Zhyxalern Logo
Zhyxalern
Web Application Security

Privacy Policy

Your privacy matters to us. This comprehensive policy explains how Zhyxalern collects, uses, and protects your personal information.

Last Updated: January 15, 2025 | Effective Date: January 1, 2025

1. Information We Collect

At Zhyxalern, we collect various types of information to provide and improve our web application security services. Understanding what information we gather helps you make informed decisions about using our platform.

Personal Information

Name, email address, phone number, company details, and professional title when you register or contact us.

Technical Data

IP addresses, browser type, device information, operating system, and access times for security and optimization purposes.

Usage Information

How you interact with our platform, features used, time spent, and navigation patterns to enhance user experience.

Security Analytics

Application vulnerability data, security scan results, and threat assessment information processed through our services.

Automatic Data Collection

We automatically collect certain information when you visit our website or use our services. This includes log files, cookies, web beacons, and similar tracking technologies. These tools help us understand user behavior and improve our security platform's effectiveness.

Important Note: We never collect sensitive personal information such as social security numbers, financial account details, or health records unless specifically required for our security services and with your explicit consent.

2. How We Use Your Information

Your information serves multiple purposes in delivering comprehensive web application security services. We believe in transparency about how your data contributes to our platform's functionality and your overall experience.

Service Delivery and Enhancement

  • Providing web application security assessments and vulnerability scanning
  • Delivering personalized security recommendations and threat intelligence
  • Processing security reports and generating detailed vulnerability analyses
  • Offering technical support and customer assistance
  • Sending important service updates and security alerts

Platform Optimization

We analyze usage patterns to identify areas for improvement in our security tools. This includes understanding which features are most valuable to users, optimizing scan performance, and developing new security capabilities that address emerging threats.

Communication and Support

Your contact information allows us to provide timely support, share important security updates, and communicate about your account status. We may also use this information to inform you about new features that could enhance your security posture.

Legal Basis for Processing: We process your personal information based on legitimate business interests, contractual necessity, legal compliance, and your explicit consent where required by applicable privacy laws.

3. Information Sharing and Disclosure

We maintain strict controls over information sharing and only disclose your data under specific circumstances that align with providing our services or meeting legal obligations.

Service Providers and Partners

We work with trusted third-party providers who help us deliver our security services. These include cloud hosting providers, data analytics services, and security research organizations. All partners are bound by confidentiality agreements and must maintain the same level of data protection that we provide.

Legal Requirements and Safety

We may disclose information when required by law, legal process, or government request. We also reserve the right to share information if we believe it's necessary to protect our users, prevent fraud, or address security threats that could impact the broader cybersecurity community.

Business Transfers

In the event of a merger, acquisition, or sale of business assets, user information may be transferred as part of the transaction. We would notify users of any such change in ownership or control of personal information.

We Never: Sell your personal information to third parties, share your security data with competitors, or use your information for purposes unrelated to our security services without your explicit consent.

4. Your Privacy Rights

We respect your right to control your personal information. Depending on your location, you may have various rights regarding how we collect, use, and store your data.

Access Rights

Request a copy of all personal information we hold about you, including how it's being used and shared.

Correction Rights

Update or correct inaccurate personal information in your account or our systems.

Deletion Rights

Request deletion of your personal information, subject to legal and operational requirements.

Portability Rights

Export your data in a commonly used format for transfer to another service provider.

Objection Rights

Object to certain types of processing, including marketing communications and automated decision-making.

Restriction Rights

Limit how we process your information in specific circumstances while maintaining your account.

Exercising Your Rights

To exercise any of these rights, contact our privacy team at [email protected]. We'll respond to your request within 30 days and may require identity verification to protect your information from unauthorized access.

You can also manage many aspects of your data directly through your account settings, including updating contact information, adjusting communication preferences, and downloading your security reports.

5. Data Security and Protection

As a cybersecurity company, we understand the critical importance of protecting your data. We employ multiple layers of security controls to safeguard your information against unauthorized access, disclosure, or misuse.

