The Defense Compliance ReportCMMC 2.0 & the Defense Industrial Base
Find your CMMC path
Privacy Policy

Privacy Policy

How we collect, use, share, and protect information on this site.

The Defense Compliance Report Editorial TeamIndependent CMMC and DIB compliance research
Published: Last reviewed:
Editorial research — not formally reviewed by a CMMC Subject Matter Advisor. Verify scope and applicability with a Registered Practitioner before acting.

This policy describes information practices on thedefensecompliancereport.com. It is provided for transparency and is not legal advice. Consult counsel for compliance-specific guidance.

Information we collect

We collect information you submit through our lead-capture forms (Get Matched, Request Information, Request a Quote, Contact), newsletter signups, and any other voluntary submissions. Typical fields include name, work email, company name, role, CMMC level required, employee count, current compliance state, DoD contract status, preferred timeline, cloud environment, and free-text notes you provide.

We also collect standard web analytics through Google Analytics 4 and Microsoft Clarity — page views, referring URLs, device and browser information, approximate location derived from IP address, and on-page interaction events such as CTA clicks. We do not collect names or work-email addresses through analytics.

How we use information

Lead-capture submissions are used to match you with CMMC solution providers that fit the level, scope, and timeline you described, and to send our weekly briefing if you opted in. Newsletter signups are used to send the weekly briefing and related editorial communications. Analytics are used to understand audience and improve coverage.

Lead-data sharing

When you submit a "Get Matched," "Request Information," or "Request a Quote" form, the data you submit is shared with one or more CMMC solution providers we match to your scope. Providers respond to you directly. We do not sell your information to third parties. Retention is the shorter of (a) the period reasonably necessary to fulfill the matching and referral, (b) the period required by applicable law, or (c) three years from submission, after which records are deleted or anonymized.

Cookies and similar technologies

We use first-party cookies for site functionality and third-party cookies for analytics. You can disable cookies in your browser; some site functions (such as form submissions) may be affected. We do not currently use third-party advertising cookies.

Your rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of your personal information, and to object to processing or request data portability. Residents of California (CCPA/CPRA), Colorado (CPA), Virginia (VCDPA), Connecticut (CTDPA), and the European Union / EEA (GDPR) have specific statutory rights. To exercise a right, contact us via the contact page.

Children

This site is intended for working professionals and is not directed to children under 16.

Security

We apply commercially reasonable safeguards to lead-capture and newsletter data. No internet transmission is fully secure; submissions are made at your own discretion.

Updates to this policy

We may update this policy from time to time. The effective date is the Last Reviewed date in the byline above.

Contact

Privacy questions can be sent via the contact page or to editorial@thedefensecompliancereport.com.