Privacy by Design

Privacy & Data Protection Policy

Last Updated: January 3, 2026

At CyberDefenders, we operate under a "Privacy by Design" philosophy. We collect the minimum amount of data necessary to provide elite security consulting services. We do not sell, rent, or trade your personal data to third parties for marketing purposes.


This policy describes the technical and organizational measures we undertake to collect, process, and safeguard your information. As a cybersecurity firm, we adhere to the highest standards of data integrity and confidentiality to maintain the trust of our clients and partners.



1. Information You Provide to Us


We collect information that you voluntarily submit through our website or during the professional onboarding process:


  • Contact Information: Legal name, professional email address, and telephone number.

  • Business Details: Company name, job title, and the nature of your cybersecurity needs.

  • Inquiry Content: Any specific details regarding your infrastructure or security concerns shared via our "Get a Quote" or "Contact Us" forms.

2. Information Collected Automatically


To maintain the integrity and security of our own digital perimeter, we collect limited technical metadata:


  • Log Data: IP addresses, browser specifications, and access times used exclusively to monitor for malicious activity such as DDoS protection or brute-force attempts.

  • Cookies: We use essential cookies to ensure the website functions correctly and analytical cookies to understand site traffic. You can manage these via your browser settings.

3. Third-Party Data Processing


While we do not sell your data, we utilize a limited number of "Data Processors" strictly bound by confidentiality agreements to facilitate our services:


  • Infrastructure Providers: Secure cloud hosting and encrypted email services used to store your communications.

  • Communication Tools: Authorized platforms used to schedule consultations or distribute security alerts.

  • Legal Requirements: We may disclose information if required by a valid court order or a specific legal obligation.

4. Technical Data & Consulting (Confidentiality)


Please note that any technical data shared during a formal engagement—such as network logs, vulnerability scans, or system configurations—is governed by our Master Service Agreement (MSA) and Non-Disclosure Agreement (NDA). These documents provide higher tiers of protection and stricter confidentiality mandates than this standard Website Privacy Policy.


5. Advanced Security Architecture


Our security controls are engineered to exceed standard commercial requirements, utilizing a "Defense in Depth" strategy:


  • Encryption Standards: All data is protected using AES-256 encryption at rest and TLS 1.3 encryption in transit.

  • Access Governance: We enforce Least Privilege Access (LPA). Only authorized personnel with verified multi-factor authentication (MFA) credentials may access specific data subsets.

  • Continuous Audit: Every access event to sensitive data is recorded in immutable audit logs proactively monitored for anomalies.

6. Your Privacy Rights


Under global data protection laws, you are entitled to exercise the following rights:


  • Right to Erasure: You may request the permanent deletion of your personal information from our systems.

  • Right to Access: You may request a machine-readable copy of the data we hold.

  • Right to Restriction: You may object to or request the restriction of specific processing activities.

7. Contact our Data Protection Officer


For formal inquiries regarding this policy or to exercise your privacy rights, please contact our compliance department:


CyberDefenders / Defense In Orbit LLC
8 The Grn #22539
Dover, DE 19901-3618
Email: liliana@cyberdefenders.co
Attn: Data Protection Officer (DPO)