Qualysec values your privacy and is committed to safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our penetration testing services.
2. Information We Collect
2.1 Personal Information
We may collect personal information that you voluntarily provide, including:
- Full Name
- Business Email Address
- Contact Number
- Company Name
- Designation or Job Title
- Billing and Payment Information
- Communication Preferences
- Information submitted through contact forms, surveys, or support requests
2.2 Technical Information
When you visit our website, we may automatically collect:
- IP Address
- Browser Type and Version
- Operating System
- Device Information
- Referring URLs
- Website Usage Data
- Access Times and Dates
- Geographic Location (Approximate)
- Log Files and Analytics Data
2.3 Client Security Data
During the delivery of cybersecurity services, we may receive access to:
- Network Information
- System Configurations
- Application Data
- Security Logs
- Vulnerability Assessment Results
- Penetration Testing Findings
- Compliance Documentation
Such information is processed solely for the purpose of providing contracted services and remains the property of the client.
3. Purpose of Data Collection
We collect and process information for legitimate business purposes, including:
Service Delivery
- Providing cybersecurity assessments and consulting services.
- Managing client engagements and projects.
- Delivering reports and remediation recommendations.
Communication
- Responding to inquiries and support requests.
- Providing project updates and service notifications.
- Scheduling meetings, demonstrations, and consultations.
Business Operations
- Managing contracts and billing.
- Conducting internal audits and quality assurance.
- Maintaining business records.
Marketing and Promotions
- Sending newsletters, industry updates, event invitations, and promotional content.
- Conducting market research and customer satisfaction surveys.
You may opt out of marketing communications at any time.
Legal Compliance
- Complying with applicable laws and regulations.
- Enforcing contractual obligations.
- Protecting our legal rights and interests.
4. Legal Basis for Processing
Where applicable under data protection laws, we process personal data based on:
- Consent
- Contractual Necessity
- Legitimate Business Interests
- Legal and Regulatory Obligations
- Protection of Vital Interests
5. Sharing and Disclosure of Information
Qualysec does not sell, rent, or trade personal information.
We may share information only in the following circumstances:
5.1 Authorized Service Providers
We may engage trusted third-party providers for:
- Cloud Hosting
- Email Services
- Analytics Platforms
- CRM Systems
- Payment Processing
- Customer Support Tools
These providers are contractually obligated to protect data and use it only for authorized purposes.
5.2 Legal Requirements
We may disclose information when required by:
- Applicable Laws
- Court Orders
- Government Authorities
- Regulatory Bodies
or when necessary to:
- Protect Legal Rights
- Investigate Fraud
- Prevent Security Incidents
- Enforce Agreements
5.3 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets, information may be transferred as part of the transaction, subject to confidentiality obligations.
6. Data Retention
We retain personal information only for as long as necessary to:
- Fulfill contractual obligations
- Provide services
- Comply with legal requirements
- Resolve disputes
- Enforce agreements
When information is no longer required, it will be securely deleted, anonymized, or archived according to applicable laws.
7. Data Security
As a cybersecurity company, we implement industry-standard administrative, technical, and physical safeguards to protect information, including:
- Encryption of Data in Transit and at Rest
- Access Control Mechanisms
- Multi-Factor Authentication
- Security Monitoring
- Vulnerability Management
- Secure Backup Procedures
- Employee Confidentiality Obligations
While we strive to protect information, no electronic transmission or storage system can be guaranteed to be 100% secure.
8. International Data Transfers
- Your information may be processed or stored in countries other than your own where our service providers operate.
- Where required, we implement appropriate safeguards to ensure adequate protection of personal data during international transfers.
9. Cookies and Tracking Technologies
Our website may use:
- Essential Cookies
- Performance Cookies
- Analytics Cookies
- Functional Cookies
- Marketing Cookies
These technologies help us:
- Improve website functionality
- Analyze website traffic
- Enhance user experience
- Measure marketing effectiveness
Users may control cookie settings through their browser preferences.
10. Your Privacy Rights
Subject to applicable laws, you may have the right to:
Access
Request a copy of the personal information we hold about you.
Rectification
Request correction of inaccurate or incomplete information.
Deletion
Request deletion of your personal data where legally permissible.
Restriction
Request limitation of processing activities.
Objection
Object to certain types of processing.
Data Portability
Request transfer of your information in a structured format where applicable.
Withdrawal of Consent
Withdraw previously provided consent at any time.
To exercise these rights, please contact us using the details below.
11. Third-Party Websites
Our website may contain links to third-party websites, services, or resources.
We are not responsible for the privacy practices, content, or security of external websites. Users are encouraged to review the privacy policies of those third parties.
12. Confidentiality of Security Assessments
All vulnerability findings, penetration testing results, audit reports, source code reviews, and security-related information shared with Qualysec are treated as confidential.
Such information will not be disclosed to any third party without the client's written consent unless required by law.
13. Compliance with Applicable Laws
Qualysec endeavors to comply with applicable privacy and data protection laws, including but not limited to:
- Digital Personal Data Protection Act, 2023 (India)
- General Data Protection Regulation (GDPR), where applicable
- Applicable cybersecurity and data protection regulations
14. Changes to this Privacy Policy
- We reserve the right to update, modify, or revise this Privacy Policy at any time.
- Updated versions will be published on this page with the revised "Last Updated" date.
- Continued use of our website or services after changes become effective constitutes acceptance of the revised Privacy Policy.
15. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
Qualysec Technologies
Address: 302, 3rd Floor, NSIC-IMDC Dharampad Bhawan, Mancheswar Industrial Estate, Bhubaneswar-751010
Phone no: +91 86586 63664
Email id: sales@qualysec.com
For more information, please visit our website at Qualysec.