Dark Force
Security In Depth
Last updated: June 2025. This policy describes how Dark Force collects, uses, and protects your information.
We collect contact details (name, email, company) when you request assessments or subscribe to updates. During security engagements, we may process system metadata, configuration data, and vulnerability findings provided or discovered within your authorized environment. We do not collect personal data from end-users of client systems unless explicitly required and authorized.
Your data is used solely to deliver our services, communicate engagement status, and provide deliverables. We may use anonymized, aggregated statistics for internal research and marketing. We never sell your data to third parties. Any data sharing is limited to vetted subcontractors bound by strict confidentiality agreements.
We implement industry-standard security measures including encryption at rest and in transit, role-based access controls, multi-factor authentication, and regular security audits. Our internal infrastructure undergoes the same rigorous testing we perform for clients. In the unlikely event of a data breach, affected parties will be notified within 72 hours.
Our website uses essential cookies for functionality and optional analytics cookies to understand visitor behavior. You can manage cookie preferences through your browser settings. We do not use tracking pixels or third-party advertising networks. No personal data is shared with analytics providers beyond anonymized IP addresses.
You have the right to access, correct, or delete your personal data. You may request a copy of data we hold about you or ask us to restrict processing. To exercise these rights, contact us using the details on our Contact page. We will respond to all requests within 30 days.
Contact and engagement data is retained for the duration of the business relationship plus 90 days, after which it is securely deleted. Legal or regulatory requirements may necessitate longer retention for specific records. Raw engagement artifacts (logs, screenshots) are purged 90 days after final report delivery unless otherwise agreed.
We may revise this Privacy Policy periodically. The latest version will always be available on this page with the updated date. For material changes, we will notify active clients directly. Continued use of our services after changes constitutes acceptance.
For questions or concerns about this Privacy Policy or your data, please reach out through our Contact page.