Legal Documentation

Legal Center

Privacy Policy, Terms of Service, Cookie Policy, and GDPR Information

Last Updated: November 29, 2025

Privacy Policy Terms of Service Cookie Policy GDPR

Privacy Policy

Last Updated: November 29, 2025

1. Introduction

This Privacy Policy describes how Cyntara Security ("Cyntara," "we," "us," or "our") collects, processes, stores, and protects information in connection with the use of our website, services, platforms, and related offerings.

Cyntara provides cybersecurity, threat detection, compliance automation, advisory, and managed services. Due to the nature of our work, we maintain strict security, confidentiality, and governance practices for all data entrusted to us.

This policy applies to:

Website visitors
Prospective customers
Clients and their personnel
Users of the Cyntara Threat Management Platform (CTMP)
Individuals who interact with us for sales, support, or advisory services

By accessing our website or using our services, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

We may collect:

• Name, email, phone number, company name, role
• Inquiry details, audit documentation, compliance materials
• Information provided through forms, chat, support channels, or contracts
• Billing and payment details (processed via secure third-party providers)

2.2 Information Collected Automatically

Including but not limited to:

• IP addresses, browser type, device identifiers
• Date/time stamps, pages viewed, clickstream data
• System events and usage analytics
• Cookies, scripts, and performance logs

2.3 Security & Monitoring Data (For Clients Only)

As part of delivering cybersecurity services, we may process:

• Security logs and telemetry
• Endpoint, network, cloud, and identity data
• Threat alerts, behavioral events, and system indicators
• Compliance-relevant evidence and audit trails

This data is processed only for the purpose of delivering contracted services.

3. How We Use Information

3.1 Service Delivery

• Monitor, detect, analyze, and respond to security threats
• Provide compliance tracking and reporting
• Deliver vCISO, incident response, and advisory services
• Maintain logs and operational telemetry for security operations

3.2 Business Operations

• Improve products, systems, performance, and user experience
• Manage accounts and fulfill contractual obligations
• Communicate service updates, alerts, and support information
• Conduct risk assessments and ensure policy compliance

3.3 Legal and Regulatory Compliance

• Satisfy audit, reporting, and security obligations
• Comply with applicable laws, including privacy and cybersecurity requirements

4. Data Security & Safeguards

Cyntara employs defense-grade security controls, including but not limited to:

4.1 Technical Controls

• AES-256 and TLS encryption
• Multi-factor authentication
• Role-based access controls (RBAC)
• Network segmentation and zero-trust principles
• Continuous monitoring and threat detection

4.2 Organizational Controls

• Access only on a need-to-know basis
• Security awareness and role-based training
• Confidentiality agreements for employees and partners
• Incident response, audit logging, and secure development practices

4.3 Infrastructure Controls

• Hardened systems with continuous patching
• Secure hosting and approved sub-processors
• Regular vulnerability assessments and penetration testing
• High-availability, redundant architecture

5. Data Sharing & Sub-Processors

We may share information with trusted service providers solely for:

• Hosting and infrastructure
• Authentication and identity management
• Analytics and platform maintenance
• Security and monitoring services

We do not sell or rent personal data.

6. International Transfers

Where cross-border data transfers are required, Cyntara uses:

• Standard Contractual Clauses (SCCs)
• Approved transfer mechanisms
• Binding contractual assurances

7. Data Retention

We retain information only as long as necessary to:

• Provide services
• Comply with legal obligations
• Maintain audit and security records
• Resolve disputes and enforce agreements

8. Your Rights

Depending on your location, you may have rights to:

• Access, correct, or delete personal data
• Object to processing
• Restrict processing
• Receive a copy of your data
• Withdraw consent (when applicable)

Requests can be submitted to:
[email protected]

9. Updates to This Policy

We may modify this Privacy Policy at any time. Updates will be posted with a revised "Last Updated" date.

10. Contact

For questions or concerns:

Email: [email protected]

Terms of Service

Last Updated: November 29, 2025

1. Acceptance of Terms

By accessing the Cyntara Security website or submitting information to us, you agree to these Terms of Service. Use of our managed cybersecurity services is governed by separate Master Service Agreements (MSAs), Statements of Work (SOWs), or subscription contracts.