Technical Safeguards

  • End-to-end encryption for data transmission and storage
  • Regular security assessments and penetration testing
  • Multi-factor authentication for administrative access
  • Automated threat detection and response systems
  • Secure development practices and code review processes

Operational Security

Our team follows strict security protocols including background checks for personnel with data access, regular security training, and incident response procedures. We maintain detailed logs of all data access and regularly audit our security practices.

Data Breach Response

In the unlikely event of a data breach, we have established procedures to contain the incident, assess the impact, and notify affected users within 72 hours. We work closely with law enforcement and regulatory authorities when necessary.

Security Commitment: We continuously invest in advanced security technologies and regularly update our protection measures to address evolving cyber threats and maintain the highest standards of data protection.

6. Data Retention and Deletion

We retain your information only as long as necessary to provide our services, comply with legal obligations, and maintain the security and integrity of our platform.

Retention Periods

  • Account information: Retained while your account is active and for 2 years after account closure
  • Security scan data: Stored for 3 years to enable trend analysis and comparative security assessments
  • Communication records: Maintained for 1 year for customer support and quality assurance purposes
  • Technical logs: Automatically deleted after 90 days unless required for ongoing security investigations

Deletion Procedures

When data reaches the end of its retention period, we use secure deletion methods to ensure information cannot be recovered. This includes overwriting storage media and destroying physical devices according to industry standards.

You can request early deletion of your information at any time, though we may need to retain certain data to comply with legal requirements or resolve disputes. We'll clearly explain what information must be retained and why.

7. International Data Transfers

Zhyxalern operates primarily from India, but we may transfer your information to other countries to provide our services effectively. We ensure all international transfers meet appropriate privacy protection standards.

Transfer Safeguards

When transferring data internationally, we use approved transfer mechanisms such as Standard Contractual Clauses, adequacy decisions, or other legally recognized safeguards to ensure your information receives adequate protection regardless of location.

Data Processing Locations

Your information may be processed in India, the United States, or other countries where our service providers operate. We carefully evaluate the privacy laws and security standards of any location where your data is processed.

Cross-Border Commitment: Regardless of where your data is processed, we maintain the same high standards of privacy protection and security controls outlined in this policy.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our platform, analyze usage patterns, and provide personalized security recommendations.

Types of Cookies We Use

  • Essential cookies: Required for basic platform functionality and security
  • Performance cookies: Help us understand how users interact with our services
  • Functional cookies: Remember your preferences and settings
  • Security cookies: Detect suspicious activity and protect against threats

Managing Cookie Preferences

You can control cookie settings through your browser or our cookie preference center. Note that disabling certain cookies may limit platform functionality or security features.

We respect Do Not Track signals and provide clear options for managing tracking preferences. Third-party cookies from our service providers are governed by their respective privacy policies.

9. Children's Privacy

Zhyxalern's services are designed for business and professional use. We do not knowingly collect personal information from individuals under 16 years of age without appropriate parental or guardian consent.

If we become aware that we have collected information from a child under 16 without proper consent, we will take steps to delete that information promptly. Parents or guardians who believe their child has provided information to us should contact our privacy team immediately.

Our platform includes security education resources that may be suitable for older students and young professionals learning about cybersecurity, but these are intended for supervised educational use rather than independent account creation by minors.

10. Changes to This Policy

We may update this privacy policy periodically to reflect changes in our services, legal requirements, or privacy practices. We're committed to keeping you informed about how we protect your information.

Notification Process

When we make material changes to this policy, we'll notify you through email, platform notifications, or prominent website notices at least 30 days before changes take effect. For minor updates that don't affect your rights, we'll update the "Last Updated" date at the top of this policy.

Your Continued Use

Continued use of our services after policy updates indicates acceptance of the revised terms. If you disagree with changes, you can contact us to discuss your concerns or close your account if the modifications are not acceptable to you.

We maintain an archive of previous policy versions for reference and will provide access to historical versions upon request.

Contact Us About Privacy

If you have questions about this privacy policy or how we handle your information, we're here to help.

Email: [email protected]

Phone: +919819738214

Address: Gol Mandir Rd, Mittal Bhawan Preet Vihar Colony, Zaidi Nagar, Shastri Nagar, Meerut, Uttar Pradesh 250003, India

We typically respond to privacy inquiries within 2-3 business days and aim to resolve all concerns promptly and thoroughly.