.


The purpose of this policy is to provide users with transparency with respect to bladestack.io’s collection and use of personal data. bladestack.io is committed to protecting the confidentiality of information entrusted to it by users and has prepared this Privacy Policy to inform Users of bladestack.io’s practices and policies concerning the collection, use, processing, maintenance and disclosure of personal data. Below you will find the contents of this policy by section.

Contents of This Policy

  1. Information Collection
  2. What Information We Collect
  3. Information Use
  4. Legal Bases for Processing
  5. Data Retention
  6. Disclosure of Personal Data
  7. Opting Out and Unsubscribing
  8. Safeguards
  9. Enforcement and Dispute Resolution
  10. Rights of the Data Subject Residing in the European Union
  11. Privacy Policy for California Residents
  12. International Personal Data Transfers
  13. Children’s Data
  14. Changes to Policy
  15. Appeals & Complaints Process
  16. Contact Information
  17. Disclaimer

1. Information Collection


    You have supplied your personal information:

    • We collect personal data such as a first and last name, phone number, email address, and other contact information when you send us a message through our website.
    • When a user subscribes to a mailing list.
    • When a user registers for a webinar, event and/or whitepaper.
    • Through resume submissions, contracting and/or employment inquiries.

    You have accessed our websites:

    • We may collect information using analytics tools, including when you visit our sites. The data we receive is dependent upon your privacy settings in your browser.

    We provide you services:

    • We may collect your personal data if you are part of an entity that we provide or receive services from.

    The information is public:

    • We may collect information about you through various social media platforms, for example, by liking us on Facebook, following us on Twitter, LinkedIn, or other social networks. The data we receive is dependent upon your privacy settings with the social network.


2. What Information We Collect

  1. When you submit information to our website, or send us an email, or enter into a contract with us we may collect the following personal data:

    • First and last name
    • Phone number
    • Email address
    • Security questions and other information to provide user account maintenance and
    • Other contact information in response to surveys about our service offerings

    In addition, when a user browses our website we may collect:

    • Cookies
    • Geolocation information
    • Mobile / device information
    • Browser information
    • Operating system
    • IP address
    • Technical information such as referral websites, browsing history, crash, and system error issues


3. Information Use

  1. bladestack.io may use personal information it has collected through its website and service offerings for any of the following:

    • To provide services to users or clients of bladestack.io or one of its subsidiaries, affiliates and business partners.
    • To determine users’ interest in services or to inform users about services offered by bladestack.io or one of its subsidiaries, affiliates and business partners.
    • To customize a users’ preferences to enhance a user’s experience with bladestack.io or one of its subsidiaries, affiliates and business partners.
    • To customize ads to users according to user preferences and settings.
    • To provide technical, quality control and perform maintenance to our website and internal systems.


4. Legal Bases for Processing


    The processing is based on our legitimate interests or the legitimate interests of a third party unless the requirement to protect the individual’s personal data overrides those legitimate interests.


    You have provided express consent to our practices described in this privacy policy by voluntarily providing personal information.


    Processing is required for the performance of a contract in which bladestack.io has been engaged to perform services.


5. Data Retention

  1. We retain personal data for as long as reasonably necessary to fulfill the purpose for which it was originally collected unless a longer retention period is required based on applicable law, regulation, and/or professional standards.

6. Disclosure of Personal Data

  1. bladestack.io uses all information collected from a user for internal purposes only.  bladestack.io does not and will not sell or rent your personal data to anyone.  bladestack.io may, from time to time, send personal data about a user to other persons or entities that perform services on behalf of bladestack.io (“Service Providers”), but only when:

    • The Service Provider has agreed to use such information solely for the purposes of providing services to bladestack.io;
    • The Service Provider agrees to protect such information in the same manner as the policies set forth in this policy statement;
    • bladestack.io needs to share the user’s information to provide the service the user has requested;
    • bladestack.io needs to send the information to a Service Provider who works on behalf of bladestack.io to provide a service to you.

    Unless bladestack.io informs a user otherwise, a service provider does not have any right to use the personal information bladestack.io provides to them beyond what is necessary to assist bladestack.io, or in response to a legal obligation including without limitation a subpoena, court order or bladestack.io believes that the law requires disclosure, or where the information is currently in the public domain. Upon lawful requests by public authorities, including to meet national security or law enforcement requirements, bladestack.io may disclose personal information as required by law.

    We will share your personal information with other third parties (different from those described above) in other limited circumstances. In these instances, we will, where required by applicable law, obtain your consent to share your personal information in this way.


