Cybersecurity and Data Breach Policy

1. Information We Collect

   We collect basic personal information from users during account creation, transactions, or participation in our services. This includes:

• • Full name

  • Email address

  • Mailing address

  • Phone number

  • IP address and device/browser details

We do not collect or store credit card or bank account information. All financial transactions are securely processed by Stripe, a PCI DSS Level 1 certified third-party payment processor. Your payment data is handled exclusively by Stripe and subject to their privacy policy.

2. How We Use Your Information

   We use your personal information to:

• • Provide, personalize, and improve our services

  • Communicate with you about your account or activity

  • Facilitate transactions on our e-commerce, networking, and crowdfunding platforms

  • Comply with legal obligations and respond to lawful requests

3. Data Security Measures

   We maintain reasonable and appropriate administrative, technical, and physical safeguards to protect your information, including:

• • SSL encryption and HTTPS protocols across all sites

  • Secure user authentication and role-based access controls

  • Routine software updates, malware scans, and vulnerability testing

  • Employee training and access restrictions to sensitive data

  • Vendor due diligence for all third-party service providers

We monitor and regularly update our cybersecurity measures to align with evolving threats and best practices.

4. Third-Party Service Providers

   We may share your personal information with trusted third-party providers who assist in operating our websites, processing payments, managing communications, or supporting customer service. These vendors are contractually obligated to use your data solely for authorized purposes and to maintain reasonable security measures.

   Key third-party services include:

• • Activity Log
  • CookieYes | GDPR Cookie Consent
  • Forminator
  • GDPR Cookie Compliance
  • hCaptcha for WP
  • IgnitionDeck
  • IgnitionDeck Commerce
  • IgnitionDeck Crowdfunding
  • IP Location Block
  • LiteSpeed Cache
  • UpdraftPlus – Backup/Restore
  • Wordfence Security
  • WP Statistics

5. Data Retention and Deletion

   We retain your personal information only as long as needed to provide our services, fulfill legal obligations, and enforce our agreements. You may request deletion of your personal data at any time by contacting us at support@tfempires.com. We will comply with such requests in accordance with applicable law and data retention requirements.

6. Breach Notification and Response

   If we become aware of a data breach involving unencrypted personal information, we will:

• • Promptly investigate and contain the breach

  • Notify affected individuals without unreasonable delay

  • Provide breach notification to the Montana Attorney General, if required, in accordance with Mont. Code Ann. § 30-14-1704

  • Notify any other regulatory bodies as required by law

  • Review and update internal security measures to prevent recurrence

7. Cross-State Compliance

   Although we are based in Montana, we serve users in multiple states and recognize the importance of protecting personal data regardless of jurisdiction. We comply with applicable privacy laws such as the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), and others, where such laws apply to our operations.

8. Your Privacy Rights

   Depending on your location and applicable law, you may have the right to:

• • Access the personal information we hold about you

  • Request correction or deletion of your information

  • Opt out of certain data uses or sharing (where applicable)

  • File a complaint with a data protection authority

To exercise your privacy rights, please contact us at support@tfempires.com.

9. User Responsibilities

   You are responsible for maintaining the security of your account credentials. Please choose a strong password, avoid sharing login information, and notify us immediately if you suspect unauthorized access to your account.

10. Policy Updates

    We may update this policy from time to time to reflect changes in technology, legal requirements, or our business practices. We will notify you of material changes through our websites or other appropriate channels.

11. Contact Us

    If you have any questions or concerns about this policy or our data security practices, please contact:

    support@tfempires.com