Qualysec

PRIVACY POLICY

Qualysec values your privacy and is committed to safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our penetration testing services.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide, including:

  • Full Name
  • Business Email Address
  • Contact Number
  • Company Name
  • Designation or Job Title
  • Billing and Payment Information
  • Communication Preferences
  • Information submitted through contact forms, surveys, or support requests

2.2 Technical Information

When you visit our website, we may automatically collect:

  • IP Address
  • Browser Type and Version
  • Operating System
  • Device Information
  • Referring URLs
  • Website Usage Data
  • Access Times and Dates
  • Geographic Location (Approximate)
  • Log Files and Analytics Data

2.3 Client Security Data

During the delivery of cybersecurity services, we may receive access to:

  • Network Information
  • System Configurations
  • Application Data
  • Security Logs
  • Vulnerability Assessment Results
  • Penetration Testing Findings
  • Compliance Documentation

Such information is processed solely for the purpose of providing contracted services and remains the property of the client.

3. Purpose of Data Collection

We collect and process information for legitimate business purposes, including:

Service Delivery

  • Providing cybersecurity assessments and consulting services.
  • Managing client engagements and projects.
  • Delivering reports and remediation recommendations.

Communication

  • Responding to inquiries and support requests.
  • Providing project updates and service notifications.
  • Scheduling meetings, demonstrations, and consultations.

Business Operations

  • Managing contracts and billing.
  • Conducting internal audits and quality assurance.
  • Maintaining business records.

Marketing and Promotions

  • Sending newsletters, industry updates, event invitations, and promotional content.
  • Conducting market research and customer satisfaction surveys.

You may opt out of marketing communications at any time.

Legal Compliance

  • Complying with applicable laws and regulations.
  • Enforcing contractual obligations.
  • Protecting our legal rights and interests.

4. Legal Basis for Processing

Where applicable under data protection laws, we process personal data based on:

  • Consent
  • Contractual Necessity
  • Legitimate Business Interests
  • Legal and Regulatory Obligations
  • Protection of Vital Interests

5. Sharing and Disclosure of Information

Qualysec does not sell, rent, or trade personal information.

We may share information only in the following circumstances:

5.1 Authorized Service Providers

We may engage trusted third-party providers for:

  • Cloud Hosting
  • Email Services
  • Analytics Platforms
  • CRM Systems
  • Payment Processing
  • Customer Support Tools

These providers are contractually obligated to protect data and use it only for authorized purposes.

5.2 Legal Requirements

We may disclose information when required by:

  • Applicable Laws
  • Court Orders
  • Government Authorities
  • Regulatory Bodies

or when necessary to:

  • Protect Legal Rights
  • Investigate Fraud
  • Prevent Security Incidents
  • Enforce Agreements

5.3 Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, information may be transferred as part of the transaction, subject to confidentiality obligations.

6. Data Retention

We retain personal information only for as long as necessary to:

  • Fulfill contractual obligations
  • Provide services
  • Comply with legal requirements
  • Resolve disputes
  • Enforce agreements

When information is no longer required, it will be securely deleted, anonymized, or archived according to applicable laws.

7. Data Security

As a cybersecurity company, we implement industry-standard administrative, technical, and physical safeguards to protect information, including:

  • Encryption of Data in Transit and at Rest
  • Access Control Mechanisms
  • Multi-Factor Authentication
  • Security Monitoring
  • Vulnerability Management
  • Secure Backup Procedures
  • Employee Confidentiality Obligations

While we strive to protect information, no electronic transmission or storage system can be guaranteed to be 100% secure.

8. International Data Transfers

  • Your information may be processed or stored in countries other than your own where our service providers operate.
  • Where required, we implement appropriate safeguards to ensure adequate protection of personal data during international transfers.

9. Cookies and Tracking Technologies

Our website may use:

  • Essential Cookies
  • Performance Cookies
  • Analytics Cookies
  • Functional Cookies
  • Marketing Cookies

These technologies help us:

  • Improve website functionality
  • Analyze website traffic
  • Enhance user experience
  • Measure marketing effectiveness

Users may control cookie settings through their browser preferences.

10. Your Privacy Rights

Subject to applicable laws, you may have the right to:

Access

Request a copy of the personal information we hold about you.

Rectification

Request correction of inaccurate or incomplete information.

Deletion

Request deletion of your personal data where legally permissible.

Restriction

Request limitation of processing activities.

Objection

Object to certain types of processing.

Data Portability

Request transfer of your information in a structured format where applicable.

Withdrawal of Consent

Withdraw previously provided consent at any time.

To exercise these rights, please contact us using the details below.

11. Third-Party Websites

Our website may contain links to third-party websites, services, or resources.

We are not responsible for the privacy practices, content, or security of external websites. Users are encouraged to review the privacy policies of those third parties.

12. Confidentiality of Security Assessments

All vulnerability findings, penetration testing results, audit reports, source code reviews, and security-related information shared with Qualysec are treated as confidential.

Such information will not be disclosed to any third party without the client's written consent unless required by law.

13. Compliance with Applicable Laws

Qualysec endeavors to comply with applicable privacy and data protection laws, including but not limited to:

  • Digital Personal Data Protection Act, 2023 (India)
  • General Data Protection Regulation (GDPR), where applicable
  • Applicable cybersecurity and data protection regulations

14. Changes to this Privacy Policy

  • We reserve the right to update, modify, or revise this Privacy Policy at any time.
  • Updated versions will be published on this page with the revised "Last Updated" date.
  • Continued use of our website or services after changes become effective constitutes acceptance of the revised Privacy Policy.

15. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Qualysec Technologies
Address: 302, 3rd Floor, NSIC-IMDC Dharampad Bhawan, Mancheswar Industrial Estate, Bhubaneswar-751010
Phone no: +91 86586 63664
Email id: sales@qualysec.com
For more information, please visit our website at Qualysec.