Introduction
At Exploit Security, we are committed to protecting the privacy and security of the personal information and data collected from our clients, partners, employees, and website visitors. This Privacy Policy outlines how we handle and safeguard this data to ensure confidentiality and compliance with applicable privacy laws and regulations. By engaging with our services, accessing our website, or providing us with personal information, you agree to the practices described in this Privacy Policy.
Exploit Security Pty Ltd is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information.
We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The NPPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.
A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.aoic.gov.au.
Personal Information Collection
Information we collect
We may collect personal information from individuals or organizations during the course of providing our penetration testing services, through our website, or other communication channels. The types of personal information we may collect include, but are not limited to:
-
Name, contact information (email address, phone number, address), and job title.
-
Payment information, such as credit card details, if applicable.
-
Technical information (IP address, browser type, device information) collected automatically when you visit our website.
Sensitive Data
As a penetration testing company, we may receive sensitive information about your organization's systems, networks, and infrastructure during the assessment process. We consider all the data we collect, including technical details and system configurations, as sensitive and handle it with the utmost care.
Data Use and Purpose
Service Delivery
We use personal information and sensitive data to conduct our penetration testing services and deliver the agreed-upon assessments to our clients. The data collected during the engagement is used solely for the purpose of identifying vulnerabilities and providing detailed reports and recommendations.
Communication
We may use your contact information to communicate with you regarding the assessment process, share progress updates, and address any inquiries or concerns.
Legal Compliance
We may use and disclose personal information when required to comply with applicable laws, regulations, or legal proceedings.
Data Security
Confidentiality and Access Control
We maintain strict access controls to limit access to personal information and sensitive data. Only authorized personnel directly involved in the assessment process are granted access to such data.
Data Encryption
We utilize industry-standard encryption protocols to secure data during transmission and storage.
Third Party Security
We carefully select and vet third-party service providers who may handle personal information during the course of delivering our services. These providers must adhere to strict data security standards and contractual obligations to protect your information.
Data Retention
Third-Party Disclosure
We do not sell, trade, or rent personal information to third parties. We may share personal information with trusted third-party service providers involved in the assessment process to facilitate the delivery of our services. These third parties are bound by contractual obligations to maintain the confidentiality and security of the data.
Legal Obligations
We may disclose personal information if required by law or in response to valid legal requests from governmental authorities or law enforcement agencies.
Your Rights
You have the right to access, correct, or request the deletion of your personal information that we hold. If you wish to exercise any of these rights or have questions about your data's processing, please contact us using the information provided below.
Changes to the Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on our website, and the revised policy will be effective immediately upon posting.
Contact Us
If you have any questions or concerns regarding this Privacy Policy or our data handling practices, please contact us at:
Exploit Security
By using our services or providing us with personal information, you signify your acceptance of this Privacy Policy. If you do not agree with the terms outlined herein, please refrain from using our services or providing personal information.