Privacy Policy

Last updated: March 7, 2026

1. Introduction

WHITEGUARD and WhiteHawk Security ("we," "us," or "our") are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website, platform, services, or interact with us (collectively, the "Services"). By using our Services, you consent to the practices described in this policy.

2. Information We Collect

We may collect the following types of information:

  • Personal Information: Name, email address, phone number, job title, company name, and other contact details when you register, request a consultation, or communicate with us.
  • Account Data: Login credentials, usage preferences, and profile information when you use our platform.
  • Technical Data: IP address, browser type, device information, and pages visited when you access our website or platform.
  • Service Data: Information you provide in connection with our cybersecurity services, including security assessments, audits, and compliance activities.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Process requests, consultations, and service engagements
  • Send important updates, security alerts, and service-related communications
  • Respond to your inquiries and provide customer support
  • Analyze usage patterns to enhance our platform and user experience
  • Comply with legal obligations and protect our rights
  • Send marketing communications (with your consent, where required)

4. Legal Basis for Processing

We process your personal data based on: (a) your consent when you voluntarily provide information; (b) performance of a contract when you engage our services; (c) our legitimate interests in operating and improving our business; and (d) compliance with legal obligations where required by law.

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information with: (a) trusted service providers who assist us in operating our business (e.g., hosting, analytics), subject to confidentiality agreements; (b) legal or regulatory authorities when required by law; (c) business partners or affiliates in connection with your engagement; and (d) in connection with a merger, acquisition, or sale of assets, with appropriate notice.

6. Data Security

As a cybersecurity company, we take data protection seriously. We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and employee training. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. When data is no longer needed, we securely delete or anonymize it in accordance with our retention policies.

8. Your Rights

Depending on your location, you may have the right to:

  • Access and receive a copy of your personal data
  • Correct or update inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict certain processing
  • Data portability
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a supervisory authority

To exercise these rights, please contact us using the details below.

9. Cookies and Tracking

Our website may use cookies and similar technologies to enhance your experience, analyze traffic, and personalize content. You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our website.

10. International Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws and that appropriate safeguards are in place to protect your data.

11. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically. Continued use of our Services after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at our contact page.