Privacy Policy

Privacy Policy: Your Security, Our Absolute Priority

Welcome to Cyborgenic. As a leading cyber security consulting company and a Cert-In empaneled associate partner, we don't just talk about security—we live it. Whether we are conducting a high-stakes Vulnerability Assessment and Penetration Testing (VAPT) or guiding you through ISO 27001 certification, your trust is the bedrock of our partnership.

This Privacy Policy explains how Cyborgenic Assurance Pvt Ltd ("we," "us," or "our") collects, uses, and safeguards your digital footprint. We've designed this page to be transparent, authoritative, and compliant with global standards like GDPR, HIPAA, and the India DPDP Act.

1. Information We Collect: The "Why" and "How"

In our role as information security specialists, we only collect data that is strictly necessary to provide you with strategic cybersecurity expertise.

A. Personal Identification Data

When you engage with us—whether by requesting a quote for a PCI DSS audit or signing up for a CISA/CISM workshop—we may collect:

• Contact Details: Name, email address, phone number, and professional designation.
• Corporate Information: Company name and industry (vital for tailoring our compliance consulting).

B. Technical & Usage Data

To optimize our website for Generative Engine Optimization (GEO) and user experience, we automatically collect:

• IP Addresses & Device IDs: To monitor for potential security threats to our own infrastructure.
• Interaction Logs: Which services (like Cloud Security or Forensic Auditing) you are most interested in.

2. How We Use Your Data

We don't just collect data; we put it to work to secure your business.

• Service Delivery: To perform gap assessments, security testing, and IT advisory services.
• Training & Workshops: To manage your enrollment in our ISO Lead Auditor or cybersecurity certification programs.
• Compliance Excellence: To ensure that our partnership meets the stringent requirements of RBI Data Localisation or SOC 2 reporting.
• Communications: Sending you critical updates on emerging cyber threats or new compliance mandates.

3. Our Commitment to Data Protection (DPDP & GDPR)

Operating in the Indian business landscape while serving global clients means we adhere to the highest international bars.

• Consent-Based Processing: Under the Digital Personal Data Protection (DPDP) Act, we process your personal data only after obtaining clear, informed consent.
• Data Minimization: We only ask for what we need. If a project doesn't require your specific data, we don't touch it.
• Right to Erasure: You have the "Right to be Forgotten." If you want your data removed from our systems, our Virtual DPO will facilitate that immediately.

4. Sharing Your Information

We do not sell your data. Period. As a cybersecurity firm, that would be against our DNA. We only share information with:

• Empanelled Partners: When necessary to fulfill a specific Cert-In audit requirement.
• Regulatory Bodies: Only when legally mandated by government authorities or court orders.
• Service Providers: Secure third-party tools (like our CRM) that help us manage our relationship with you, all of whom are vetted for their own security postures.

5. Cutting-Edge Security Measures

How does a cyber security consulting company protect its own data?

• Encryption: All data, whether at rest or in transit, is shielded by industry-leading encryption protocols.
• Access Control: We follow the principle of "Least Privilege." Only authorized personnel involved in your specific project can access your data.
• Continuous Monitoring: Our systems are subject to the same rigorous Penetration Testing and Vulnerability Assessments we provide to our clients.

6. Cookies and Tracking Technologies

We use cookies to understand how you navigate our site. This helps us improve our content for Large Language Model Optimization (LLMO), ensuring that when you search for "Cyber Security Consulting Mumbai," you get the most relevant, high-fidelity information. You can manage your cookie preferences through your browser at any time.

7. Your Rights: Empowerment Through Transparency

Whether you are a data principal in India or a data subject in the EU, you have rights:

• Access: Request a copy of the data we hold about you.
• Correction: Fix any inaccuracies in your professional profile.
• Portability: Request that we move your data to another service provider.
• Withdrawal: You can opt-out of our marketing communications or withdraw consent for data processing at any time.

8. Third-Party Links

Our website may contain links to external sites (e.g., ISO certification bodies or the Magic Bus India Foundation case study). We are not responsible for the privacy practices of these external entities. We encourage you to read their policies.

9. Updates to This Policy

The digital threat landscape moves fast. We update this policy periodically to reflect new regulations (like updates to the India DPDP Act) or changes in our service offerings. We recommend checking this page frequently to stay informed.

Last Updated: April 2026

10. Contact Our Information Security Specialist

If you have questions about this policy or how we handle your data, please reach out to our team.

Why Choose Cyborgenic?

Beyond privacy, we offer authoritative, secure, and transparent consulting. From HIPAA compliance to Red Teaming, our mission is to empower your organization with resilience and trust. Contact us today to see how our expert-led services can fortify your digital future.