Privacy Policy
Cynaxus is a cybersecurity and IT consulting firm — protecting information is the work we do, and we hold our own data practices to the same standard we ask of our clients. This policy explains what we collect through cynaxus.com and in the course of our engagements, why we hold it, who we share it with, how long we keep it, and the choices you have.
cynaxus.com uses cookieless, privacy-respecting analytics to measure aggregate traffic. No cookies are written to your browser, no personal identifiers are collected, and no cross-site tracking occurs. No cookie consent banner is needed because none are set.
This Privacy Policy applies to cynaxus.com and to the inquiries and communications you send us through it. It describes our practices in plain language. Where we deliver paid services, the data-handling, confidentiality, and security terms in your signed engagement agreement govern that work and control over this policy wherever the two differ.
Scope of this policy
This policy covers personal information we collect from visitors to our website and from prospective clients who reach out to us. It does not change or replace the obligations we take on under an engagement agreement, a non-disclosure agreement, or a data-processing agreement, each of which is negotiated separately and tailored to the work and the data involved. If you are an existing client, the terms of your agreement are the controlling document for how we handle data you entrust to us during delivery.
Information we collect
We collect only what we need to respond to you and operate this site — nothing more.
- Information you provide — your name, email address, phone number, organization, role, and the contents of your message when you use a contact or inquiry form, request a call, subscribe to an update, or otherwise correspond with us.
- Engagement information — details you share while scoping or receiving services. This may include business, technical, or security information about your organization, handled under the confidentiality and data-handling terms of your engagement agreement.
- Technical and usage information — standard server and log data collected automatically, such as IP address, browser and device type, operating system, referring and exit pages, pages viewed, and timestamps. This data is held only as long as operationally necessary and is not used to build profiles of individual visitors.
We do not ask for and do not want sensitive personal information — such as government identifiers, financial account numbers, or health information — through this website. Please do not submit it through our forms. Where an engagement genuinely requires handling sensitive or regulated data, that is arranged through secure channels defined in the engagement agreement, never through the public site.
How we use your information
Your information is used to serve you and run our business — it is never sold.
- Respond and engage — to answer your inquiry, schedule conversations, prepare proposals, and provide the services you ask us about.
- Operate and secure the site — to host, maintain, troubleshoot, and protect cynaxus.com against fraud, abuse, and security threats.
- Improve our work — to understand, in aggregate, how the site is used so we can make it clearer and more useful. Analytics data is anonymised and never tied to individual visitors.
- Communicate with you — to send information you have requested and, where permitted, occasional updates you can opt out of at any time.
- Meet legal and contractual obligations — to comply with applicable law, respond to lawful requests, and honor the terms of our engagements.
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We do not use the information you submit to make automated decisions that produce legal or similarly significant effects about you.
Cookies and tracking
This site sets no cookies — none are written to your browser, and no cookie consent banner is required. We do use a cookieless, privacy-respecting analytics service to measure aggregate traffic and understand how the site is used. When you load a page, a small anonymised signal is sent to that service containing only: the page URL, the referring URL, approximate browser and device type, and screen size. No personal identifiers, IP addresses, or cross-site tracking data are included. The data is used solely in aggregate to improve site content and is not shared with advertisers or used to build profiles of individual visitors.
If our practices change — for example if we add cookies or a different analytics approach — this policy will be updated before any such change takes effect.
How we share information
We share personal information only in limited, defined circumstances, and never for sale:
- Service providers — vendors who host the site, deliver email, or provide cookieless analytics on our behalf, bound by contract to use the information only to perform those services and to protect it.
- Legal and safety — when required by law, regulation, subpoena, or other legal process, or when necessary to protect the rights, property, or safety of Cynaxus, our clients, or the public.
- Business transfers — in connection with a merger, acquisition, financing, or sale of assets, in which case this policy will continue to govern the information transferred.
- With your direction — when you ask us to share information with a third party, or otherwise consent.
Client engagement information is treated as confidential and is not disclosed except as authorized by the client or required by law.
Data security
We apply administrative, technical, and physical safeguards appropriate to the sensitivity of the information we hold — including access controls, encryption in transit, least-privilege practices, and ongoing monitoring — consistent with the security disciplines we advise our clients to adopt. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security, but we treat the data entrusted to us with the same rigor we bring to our engagements and work to reduce risk continuously.
Data retention
We keep personal information only as long as needed for the purposes described in this policy — to respond to and maintain a relationship with you, to operate and secure the site, and to satisfy legal, tax, accounting, and contractual obligations. When information is no longer needed, we delete it or de-identify it. Engagement records are retained according to the terms of the applicable agreement and our professional obligations.
Your rights and choices
Depending on where you live, you may have rights over the personal information we hold.
- Access and portability — request confirmation of whether we hold information about you and a copy of it.
- Correction — ask us to correct information that is inaccurate or incomplete.
- Deletion — ask us to delete your personal information, subject to legal and contractual exceptions.
- Restriction and objection — ask us to limit or stop certain processing, where applicable law provides that right.
- Opt out of communications — unsubscribe from any non-essential email at any time using the link in the message or by contacting us.
To exercise any of these rights, contact us using the details below. We will verify your request as needed, respond within the timeframes required by applicable law, and will not discriminate against you for exercising your rights. You may also have the right to appeal a decision or to lodge a complaint with your local data-protection authority.
International visitors
Cynaxus is based in the United States, and information we collect is processed and stored in the United States and other locations where we or our service providers operate. Data-protection laws in these locations may differ from those in your jurisdiction. By using the site or contacting us, you understand that your information may be transferred to and processed in the United States. Where required, we put appropriate safeguards in place for international transfers.
Changes to this policy
We may update this policy as our practices, technology, or applicable law change. When we make material changes, we will post the revised policy on this page and, where appropriate, provide additional notice. We encourage you to review this page periodically so you stay informed about how we protect your information.
Contact us
If you have questions about this policy, want to exercise a privacy right, or have a concern about how we handle your information, reach us through our contact page and we will route your request to the right person.