Privacy & Terms

Privacy Policy

Information We Collect

When you contact us or request services, we collect:

• Contact information (name, email, phone number, company name)
• Service requirements and technical scope details
• IP addresses and system information during security testing (with authorization)
• Website analytics data (via cookies) for improving user experience

How We Use Your Information

We use collected information to:

• Deliver penetration testing and security assessment services
• Communicate about your project and provide support
• Generate reports and technical documentation
• Improve our services and website experience
• Send occasional security updates (you can opt out anytime)

Data Protection

We take data security seriously:

• All testing data is encrypted during storage and transmission
• Access to client information is restricted to authorized personnel only
• Penetration testing reports are stored securely and deleted per retention agreement
• We comply with GDPR, ISO 27001 and industry best practices

Data Sharing

We never sell your data. We may share information only:

• With your explicit consent
• When required by law or legal process
• With authorized subcontractors under strict confidentiality agreements

Your Rights

You have the right to:

• Access your personal data we hold
• Request correction of inaccurate information
• Request deletion of your data (subject to legal retention requirements)
• Opt out of marketing communications
• Request data portability

To exercise these rights, contact us at privacy@sfcyberadvisory.xyz

Cookies

We use minimal cookies for:

• Website functionality (essential cookies)
• Basic analytics to improve user experience (anonymized)

You can disable cookies in your browser, though this may affect website functionality.

Terms of Service

Service Scope

SF Cyber Advisory provides authorized security testing services including penetration testing, vulnerability assessments, and security consulting. All testing is conducted only with explicit written authorization from the client.

Client Responsibilities

Clients must:

• Provide written authorization before testing begins
• Ensure they have legal authority to authorize testing on target systems
• Notify relevant parties (ISPs, hosting providers) if required
• Provide necessary access credentials and technical details
• Maintain backups before testing begins

Testing Limitations

We conduct testing professionally and carefully, but:

• Testing may impact system availability or performance
• We cannot guarantee finding all vulnerabilities
• Testing is limited to the agreed scope and timeframe
• Results represent a point-in-time assessment

Confidentiality

Both parties agree to:

• Maintain strict confidentiality of all findings and technical information
• Not disclose vulnerabilities to third parties without mutual consent
• Securely store and eventually destroy all confidential data per retention agreement

Liability

Our liability is limited to the fees paid for services. We are not liable for:

• Indirect, incidental, or consequential damages
• Data loss or system downtime during authorized testing
• Third-party claims arising from vulnerabilities we discover
• Client's failure to remediate identified vulnerabilities

Payment Terms

Unless otherwise agreed:

• 50% deposit required before testing begins
• Remaining balance due upon report delivery
• Payment terms are 15 days net from invoice date
• Late payments may incur interest charges

Termination

Either party may terminate services with written notice. Client remains responsible for payment of work completed up to termination date.

Dispute Resolution

Disputes will be resolved through negotiation first, then mediation if needed. Jurisdiction and applicable law will be specified in individual service agreements.

Questions?

If you have questions about our privacy policy or terms of service, please contact us:

Email: contact@sfcyberadvisory.xyz
Phone: +91 8639 621 721