Small Business Cyber Security Services (SB-CSS)

SB-CSS Policies

Who we are

Small Business Cyber Security Services (SB-CSS) is a cybersecurity and AI-enabled services provider dedicated to helping small and mid-sized businesses protect their digital assets, customer information, and operations. We operate a WordPress-based platform and related services designed to support security monitoring, compliance awareness, and risk management. SB-CSS follows security and privacy practices aligned with SOC 2 Trust Services Criteria, PCI-DSS requirements, and applicable global data protection standards. We design our systems with a security-first and privacy-by-design approach, limiting data collection to what is necessary for service delivery and business operations, and safeguarding information through access controls, encryption, and operational oversight. SB-CSS serves clients globally while maintaining compliance-focused governance appropriate for regulated industries and international users. Our website address is: https://smallbusinesscss.com.

Comments

When visitors leave comments on the Small Business Cyber Security Services (SB-CSS) website, we collect the information shown in the comments form, along with the visitor’s IP address and browser user agent string, to help detect spam, abuse, and security threats. Comments and related metadata may be processed and stored within our WordPress-based platform and associated security and moderation tools. SB-CSS does not request or store payment card information through comment functionality, and users should not submit sensitive or confidential information in comments. Access to comment data is restricted to authorized personnel and protected using industry-standard security controls consistent with SOC 2 Trust Services Criteria, PCI-DSS requirements, and applicable global data protection regulations.

Media

If you upload images, documents, or other media to the Small Business Cyber Security Services (SB-CSS) website, you should avoid including embedded location data (such as EXIF GPS) or other unnecessary sensitive information. Media uploaded to SB-CSS systems may be stored, processed, and accessed within our WordPress-based platform and supporting service providers for the purpose of delivering services, providing support, or maintaining business operations. SB-CSS restricts access to uploaded media to authorized personnel and approved service providers and protects stored media using industry-standard security controls, including access management and encryption where appropriate. SB-CSS does not use uploaded media to collect payment card data, and all payment-related processing remains subject to PCI-DSS–compliant payment processors. Media handling practices are governed by security and operational controls consistent with SOC 2 Trust Services Criteria and applicable global data protection requirements.

Cookies

Small Business Cyber Security Services (SB-CSS) uses cookies and similar technologies on its WordPress-based website to support core site functionality, enhance user experience, analyze performance, and maintain security. Cookies may be set by SB-CSS or by trusted third-party service providers that assist with hosting, analytics, security monitoring, and service delivery. SB-CSS does not use cookies to collect sensitive personal information, payment card data, or authentication credentials, and payment processing is handled by PCI-DSS–compliant payment processors outside of SB-CSS systems. Where required by applicable laws, users may manage cookie preferences through browser settings or consent tools. All cookie usage is governed by access controls and security practices consistent with SOC 2 Trust Services Criteria, PCI-DSS requirements, and applicable global data protection regulations.

Embedded content from other websites

Pages on the Small Business Cyber Security Services (SB-CSS) website may include embedded content (such as videos, maps, forms, widgets, or third-party tools). Embedded content from other websites behaves in the same way as if you had visited the originating website directly. These third-party sites may collect data about you, use cookies or similar technologies, embed additional tracking, and monitor your interaction with that content in accordance with their own privacy policies and practices. SB-CSS does not control how third-party websites process data and does not receive payment card information through embedded content. Where embedded services are used to support business operations, SB-CSS selects reputable providers and implements reasonable safeguards consistent with SOC 2 Trust Services Criteria and PCI-DSS requirements. Users are encouraged to review the privacy policies of any third-party websites they interact with through embedded content.

Who we share your data with

Small Business Cyber Security Services (SB-CSS) does not sell, rent, or monetize customer data. We only share limited information on a strict need-to-know basis and solely to operate our business and deliver requested services. This may include sharing data with trusted service providers for purposes such as secure payment processing, hosting and infrastructure operations, customer communications, analytics, and AI-assisted support functionality.

SB-CSS uses reputable third-party providers (including payment processors, cloud hosting platforms, and AI technology vendors) that are contractually obligated to safeguard data, maintain appropriate security controls, and process information only in accordance with our instructions and applicable laws. All sensitive data is protected using industry-standard encryption, access controls, and security practices consistent with SOC 2 Trust Services Criteria and PCI-DSS requirements. Access to data is restricted to authorized personnel and approved service providers necessary to support business operations, compliance obligations, and service delivery.

