Privacy Policy

DefendTech

23 Makariou Street, 3030 Limassol, Cyprus

Phone: +357 25 694 182

Email: info@domain.com

Data Protection Commitment

DefendTech is committed to protecting your personal data and respecting your privacy rights. As a cybersecurity engineering company, we understand the critical importance of data protection and implement robust security measures to safeguard your information.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or use our cybersecurity services. We comply with the General Data Protection Regulation (GDPR) and applicable Cyprus data protection laws.

Last updated: October 1, 2025

Data Collection Information

Personal Data We Collect

  • Contact information: name, email address, phone number, company details
  • Communication data: messages sent through contact forms or email correspondence
  • Technical data: IP address, browser type, device information, website usage patterns
  • Service data: information related to cybersecurity assessments and implementations
  • Marketing preferences: consent records and communication preferences

How We Collect Data

  • Directly from you through contact forms and service inquiries
  • Automatically through website cookies and analytics tools
  • During cybersecurity consultations and service delivery
  • Through professional networking and business communications
  • Via third-party integrations for enhanced service delivery

Legal Basis for Processing

  • Consent: When you provide explicit consent for marketing communications
  • Contract performance: To deliver cybersecurity services you have requested
  • Legitimate interests: For business operations and service improvement
  • Legal compliance: To meet regulatory and industry requirements
  • Vital interests: For cybersecurity incident response and threat prevention

Data Retention Periods

  • Contact information: Retained for 3 years after last communication
  • Service data: Maintained for contract duration plus 7 years for legal purposes
  • Marketing data: Kept until consent is withdrawn or 2 years of inactivity
  • Technical logs: Automatically deleted after 12 months
  • Security incident data: Retained for 5 years for threat analysis

Data Usage Explanation

How We Use Personal Data

  • Providing cybersecurity engineering services and consultations
  • Responding to service inquiries and support requests
  • Conducting security assessments and threat analysis
  • Improving our website functionality and user experience
  • Sending relevant cybersecurity updates and service information
  • Complying with legal and regulatory requirements

Data Sharing with Third Parties

We may share your data with trusted third parties only in specific circumstances:

  • Cloud service providers for secure data storage and processing
  • Analytics services to understand website usage and improve services
  • Professional partners for comprehensive cybersecurity solutions
  • Legal authorities when required by law or for security investigations
  • Data processors who assist in service delivery under strict confidentiality agreements

Marketing Communications

We use your contact information for marketing purposes only with your explicit consent:

  • Cybersecurity industry insights and threat intelligence updates
  • Information about new security services and solutions
  • Invitations to cybersecurity webinars and professional events
  • Educational content about security best practices
  • Company news and service announcements

Analytics and Website Improvement

  • Understanding visitor behavior to enhance website usability
  • Analyzing service page performance and user engagement
  • Optimizing contact forms and service inquiry processes
  • Improving cybersecurity content based on user interests
  • Measuring the effectiveness of our digital security resources

Data Protection Measures

Security Measures in Place

  • End-to-end encryption for all data transmission and storage
  • Multi-factor authentication for system access and administration
  • Regular security audits and vulnerability assessments
  • Secure cloud infrastructure with enterprise-grade protection
  • Employee security training and data handling protocols
  • Incident response procedures for potential data breaches

Data Encryption and Storage

  • AES-256 encryption for data at rest and in transit
  • Secure European data centers with physical security controls
  • Regular encrypted backups with disaster recovery procedures
  • Database encryption with key management systems
  • Secure API endpoints with authentication and authorization

Access Controls and Monitoring

  • Role-based access control with principle of least privilege
  • Continuous monitoring of data access and system activity
  • Regular access reviews and permission audits
  • Automated threat detection and response systems
  • Audit trails for all data processing activities

Breach Notification Procedures

In the unlikely event of a data breach:

  • Immediate containment and investigation procedures
  • Notification to relevant authorities within 72 hours
  • Direct communication to affected individuals without undue delay
  • Comprehensive breach analysis and remediation measures
  • Implementation of additional security controls to prevent recurrence

Your Rights and Data Management

Right to Access Personal Data

You have the right to request:

  • Confirmation of whether we process your personal data
  • A copy of your personal data in a structured, machine-readable format
  • Information about the purposes and legal basis for processing
  • Details about data retention periods and sharing practices
  • Information about your rights and how to exercise them

Right to Rectification and Erasure

  • Request correction of inaccurate or incomplete personal data
  • Request deletion of personal data when no longer necessary
  • Withdraw consent for marketing communications at any time
  • Request erasure when processing is unlawful or consent is withdrawn
  • Exercise the right to be forgotten under applicable circumstances

Right to Data Portability

  • Receive your personal data in a portable, machine-readable format
  • Transfer your data to another service provider where technically feasible
  • Request direct transmission of data between controllers when possible
  • Access structured data exports for your own records

Right to Object to Processing

  • Object to processing based on legitimate interests
  • Opt out of direct marketing communications
  • Request restriction of processing under specific circumstances
  • Object to automated decision-making or profiling

How to Exercise These Rights

To exercise your privacy rights, contact us through:

  • Email: info@domain.com with "Data Protection Request" in the subject line
  • Written request to our postal address above
  • Contact form on our website with privacy inquiry specification
  • Phone: +357 25 694 182 during business hours

We will respond to your request within 30 days and may require identity verification for security purposes.

Your Rights and Opt-Out Instructions

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:

  • Avoid filling out contact forms, account registrations, or any data-submitting features
  • Disable cookies through your browser settings (see our Cookie Policy for more details)
  • Contact us directly to request the deletion of any previously shared personal data
  • Use browser privacy modes or extensions to limit data collection
  • Request anonymization of your data while retaining service history

We respect your privacy choices. If you would like us to delete your data, please reach out to us at the contact details provided on our Contact page. We will process your request promptly and confirm completion within 30 days.