Privacy policy.

Kapacyber ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, request a security assessment, or interact with our marketing materials. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site.

Client data we process on your behalf under a managed services agreement (MSA) or data processing agreement (DPA) is governed by that agreement, not by this Privacy Policy. This policy covers website visitors, prospects, and recipients of our marketing communications.

1. Information We Collect

We may collect the following types of information:

Information You Provide Directly

• Name, email address, phone number, and company name when you contact us, request an assessment, or download a resource
• Information submitted through our contact form, free assessment form, or any gated content (such as e-books, checklists, or templates)
• Communications you send us by email or through our website

Information Collected Automatically

• Log data including your IP address, browser type, pages visited, and time spent on those pages
• Cookies and similar tracking technologies to improve your experience on our site
• Device information such as hardware model and operating system

Any technical data, network configurations, vulnerability findings, or other confidential corporate information you share with us during a security assessment or related sales conversation is treated as strictly confidential and used solely to conduct the requested assessment.

2. How We Use Your Information

We use the information we collect to:

• Respond to your enquiries and provide the services you request
• Send you information about our services, security alerts, and updates where you have opted in
• Improve our website and services
• Comply with legal obligations
• Detect, prevent, and address technical issues or security incidents

We do not sell, trade, or rent your personal information to third parties.

3. Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small data files stored on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, some parts of our site may not function properly without cookies.

We use the following types of cookies:

• Essential cookies: Required for the website to function correctly
• Analytics cookies: Help us understand how visitors interact with our website
• Preference cookies: Remember your settings and preferences

You can review and change your cookie choices at any time using the Cookie Preferences link in our website footer.

4. Third-Party Services

We may use trusted third-party services (such as analytics providers and email platforms) that collect, monitor, and analyse data to help us improve our service. These third parties have their own privacy policies addressing how they use such information.

When you submit our contact form, free assessment form, or request a gated resource, the details you provide (such as your name, email address, and phone number) are transmitted to and stored in our customer relationship and email marketing platform, Systeme.io, which acts as a processor on our behalf. Systeme.io processes this information in accordance with its own privacy policy.

We use Cloudflare Web Analyticsto measure aggregate, privacy-friendly site traffic (such as page views, top pages, and referrers). Cloudflare Web Analytics does not use cookies, does not fingerprint visitors, and does not collect personal information about you. See Cloudflare's privacy policy for details.

We also use Microsoft Clarity to understand how visitors interact with our website through aggregate behavioural metrics, heatmaps, and session replays. Clarity collects information such as pages visited, clicks, scrolling activity, and time spent on pages, and may capture mouse movements and similar interactions. Sensitive form fields are automatically masked. This data helps us improve our website and services. Microsoft processes this information in accordance with its privacy statement. You can opt out of Clarity tracking via your browser's Do Not Track setting or by using a privacy-blocking extension.

5. Data Security

We implement industry-standard technical and organisational measures designed to protect your personal information against unauthorised access, alteration, disclosure, or destruction. No method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required by law. When your data is no longer needed, we securely delete or anonymise it.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate or incomplete data
• Request deletion of your personal information
• Object to or restrict our processing of your data
• Request a portable copy of your data
• Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at [email protected].

8. California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with specific rights regarding your personal information.

You have the right to:

• Know what categories of personal information we collect, the sources of that information, the business purposes for collecting it, and the categories of third parties (if any) we share it with
• Request access to the specific pieces of personal information we hold about you
• Request deletion of your personal information, subject to legal exceptions
• Request correction of inaccurate personal information
• Opt out of the "sale" or "sharing" of your personal information for cross-context behavioural advertising
• Limit the use and disclosure of any sensitive personal information
• Be free from discrimination for exercising any of your CCPA / CPRA rights

We do not sell or share your personal information as those terms are defined under the CCPA / CPRA. To exercise any of your California privacy rights, please contact us at [email protected]. We will verify your request before responding.

9. UK & EU Visitors (UK GDPR / EU GDPR)

If you are located in the United Kingdom or the European Economic Area, you have rights under the UK GDPR and EU GDPR including those listed in Section 7. Our lawful bases for processing your personal data are: your consent (for marketing communications and non-essential cookies), the performance of a contract or pre-contractual steps you request (for example, responding to your enquiry or assessment request), and our legitimate interests in operating and improving our website and services. Where we transfer personal data outside the UK or EEA — for example to our US-based service providers such as Systeme.io — we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and, where applicable, the UK International Data Transfer Addendum. To exercise your rights or to lodge a complaint, contact us at [email protected]. UK and EEA residents also have the right to complain to their local supervisory authority.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by updating the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us:

• Email: [email protected]
• Website: kapacyber.com/contact
• Mail: Kapacyber, 621 Stockton St. #204, San Francisco, CA 94108