Privacy Policy

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide when you:

• Request security testing: Name, company name, email address, phone number
• Contact us: Name, email address, any information in your message
• Report vulnerabilities: Name, email address, vulnerability details
• Create an account: Username, email address, password (encrypted)

1.2 Technical Information

When you visit our website, we automatically collect:

• Log Data: IP address, browser type, operating system, referral source
• Usage Data: Pages visited, time spent, clicks, navigation patterns
• Device Information: Device type, screen size, unique device identifiers

1.3 Testing-Related Information

When you engage our security testing services, we may collect:

• System configurations and architecture details
• Application code (if provided for review)
• Authentication credentials (securely stored, deleted after testing)
• Test results and vulnerability data

2. How We Use Your Information

2.1 Primary Uses

We use the information we collect to:

• Provide and manage security testing services
• Communicate with you about your requests
• Send technical reports and findings
• Respond to inquiries and support needs
• Improve our website and services

2.2 Legal Basis (GDPR)

For users in the European Economic Area, we process personal data based on:

• Contract performance: To fulfill our service agreement
• Legitimate interests: To improve security and prevent fraud
• Consent: Where you have given explicit permission
• Legal compliance: To meet regulatory requirements

3. Data Security

3.1 Security Measures

We implement appropriate technical and organizational measures to protect your data:

• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Control: Strict role-based access to personal information
• Regular Audits: Security assessments of our systems
• Data Minimization: We only collect what we need

3.2 Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours as required by GDPR and other applicable laws.

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We may share information with trusted third parties who assist in operating our website and conducting our business, provided they agree to keep this information confidential:

• Email service providers (for communications)
• Cloud hosting services (for data storage)
• Payment processors (for transactions)

4.2 Legal Requirements

We may disclose information if required by law or in response to valid requests by public authorities (e.g., court order, subpoena).

4.3 No Sale of Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Retention

5.1 Retention Periods

• Contact information: Retained for 2 years after last interaction
• Testing data: Deleted within 30 days after project completion
• Account information: Retained until account deletion
• Legal records: Retained as required by law (up to 7 years)

5.2 Deletion Requests

You may request deletion of your personal data at any time by contacting us. We will comply within 30 days, subject to legal retention requirements.

6. Your Rights

6.1 GDPR Rights (EEA Users)

If you are in the European Economic Area, you have the right to:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data
• Restriction: Limit processing of your data
• Portability: Receive your data in a structured format
• Object: Object to processing based on legitimate interests

6.2 California Privacy Rights (CCPA)

California residents have the right to:

• Know what personal information is collected
• Request deletion of personal information
• Opt-out of sale of personal information (we do not sell data)
• Non-discrimination for exercising rights

6.3 Exercising Your Rights

To exercise any of these rights, contact us at resercherlian@gmail.com. We will respond within 30 days.

7. Cookies and Tracking

7.1 Cookie Usage

We use essential cookies for:

• Authentication and security
• Theme preference (light/dark mode)
• Session management

7.2 Analytics

We use privacy-focused analytics to understand website usage without identifying individual users.

8. Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place through Standard Contractual Clauses or adequacy decisions.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page with an updated effective date.