Privacy Policy

Effective Date: 12/Dec/2024

Introduction

At HedgeMount Infosec Private Limited, we are committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you engage with our cybersecurity consultancy services. We comply with applicable data protection laws, local laws (such as GDPR in the EU, CCPA in California, etc.).

By using our services, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

We may collect the following types of information:

  • Personal Data: This includes your name, contact details, job title, email address, phone number, and other personally identifiable information provided by you when you inquire about or use our services.
  • Technical Data: Information about the devices you use to access our website, including IP addresses, browser type, device information, operating system, and other diagnostic data collected automatically during interactions with our website or services.
  • Client-Specific Data: Data relevant to the services we provide to you, such as security assessments, vulnerabilities, audit results, client-specific analysis, and other information directly related to our consulting services.

2. How We Use Your Information

We use your data for the following purposes:

  • Providing Consultancy Services: To deliver cybersecurity audits, assessments, and consultations, including threat analysis, risk management strategies, and customized cybersecurity solutions.
  • Communication: To respond to your inquiries, send service updates, share reports, or inform you about changes to our services or policies.
  • Marketing and Outreach: To send you promotional materials or updates related to cybersecurity trends, best practices, and new services we offer (you can opt-out at any time).
  • Improving Our Services: To analyze client feedback and improve our cybersecurity methodologies, client interactions, and service offerings.

3. How We Protect Your Data

We take data security seriously and implement robust technical and organizational measures to safeguard your personal and client-specific data. These include:

  • Encryption: We use encryption for sensitive data storage and transmission to prevent unauthorized access.
  • Access Control: Only authorized personnel within our organization have access to your personal data. We maintain strict access controls to protect your information.
  • Security Audits: Regular audits and reviews of our security practices and systems are conducted to ensure the highest level of protection.
  • Data Minimization: We collect only the data necessary to provide our services and retain it only as long as required for business or legal purposes.

4. Data Sharing and Disclosure

We will not share your personal information with third parties except in the following cases:

  • With Service Providers: We may share data with trusted third-party vendors who assist us in providing services (e.g., cloud service providers, IT support, or other consultants). These third parties are obligated to maintain the confidentiality and security of your data.
  • Legal Requirements: If required by law, regulation, legal process, or government request, we may disclose your information to comply with applicable laws or protect our rights, privacy, safety, or property.
  • In the Event of a Business Transfer: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner as part of the business transaction.

5. Retention of Data

We will retain your personal and client-specific data for as long as necessary to fulfill the purposes outlined in this policy, or as required by law, whichever is longer. When your data is no longer required, we will securely dispose of it.

6. Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal data, including:

  • Access: The right to request a copy of the personal data we hold about you.
  • Correction: The right to request corrections to any inaccurate or incomplete data.
  • Deletion: The right to request that we delete your personal data (subject to certain limitations).
  • Opt-Out of Marketing: You may opt-out of receiving marketing communications at any time by following the unsubscribe instructions in the emails we send.

To exercise these rights, please contact us using the information provided below.

7. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to improve your user experience. These technologies help us understand how you use our site and allow us to tailor content to your preferences. You can control cookie settings through your browser settings.

8. International Data Transfers

If you are located outside of the country in which we operate, please be aware that your personal data may be transferred to and processed in a country with different data protection laws. We take appropriate measures to ensure that your data is protected, including entering into data transfer agreements that comply with applicable legal requirements.

9. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. Any changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us at +91 9110770174/ CISO@hedgemount.com.