Legal Documentation

Privacy Policy

Last Updated: 2026-01-01

At Crooksec Intelligence, your privacy is protected under the same rigorous standards we apply to our clients' security posture. This policy outlines what data we collect, why we collect it, and how it is safeguarded.

01 / Data We Collect

We collect only the data necessary to provide our cybersecurity services and deliver an optimal user experience. This includes:

  • Identity Data: Name, email address, company name, and job title submitted through our contact and onboarding forms.
  • Technical Data: IP address, browser type, operating system, and device information collected automatically during site visits.
  • Usage Data: Pages visited, time on site, referral sources, and interaction events (clicks, scrolls) used for service improvement.
  • Engagement Telemetry: For active service clients, system logs, scan reports, and incident telemetry are collected under a separate Data Processing Agreement (DPA).

02 / How We Use Your Data

Your data is used exclusively for the following operational purposes:

  • To deliver, manage, and improve our cybersecurity services and platform.
  • To respond to inquiries, support requests, and consultation bookings.
  • To send security advisories, platform updates, and service notifications (you may opt out at any time).
  • To conduct internal analytics and improve our threat intelligence models.
  • To comply with legal obligations, including law enforcement requests where required by applicable law.

We never sell, rent, or trade your personal data to third parties for marketing purposes.

03 / Data Security

As a cybersecurity company, data protection is not a checkbox — it is core to our identity. All data at rest is encrypted using AES-256. Data in transit is protected by TLS 1.3. Access to personal data within our systems is role-based, logged, and audited quarterly by our internal red team. Our infrastructure undergoes continuous penetration testing and is ISO 27001 aligned.

04 / Your Rights

Under applicable data protection regulations (GDPR, CCPA), you have the following rights:

Access — request a copy of your personal data.
Rectification — correct inaccurate data.
Erasure — request deletion of your data ("right to be forgotten").
Restriction — limit how we process your data.
Portability — receive your data in a machine-readable format.
Objection — object to certain types of processing.

To exercise any of these rights, contact our Data Protection Officer at: dpo@crooksec.io

05 / Cookies

We use essential cookies to ensure the site functions correctly, and optional analytics cookies to improve your experience. You can manage your cookie preferences via our Cookie Policy page. Third-party analytics are anonymised and do not expose personally identifiable information.

06 / Contact & Updates

This policy may be updated periodically. Material changes will be communicated via email to registered clients. For privacy inquiries, contact privacy@crooksec.io or visit our Contact Page.