This Site runs no analytics and sets no cookies. The only data path is the contact form, and it works like this:
| field | collected when | where it goes |
|---|---|---|
| Name | You submit the contact form | Your own email client — not stored on this Site |
| You submit the contact form | Your own email client — not stored on this Site | |
| Company | You submit the contact form | Your own email client — not stored on this Site |
| Engagement tier | You submit the contact form | Your own email client — not stored on this Site |
| Message | You submit the contact form | Your own email client — not stored on this Site |
We do not sell, rent, or share your contact information with third parties for marketing purposes.
Any data, credentials, findings, or systems access involved in an actual security assessment are governed by the Written Authorization to Test, Rules of Engagement, and Statement of Work executed for that specific engagement — not by this general Site policy. Those documents set retention, confidentiality, and disposal terms for engagement-related data, and are negotiated before any testing begins.
This Site links to external services, including LinkedIn and GitHub. Those services have their own privacy policies, which we don't control.
If this Site adds cookies, analytics, or a CRM-connected contact form, this policy will be updated to reflect that before the change takes effect.