Privacy Policy
Last updated: March 1, 2025
Dalwax Cybersecurity, Inc. ("Dalwax," "we," "our," or "us") is committed to protecting the privacy and security of the personal information we collect. This Privacy Policy describes how we collect, use, disclose, and protect your information when you visit our website, use our services, or interact with us.
1. Information We Collect
1.1 Information You Provide
We collect information you voluntarily provide, including: name, email address, phone number, company name, job title, and any other information submitted through contact forms, service requests, or account registration.
1.2 Automatically Collected Information
When you visit our website, we automatically collect: IP address, browser type and version, operating system, referring URL, pages visited, time and date of visit, and device identifiers. We use this information for analytics, security monitoring, and service improvement.
1.3 Service-Related Data
In the course of providing cybersecurity services, we may process security event logs, threat intelligence data, vulnerability scan results, and other technical data as described in your service agreement. This data is processed solely for the purpose of delivering contracted security services.
2. How We Use Your Information
We use collected information to: provide and improve our services, respond to inquiries and support requests, send security advisories and service notifications, comply with legal obligations, detect and prevent fraud, and analyze website usage patterns.
3. Data Sharing and Disclosure
We do not sell your personal information. We may share data with: trusted service providers under strict contractual obligations, law enforcement when required by law or legal process, and business partners with your explicit consent. All third-party processors are subject to our vendor security assessment program.
4. Data Security
We implement industry-leading security measures including encryption at rest (AES-256) and in transit (TLS 1.3), multi-factor authentication, role-based access controls, continuous security monitoring, and regular penetration testing. Our operations are SOC 2 Type II and ISO 27001 certified.
5. Data Retention
We retain personal information only as long as necessary to fulfill the purposes described in this policy or as required by law. Service-related security data is retained per your service agreement terms, typically 12-24 months.
6. Your Rights
Depending on your jurisdiction, you may have the right to: access, correct, or delete your personal information, object to or restrict processing, data portability, withdraw consent, and lodge a complaint with a supervisory authority. To exercise these rights, contact privacy@dalwax.com.
7. International Transfers
We operate globally and may transfer data to countries outside your jurisdiction. All international transfers are protected by Standard Contractual Clauses (SCCs) or equivalent safeguards.
8. Contact Us
For privacy-related inquiries, contact our Data Protection Officer at privacy@dalwax.com or Dalwax Cybersecurity, 1200 Pennsylvania Ave NW, Washington, D.C. 20004.