Privacy Policy
Effective Date: March 29, 2026
1. Data Collection
We only collect minimal corporate information required to initiate security assessments. This includes corporate email addresses and scoped technical hostnames. We do not sell or share this data with third parties.
2. Secure Handling
All engagement data, vulnerabilities discovered, and proof-of-concept (PoC) material are stored on air-gapped or encrypted systems with strictly controlled access. We use AES-256 encryption at rest and TLS 1.3 in transit.
3. Data Retention
Reports and evidence trails are retained for the duration required by regional compliance (e.g., RBI/ISO) and are securely purged upon client request or termination of engagement.