2. Authorized Use

Users agree to:

• Access the website and materials responsibly
• Comply with applicable laws and regulations
• Not misuse or attack the website
• Not reverse engineer, modify, or exploit the site
• Not interfere with security, infrastructure, or availability

Cyntara reserves the right to restrict or terminate access for misuse.

3. Intellectual Property

All website content, branding, designs, text, imagery, code, and materials are exclusively owned by Cyntara Security.

Users may not:

• Copy, distribute, or reproduce content
• Use trademarks without permission
• Create derivative works from our materials

4. No Warranties

The website and its content are provided "as is" without warranties of any kind.

Cyntara does not guarantee:

• Accuracy or completeness of content
• Availability or uptime
• Error-free performance

This does not affect warranties provided under any paid service agreements.

5. Limitation of Liability

To the maximum extent permitted by law, Cyntara is not liable for:

• Indirect, incidental, or consequential damages
• Loss of data, revenue, or business
• Downtime or interruptions
• Website errors or omissions

6. Indemnification

Users agree to indemnify Cyntara Security against claims arising from:

• Misuse of the website
• Violation of these Terms
• Unauthorized or malicious activity

7. Third-Party Links

External links are provided for convenience. Cyntara does not endorse or control third-party sites, and is not responsible for their content or security practices.

8. Changes to Terms

Cyntara may update these Terms at any time. Continued website use constitutes acceptance of the updated Terms.

9. Contact

For Terms-related inquiries:

Email: [email protected]

Cookie Policy

Last Updated: November 29, 2025

1. Overview

This Cookie Policy explains how Cyntara Security uses cookies and tracking technologies to support website functionality, analytics, and performance.

We do not use advertising cookies or behavioral tracking cookies.

2. Types of Cookies Used

2.1 Essential Cookies

Required for the website to function, including:

• Authentication
• Security
• Traffic management
• Session management

Cannot be disabled.

2.2 Performance & Analytics Cookies

Used to understand how visitors use the site, such as:

• Page views
• Click paths
• Load times
• Interaction patterns

All analytics data is aggregated and anonymized.

2.3 Preference Cookies

Store choices such as:

• Language
• Display preferences
• Input history for forms

2.4 Security Cookies

Used to detect malicious activity and enhance protection.

3. Managing Cookies

Users can modify cookie settings via browser controls. Disabling essential cookies may limit functionality.

4. Updates to This Policy

We may update this policy periodically. The latest version will always be available on this page.

5. Contact

For cookie or tracking-related inquiries:

Email: [email protected]

GDPR Compliance

General Data Protection Regulation

GDPR Commitment

Cyntara Security is committed to compliance with the General Data Protection Regulation (GDPR) for all individuals in the European Economic Area (EEA), United Kingdom, and Switzerland.

Our Privacy Policy outlines how we collect, process, and protect personal data in accordance with GDPR requirements.

Your GDPR Rights

Under GDPR, you have the following rights:

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete data.

Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data under certain conditions.

Right to Restrict Processing

You can request limitation of how we process your data.

Right to Data Portability

You can receive your data in a structured, commonly used format.

Right to Object

You can object to certain types of processing, including direct marketing.

Right to Withdraw Consent

You can withdraw consent for processing where consent was the legal basis.

Right to Lodge a Complaint

You can file a complaint with your local data protection authority.

Legal Basis for Processing

We process personal data under the following legal bases:

• Contract Performance: To deliver services you've requested
• Legitimate Interests: To improve services, ensure security, and prevent fraud
• Legal Obligation: To comply with applicable laws and regulations
• Consent: Where you have explicitly agreed to processing

Data Protection Officer

For GDPR-related inquiries or to exercise your rights, please contact:

Email: [email protected]
Subject Line: GDPR Request

We will respond to your request within 30 days as required by GDPR.

International Data Transfers

When transferring data outside the EEA, we ensure adequate protection through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions for countries with equivalent data protection standards
• Additional safeguards and security measures

Questions About Our Legal Policies?

Our team is available to address any concerns regarding privacy, data protection, or compliance.

Contact Us