7. Opting Out and Unsubscribing from the Mailing List

  1. All our marketing communications contain an easy way to opt out from receiving future messages, such as a link through which you can unsubscribe.

    If you would like to opt out of receiving marketing messages, you may use the unsubscribe link contained in the messages you have received, or alternatively you may send bladestack.io an email at [email protected].


8. Safeguards

bladestack.io holds personal data in the United States at this time.  bladestack.io keeps a user’s personal data for as long as bladestack.io determines necessary to fulfill the objective for which it was collected. Personal information is maintained on bladestack.io systems that are protected using industry standard security measures to ensure the confidentiality, availability, and integrity of the personal information. 

Unfortunately, however, bladestack.io cannot and does not guaranty that the information submitted to, maintained by, or transmitted from bladestack.io is or will always be completely secure, as transmission of information over the internet is oftentimes susceptible to potential interception, misuse, willful and/or negligent acts or omissions, misrouting, or possible loss.

9. Enforcement and Dispute Resolution

bladestack.io will investigate and attempt to resolve all disputes and complaints regarding our use and disclosure of personal data in accordance with this Privacy Policy.

If you are a resident of the European Union and your concern with bladestack.io has not been addressed satisfactorily, or if you believe we are not processing your personal data in accordance with applicable law or in accordance with this privacy notice, you have the right to file a complaint with the Data Protection Authority in the member state in which you reside.

10. Rights of the Data Subject Residing in the European Union

Residents of the European Union have certain rights under European data protection law with respect to personal data, including the right to request access to, correct, amend, delete, limit the use of, or withdraw your consent for the processing of your personal data at any time. They may also have the right to receive a copy of your personal information in a commonly used and machine-readable format and to transmit such information to another controller.

If you are a resident of the European Union and would like to submit a Data Subject Access Request, please send us an email at [email protected].

bladestack.io will respond in accordance with applicable laws and professional standards applicable to bladestack.io. We are open about the personal information we collect and have implemented mechanisms to enable you to exercise any rights you might have with respect to your personal data.

After receiving your request and sufficient information to verify your identity, we will provide you with a copy of the personal data we have about you which you are entitled to receive under applicable law. We will also confirm the purposes for which such personal information is being used, its recipients and the origin of the information.

You may write to us at any time requesting amendments to certain personal information that you consider to be incorrect or irrelevant, or to request that we block, erase or otherwise remove your personal data. We will update, block, erase or remove your personal data upon request in line with applicable law.

You may at any time ask us to delete your personal information. We will consider and where necessary comply with your request in accordance with applicable law, as explained above.

11. Privacy Policy for California Residents

This Privacy Policy for California Residents supplements the information contained in the bladestack.io’s Privacy Policy and applies solely to all visitors, consumers, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Policy. We further agree that bladestack.io may disclose personal data solely for a valid business purpose and for the performance of the respective services. In all cases, bladestack.io will not: (i) sell any personal data; (ii) retain, use, or disclose personal data for any purpose other than the agreed processing and the provision of the respective services and (iii) retain, use, or disclose the personal data except as required and/or permitted in the respective agreement.

12. International Personal Data Transfers

bladestack.io remains dedicated to privacy principles including but not limited to the EU-U.S. Privacy Shield Framework (“Privacy Shield”). Although the European Union Court of Justice (CJEU) invalidated the EU-US Privacy Shield regarding the collection, use, and retention of personal data transferred from the European Union to the United States, bladestack.io remains dedicated to privacy principles, including those underlying the EU-U.S. Privacy Shield Frameworks.  

To learn more about the Privacy Shield program, please visit  https://www.privacyshield.gov/.

bladestack.io continues to certify to the Department of Commerce that it will observe the Privacy Shield Principles but will not limit the Privacy Shield Framework as the only valid source with respect to personal data that is transferred from the European Union and its Member States, respectively UK, to the United States and will use other appropriate safeguards and mechanisms, for example by agreeing on the EU or UK Standard Contractual Clauses first. 

bladestack.io is committed to ensure that all international personal data transfers will be processed in accordance with EU Standard Contractual Clauses.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the EU Standard Contractual Clauses prevail. The EU Standard Contractual Clauses shall mean the Standard Contractual Clauses, effective 27th June 2021, adopted by the EU Commission with EU Commission Implementing Decision 2021/914 of 4th June 2021 on Standard Contractual Clauses for the Transfer Of Personal Data to Third Countries pursuant to GDPR, published at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en ; or (if applicable) any future clauses issued by the EU for the transfer of Personal Data to non-EU (sub) processors and replacing or modifying the clause in the wording as issued by the EU. 