How long we retain your data

Small Business Cyber Security Services (SB-CSS) retains personal and business data only for as long as necessary to provide services, operate our WordPress-based platform, meet contractual obligations, comply with legal and regulatory requirements, and support security, audit, and dispute-resolution needs. Data stored within WordPress, integrated plugins, and connected service providers is periodically reviewed and either securely deleted or anonymized when it is no longer required for legitimate business purposes. Payment-related data is retained only as permitted by PCI-DSS–compliant payment processors and is not stored on SB-CSS systems unless required for lawful operational or compliance reasons. Access to retained data is restricted, monitored, and protected using industry-standard security controls consistent with SOC 2 Trust Services Criteria and PCI-DSS requirements.

What rights you have over your data

Small Business Cyber Security Services (SB-CSS) respects the privacy rights of individuals and business clients worldwide. Subject to applicable laws and contractual obligations, you may request access to, correction of, or deletion of your personal data that SB-CSS processes in connection with our services. You may also request information about how your data is used or shared, or request restrictions on certain processing activities where permitted by law. To protect security and prevent unauthorized access, SB-CSS may verify your identity before fulfilling any request and may retain certain information as required to comply with legal, regulatory, audit, security, or PCI-DSS obligations. Requests are evaluated and handled in accordance with applicable global data protection laws, SOC 2 Trust Services Criteria, and industry-standard security practices.

Where your data is sent

Small Business Cyber Security Services (SB-CSS) processes and stores data using a WordPress-based platform and may transmit limited information to trusted service providers that support essential business operations such as secure hosting, payment processing, customer communications, analytics, and AI-assisted functionality. These service providers may operate in the United States or other countries where data protection laws may differ from those in your jurisdiction. SB-CSS takes reasonable steps to ensure that any cross-border data transfers are conducted using appropriate safeguards, contractual protections, and security controls consistent with SOC 2 Trust Services Criteria, PCI-DSS requirements, and applicable global data protection regulations. SB-CSS does not intentionally transfer payment card data outside of PCI-DSS–compliant payment processors, and access to transmitted data is limited to what is necessary to operate and secure our services.

AI Einstein Chat Privacy Notice

AI Einstein is here to assist—not to collect sensitive data.
Please do not share passwords, payment card numbers, Social Security numbers, or other confidential information in this chat.

Conversations may be processed and temporarily logged to provide responses, improve service quality, and support security and compliance monitoring. Chat data is not sold and is handled in accordance with SB-CSS privacy and security standards.

By using SB-CSS chat, you agree to SBCSS’s Privacy Policy and Terms of Service.

Terms of Service

By accessing or using the Small Business Cyber Security Services (SBCSS) website, platform, or services, you agree to comply with our Terms of Service and all applicable laws and regulations. SBCSS provides its services on an “as available” basis and reserves the right to modify, suspend, or discontinue any part of the platform to maintain security, compliance, or operational integrity. Users are responsible for using SBCSS services in a lawful manner and for safeguarding their account credentials and access. SBCSS implements administrative, technical, and operational controls aligned with SOC 2 Trust Services Criteria and PCI-DSS requirements, but no system can be guaranteed to be completely secure. Payment-related services are governed by PCI-DSS–compliant payment processors, and use of SBCSS services constitutes acknowledgment of these terms and our related policies, including privacy and security practices.

Privacy Policy

Small Business Cyber Security Services (SBCSS) is committed to protecting the privacy and security of personal and business information entrusted to us. This Privacy Policy explains how SBCSS collects, uses, processes, stores, and safeguards data through our WordPress-based platform and related services. We follow a privacy-by-design and security-first approach, limiting data collection to what is necessary to operate our services, fulfill contractual obligations, and comply with legal and regulatory requirements. SBCSS implements administrative, technical, and operational controls aligned with SOC 2 Trust Services Criteria, PCI-DSS requirements, and applicable global data protection laws. By using SBCSS services, you acknowledge and agree to the data practices described in this Privacy Policy and related governance documents.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by