1. Introduction

 

This Privacy Policy describes how [Company Name] ("we," "us," "our," or "Company") collects, uses, discloses, and otherwise processes personal information in connection with our cybersecurity services, secure business application development, and related offerings (collectively, the "Services"). We are committed to protecting your privacy and ensuring you have a positive experience on our website and when using our Services.

​

2. Scope

​

This Privacy Policy applies to:

• Information collected through our website and online platforms

• Information collected when you use our Services

• Information shared with us by clients, business partners, and service providers

• Information collected through marketing and communications activities

​

3. Information We Collect

​

3.1 Information You Provide Directly

​

Business Contact Information: Name, job title, company name, business email, phone number, and mailing address.

Account Information: Username, password, and authentication credentials when you register for our Services or portals.

Service-Related Information: Details about your organization's security requirements, infrastructure, systems, and compliance needs necessary to deliver our Services.

​

Communication Data: Content of emails, messages, support tickets, and communications you send us.

Transaction Information: Billing address, payment method details, invoice information, and purchase history (processed securely by third-party payment processors).

Content You Upload: Files, documents, code, configurations, or other materials you provide for security assessments, development, testing, or analysis.

​

3.2 Information Collected Automatically

 

Log Data: IP address, browser type, operating system, pages visited, time spent, and referring URL.

​

Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to enhance user experience and gather usage analytics.

​

Device Information: Device type, unique device identifiers, and mobile network information.

​

Behavioral Data: Interactions with our website and Services, feature usage, and click-stream data.

​

3.3 Information from Third Parties

​

Business Partners: Information shared by resellers, partners, and affiliates.

Service Providers: Data from payment processors, hosting providers, analytics services, and communication platforms.

Publicly Available Sources: Information from public databases, industry directories, and business registries to enhance our Services.

​

4. How We Use Your Information

​

We use collected information for the following purposes:

• Delivering Services: Providing cybersecurity assessments, threat detection, vulnerability management, secure application development, testing, and deployment.

• Security Operations: Monitoring systems, detecting threats, responding to incidents, and maintaining system integrity.

• Account Management: Creating and managing accounts, authentication, and access control.

• Billing and Payments: Processing payments, issuing invoices, and managing financial records.

• Communication: Responding to inquiries, providing customer support, and sending service-related notices.

• Improvements: Analyzing usage patterns to improve our Services, products, and website functionality.

• Compliance: Meeting legal, regulatory, and contractual obligations.

• Marketing: Sending marketing communications, promotional offers, and product updates (with appropriate consent).

• Fraud Prevention: Detecting, investigating, and preventing fraudulent or unauthorized activity.

• Business Operations: Personnel management, vendor management, and internal analytics.

​

5. Legal Bases for Processing

We process personal information based on the following legal grounds:

• Contract Performance: Processing necessary to perform Services you've engaged us for.

• Legal Obligation: Compliance with applicable laws, regulations, and legal process.

• Legitimate Interests: Our business interests in providing quality Services, improving operations, and ensuring security.

• Consent: Where you've explicitly agreed to specific processing activities.

• Vital Interests: Protection of health, safety, or critical security interests.

​

6. Information Sharing and Disclosure

​

6.1 When We Share Information

 

Service Providers: Trusted third parties (hosting providers, payment processors, analytics services) who assist in delivering Services. We require these providers to maintain appropriate confidentiality and security.

 

Business Partners: Authorized resellers and integration partners as necessary to deliver Services.

Legal Requirements: Law enforcement, government agencies, and courts when required by law, subpoena, court order, or legal process.

 

Security Incidents: Relevant parties when necessary to address security breaches, fraud, or unauthorized access.

Business Transitions: Acquirers or successors in case of merger, acquisition, bankruptcy, or sale of assets.

With Consent: Other third parties with your explicit authorization.

​

6.2 Information We Don't Share

​

We do not sell personal information to third parties for marketing purposes. We do not share sensitive client data, proprietary information, or detailed security findings beyond what is necessary to deliver Services.

​

7. Data Security

 

We implement comprehensive security measures including:

• Encryption of data in transit (TLS/SSL) and at rest (AES-256 or equivalent)

• Role-based access controls and authentication mechanisms

• Regular security assessments and penetration testing

• Secure development practices and code review processes

• Employee access controls and background screening

• Incident response and breach notification procedures

• Compliance with industry standards (ISO 27001, SOC 2, NIST)

 

However, no security system is impenetrable. We cannot guarantee absolute security of your information.

​

8. Data Retention

​

We retain personal information for as long as necessary to:

• Deliver Services and fulfill contractual obligations

• Maintain business records and financial accounts

• Comply with legal and regulatory requirements

• Resolve disputes and enforce agreements

​

When information is no longer needed, we securely delete or anonymize it. Some information may be retained longer if required by law or for legitimate business purposes.

​

9. Your Privacy Rights

​

Depending on your location, you may have the following rights:

Access: Request access to personal information we hold about you.

Correction: Request correction of inaccurate or incomplete information.

Deletion: Request deletion of personal information (subject to legal and contractual requirements).

Portability: Request a portable copy of your personal information in a structured, machine-readable format.

Opt-Out: Unsubscribe from marketing communications or request restrictions on certain processing activities.

Objection: Object to certain processing on the basis of legitimate interests.

Rights Related to Automated Decision-Making: Request human review of decisions made by automated systems.

To exercise these rights, contact us at privacy@dxocybersecurity.com. We will respond to verified requests within the timeframe required by applicable law.

​

10. International Data Transfers

 

Our Services may involve transferring personal information internationally, including to countries with different data protection standards. When we transfer information internationally, we implement appropriate safeguards such as Standard Contractual Clauses, adequacy decisions, or your explicit consent.

​

11. Children's Privacy

​

Our Services are not directed to individuals under 18 years old. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information promptly.

​

12. Third-Party Links

​

Our website and communications may contain links to third-party websites and services. We are not responsible for the privacy practices of these external sites. Please review their privacy policies before sharing information with them.

​

13. Cookies and Tracking Technologies

​

We use cookies and similar technologies for:

• Authentication and security

• User preferences and session management

• Analytics and performance monitoring

• Marketing and personalization

 

You can control cookie preferences through your browser settings. Opting out may affect functionality of our website.

​

14. California Privacy Rights (CCPA/CPRA)

 

If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act, including the right to know, delete, opt-out of sale or sharing, and opt-out of profiling. To submit a request, contact us at privacy@dxocybersecurity.com.

​

15. European Privacy Rights (GDPR)

​

If you are located in the European Union or United Kingdom, you have rights under the General Data Protection Regulation and UK Data Protection Act. These include the rights listed in Section 9 above. Our legal basis for processing is detailed in Section 5. To exercise your rights, contact our Data Protection Officer at dpo@dxocybersecurity.com.

​

16. Changes to This Privacy Policy

​

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of our Services constitutes acceptance of the updated Privacy Policy.

​

17. Contact Information

​

For questions, requests, or concerns about this Privacy Policy or our privacy practices:

 

Privacy Inquiries
Email: privacy@dxocybersecurity.com
Mailing Address: 11F Triumph Square Bldg. 1618 Quezon Avenue, South Triangle, Quezon City, Philippines
Phone: +63 28 2484731  |  +63 921 431 9490

Data Protection Officer (if applicable)
Email: dpo@dxocybersecurity.com

​

Regulatory Complaints
You have the right to lodge a complaint with your local data protection authority or regulatory agency.

This privacy policy is provided for informational purposes. Please consult with legal counsel to ensure compliance with applicable laws in your jurisdiction.