In regard to transfers of Personal Data where UK GDPR applies, the following UK Standard Contractual Clauses shall apply, namely (i) the Standard Data Protection Clauses issued by the Commissioner under S119A(1) Data Protection Act 2018 published at https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf ; or (ii) any future  clauses as may be published by the UK Information Commissioner or the UK Government under UK GDPR from time to time for use in relation to Restricted Transfers from a controller located in the UK (or from its own processor) to a processor (or sub-processor) located in a third country.

bladestack.io commits to resolve complaints about our collection or use of your personal information.

If you have any questions, complaints and/or other concerns, please first contact our Data Protection Officer who can be reached at: [email protected] 

You may also lodge a complaint with your local data protection authority.

bladestack.io commits to cooperate with the panel established by the EU data protection authorities (“DPAs”) and comply with the advice given by the panel, including with regard to human resources data transferred from the EU in the context of the employment relationship.

bladestack.io has further committed to refer unresolved complaints with regard to personal data other than human resources data to International Centre for Dispute Resolution, International Division American Arbitration Association (“ICDR-AAA”), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit http://go.adr.org/privacyshield.html for more information or to file a complaint.  The services of the ICDR-AAA are provided at no cost to you.

The Federal Trade Commission has jurisdiction over compliance with the Privacy Shield for bladestack.io.

If your complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

In the context of an onward transfer, bladestack.io has responsibility for the processing of personal information it receives under privacy principles including the Privacy Shield, and subsequently transfers to a third party acting as an agent on its behalf. bladestack.io shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.


13. Children’s Data

We define a child as a natural person who is under the age of 16 years old. We do not collect children’s data, whether knowingly, actively, or otherwise, and we do not actively market to children. If we discover that we have collected a child’s data, the data is deleted immediately.

Where we know a child is above the age of 16, but considered a minor under applicable law, we will obtain parental/guardian consent prior to using that child’s personal information.

14.Changes to the Policy

bladestack.io reserves the right to update this policy periodically to keep up with regulatory and industry standards. If there is a substantial change in the way we use personal data, any such changes shall be effective from the date of posting of any revisions hereto as well as to any existing information then being retained by bladestack.io. In certain circumstances, we may need to request your consent to continue to process your personal data, based on any changes in our processing basis, methods and/or interest.


15. Complaints and Appeals Process

Appeals Process

bladestack.io’s clients may submit an appeal when, in the client’s opinion, the assigned project team has not provided a suitable service or does not agree with the recommendations or findings of an engagement. Appeals should be submitted via email to [email protected]. Upon receipt of an appeal, the project team will be notified and bladestack.io will request that one or more qualified bladestack.io personnel separate from the project team opine on the matter. The client will be informed of the disposition of the appeal within 30 days of submission of the appeal. The following information should be included when submitting an appeal.

·       Name of Organization

·       Contract Number

·       Name of individual submitting appeal

·       Email address

·       Phone Number

·       Notes and comments describing appeal

·       Any supporting evidence

Complaints Process

bladestack.io takes complaints against itself or its clients seriously. Complaints about bladestack.io should be submitted to [email protected]. Upon receipt of a complaint, bladestack.io will investigate the matter and deal with the complaint fairly and promptly. bladestack.io will address each complaint and identify the root cause and take appropriate action to mitigate a problem if it exists. The submitter of a complaint will be kept informed and the disposition of the complaint will be provided within 30 days of the submission of the complaint. The following information should be included when submitting a complaint.

·       Name of Organization

·       Contract Number (if applicable)

·       Name of individual submitting appeal

·       Email address

·       Phone Number

·       Notes and comments describing complaint

·       Any supporting evidence

Complaints against bladestack.io or its clients are not made public unless required by a court of law.

16. Contact Information

Please direct all inquiries regarding this privacy policy or our data collection and processing practices to our Data Protection Officer at: [email protected]


Kris Martel
bladestack.io’s Data Protection Officer
1690 Rocky Branch Rd., Monticello, FL 32344


7902 Tysons One Place Suite 2001 McLean, VA 22102


16. Disclaimer

bladestack.io is the owner and controller of this website. We do not consent to the use and/or reproduction of the content and information on this website without our consent, pursuant to applicable copyright law.

bladestack.io is not responsible, nor do we have control of third-party websites/links to and from our website.