Privacy Policy
Last updated: March 2025. We are committed to protecting your privacy and handling your data responsibly.
1. Introduction
CyberAlpha ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or engage our cybersecurity services. We handle all data with the highest standards of confidentiality and in compliance with applicable privacy regulations including GDPR and other data protection laws.
2. Information We Collect
We may collect the following categories of information: (a) Contact Information: name, email address, phone number, company name, and job title when you submit an inquiry or engage our services; (b) Technical Information: IP address, browser type, operating system, and website usage data collected through standard web analytics; (c) Service-related Information: information you provide during the course of a cybersecurity engagement, which may include network diagrams, system inventories, and organizational details required for scoping; (d) Communications: records of correspondence when you contact us via email, contact forms, or phone.
3. How We Use Your Information
We use the information we collect to: provide, manage, and deliver our cybersecurity services; communicate with you regarding your inquiries, engagements, and deliverables; process payments and manage billing; improve our website, services, and client experience; send relevant updates, security advisories, or newsletters (with your consent); comply with legal and regulatory obligations; and detect and prevent fraud, unauthorized access, and other security threats.
4. Data Sharing and Disclosure
CyberAlpha does not sell, rent, or trade your personal information. We may share your data only in the following circumstances: (a) Service partners who assist in delivering our services, bound by strict confidentiality agreements; (b) Legal obligations — when required by law, regulation, court order, or governmental authority; (c) Business transfers — in the event of a merger, acquisition, or sale of all or a portion of our assets, where data protection commitments will be maintained; (d) With your explicit consent for any other purpose not listed here.
5. Data Security
As a cybersecurity company, data security is at the core of everything we do. We implement industry-leading technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption in transit and at rest, access controls, multi-factor authentication, regular security assessments of our own systems, and strict internal data handling policies. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
6. Data Retention
We retain personal information only as long as necessary for the purposes for which it was collected, to fulfill our legal obligations, and to resolve disputes. Engagement-related data is typically retained for a period of five (5) years following project completion to support clients with follow-up queries, re-testing, and audit requirements. Website analytics data is retained for a maximum of 24 months. Upon request, we will delete or anonymize your personal data subject to applicable retention requirements.
7. Cookies and Tracking
Our website uses essential cookies required for basic functionality, and may use analytics cookies to understand how visitors interact with our site. We do not use cookies for advertising or cross-site tracking. You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our website.
8. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data: the right to access the personal data we hold about you; the right to request correction of inaccurate data; the right to request deletion of your data ("right to be forgotten"); the right to restrict or object to certain processing activities; the right to data portability; and the right to withdraw consent at any time. To exercise any of these rights, please contact us at privacy@cyberalpha.com.
9. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party sites you visit.
10. Children's Privacy
Our services are intended for business professionals and enterprises. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have collected personal data from a minor, we will take immediate steps to delete that information.
11. International Data Transfers
If you are located outside the country where our servers are based, your information may be transferred across international borders. When we transfer personal data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or other legally recognized mechanisms, to protect your data in accordance with applicable law.
12. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of our website or services after such changes constitutes acceptance of the updated Privacy Policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection team at: privacy@cyberalpha.com or through our Contact page. We aim to respond to all privacy inquiries within 5 business days.