logo
logo

Privacy Policy for CYBERSEC

Last Updated: August 22, 2025

1. Introduction

Welcome to CYBERSEC. We are a leading provider of API security solutions delivered through our Software-as-a-Service (SaaS) platform ("Platform"). Protecting our customers' and visitors' privacy and data is a cornerstone of our mission.

This Privacy Policy explains how we collect, use, process, and disclose your information across our public website (https://www.cybersec.enterprises), our Platform, and other related services (collectively, the "Services"). It also outlines your privacy rights and how the law protects you.

This policy distinguishes between:

  • Visitor Data: Information collected from visitors to our public website.
  • Customer Data: Information we process on behalf of our customers through our Platform.

2. Information We Collect

We collect information to provide and improve our Services, for security purposes, and to communicate with you.

2.1. Information You Provide to Us:

  • Contact and Business Information: When you request a demo, contact sales, or register for content, we collect your name, email address, phone number, company name, and job title.
  • Account Information: When you subscribe to our Platform, we collect information needed to create and manage your account, including user credentials (usernames, hashed passwords), contact details, and role-based access information.
  • Payment Information: For paying customers, we collect billing details and payment information, which is securely processed by our third-party payment processors.
  • Support and Communication: If you contact us for support or other inquiries, we will collect the information you provide in your communications.

2.2. Information We Collect Automatically:

  • Website Usage Data: When you browse our website, we automatically collect information like your IP address, browser type, device information, pages visited, and referring URLs using cookies and similar tracking technologies.
  • Platform Usage Metadata: When you use our Platform, we collect metadata about your activity, such as login times, features used, user interactions, and performance metrics. This helps us improve our service and provide support.

2.3. Customer Data Processed by Our Platform:

As an API security provider, our Platform is designed to analyze your API traffic to identify threats and vulnerabilities. The data we process on your behalf may include API metadata, payloads, parameters, and authentication tokens.

For this Customer Data, CYBERSEC acts as a Data Processor, and you, our customer, act as the Data Controller. We process this data strictly based on your instructions and our contractual agreement to provide the security services. We treat all Customer Data as highly confidential and secure.

3. How We Use Your Information

Your information is used for specific, legitimate purposes:

  • To Provide and Maintain Our Services: To operate our Platform, authenticate users, process transactions, and maintain security.
  • To Analyze API Security: To process Customer Data to detect threats, anomalies, and vulnerabilities, and to provide you with security alerts and reporting.
  • To Improve Our Services: To analyze usage trends to enhance our Platform and develop new features. We may use anonymized and aggregated Customer Data for threat intelligence.
  • For Communication: To send you service-related updates, security alerts, invoices, and support messages, as well as marketing communications you can opt-out of.
  • For Security and Compliance: To prevent fraud, investigate incidents, and comply with legal obligations.

4. Sharing and Disclosure of Information

We do not sell your personal data. We may share information under the following limited circumstances:

  • Service Providers (Sub-processors): With third-party companies that perform services on our behalf, like cloud hosting and payment processing, under strict data protection terms.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets.
  • Legal Requirements: If required by law or to protect our legal rights.
  • With Your Consent: We may share information with third parties when we have your explicit consent.

5. Data Security

As a security company, we are committed to robust data protection. We implement advanced technical and organizational measures to protect your information, including:

  • Encryption: Data is encrypted in transit using TLS and at rest.
  • Access Control: We enforce the principle of least privilege for all data access.
  • Infrastructure Security: Our infrastructure is regularly monitored, audited, and hardened against vulnerabilities.
  • Incident Response: We maintain a comprehensive incident response plan to address any potential data breaches.

6. Our Commitment to Security and Incident Response

Helping you secure your APIs is our primary mission. This commitment is reflected in our operational practices and the service levels we provide.

  • Proactive Security: We continuously monitor our Platform for threats and vulnerabilities to ensure the integrity and availability of our services and your data.
  • Incident Detection and Response: We maintain a 24/7 security monitoring and incident response capability. In the event of a security incident, our team will act swiftly to contain the threat and mitigate harm.
  • Transparent Communication: In the event of a data breach that impacts your data, we are committed to providing timely and clear notification in accordance with our legal and contractual obligations.

While this policy outlines our commitment, the specific metrics of our Security Service Level Agreements (SLAs) are detailed in the Master Service Agreement (MSA) for subscribed customers. You can review our standard SLA document here.

7. Your Privacy Rights

Depending on your jurisdiction (e.g., GDPR, CCPA), you may have rights to access, rectify, erase, or restrict the processing of your personal information.

To exercise these rights, please contact us at privacy@cybersec.enterprises.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws by using appropriate safeguards, such as Standard Contractual Clauses.

10. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of any significant changes by posting the new policy on this page and updating the "Last Updated" date.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us: