PRIVACY POLICY

Last Updated: February 2026

1. Information We Collect

During our cybersecurity consultation services, we collect and process the following categories of information:

• Payment Information: Payment amounts, transaction IDs, and payment timestamps are processed securely through PayPal. We never store credit card numbers, bank account details, or full payment credentials. PayPal handles all sensitive payment data in accordance with PCI DSS standards.
• Contact Information: Email addresses are required for consultation scheduling via Cal.com, service communications, follow-up recommendations, and important security updates related to your case.
• Security Incident Details: Information about hacked accounts, suspicious activities, security concerns, incident timelines, affected platforms or systems, and any relevant context you provide during consultations.
• Technical Information: System specifications, operating system details, malware samples, security logs, error messages, network configurations, and other technical data you provide for investigation purposes.
• Consultation Records: Notes, findings, analysis results, security recommendations, remediation steps, and documentation created during investigation sessions. This includes session recordings if video consultations are conducted.

2. How We Use Your Information

Your information is used exclusively for the following legitimate purposes:

• Payment Processing: Verifying payment completion, processing transactions through PayPal, generating transaction records, and managing service access permissions.
• Service Delivery: Scheduling consultations through Cal.com, conducting cybersecurity investigations, analyzing security incidents, and providing expert consultation services.
• Security Analysis: Performing malware analysis, system security assessments, account compromise investigations, and digital analysis of security incidents.
• Recommendations: Providing personalized security recommendations, remediation strategies, best practices, and follow-up guidance based on investigation findings.
• Service Quality: Maintaining consultation records, case documentation, service history, and quality assurance records to improve our services and provide continuity of care.
• Security and Fraud Prevention: Detecting and preventing fraudulent payments, unauthorized access attempts, abuse of our services, and protecting both client and service provider interests.
• Legal Compliance: Meeting legal obligations, responding to lawful requests from authorities, maintaining records required by law, and protecting legal rights.
• Communication: Sending service-related communications, consultation confirmations, security updates, important notices, and responding to your inquiries.

We do not use your information for marketing purposes, third-party advertising, or any purpose unrelated to providing cybersecurity consultation services.

3. Information Security

We implement industry-standard security measures to protect your data:

• TLS encryption for all data transmission
• Secure server environments with regular security updates
• Limited access to sensitive information on a need-to-know basis
• Regular security audits and vulnerability assessments
• Secure deletion of temporary investigation data after consultations

4. Data Sharing and Third Parties

We do not sell, rent, trade, or monetize your personal information. We share information only for the sake of technical operations in the following limited circumstances, for example:

• PayPal (Payment Processing): Payment information is shared with PayPal for transaction processing. PayPal's TOS & privacy policy applies to their handling of your payment data.
• Cal.com (Scheduling Platform): Your email address & booking details are shared with Cal.com for appointment scheduling. They process scheduling information in accordance with their TOS & privacy policy, which governs their data handling.
• Vercel (Hosting Provider): Our website is hosted on Vercel. Basic technical data (IP addresses, request logs) may be processed by Vercel for service delivery and security. Vercel does not access your consultation data or payment information.
• Supabase (Database): Consultation records, payment verification data, and service access tokens are stored in Supabase databases. Supabase provides encrypted database services in accordance with their TOS & Privacy policies.
• Legal Requirements: We may disclose information when required by law, court order, or government request, or to prevent imminent harm to individuals or property.
• Service Providers: We may use trusted service providers for technical operations under strict confidentiality agreements that prohibit them from using your data for any purpose other than providing services to us.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred, but would remain subject to this privacy policy.

All third-party service providers are required to maintain appropriate security measures and use your information only for the purposes we specify.

5. Investigation Data Handling

During cybersecurity investigations, we follow strict data handling procedures:

• Isolated Analysis: Malware samples, suspicious files, and potentially compromised data are analyzed in isolated, secure environments.
• Temporary Storage: Investigation data is stored temporarily only for the duration necessary to complete the analysis. Temporary files are securely deleted after consultation completion.
• Secure Transmission: All data shared during consultations is transmitted using encrypted channels (HTTPS/TLS) to prevent interception or unauthorized access.
• Client-Only Access: Investigation findings and reports are shared exclusively with the authorized client. We do not share your security information with third parties without your explicit consent.
• No Permanent Storage: We do not permanently store copies of your system files, personal data, or account credentials. Only summary findings and recommendations are retained.
• Data Minimization: We collect and process only the minimum amount of data necessary to perform the requested security investigation and provide recommendations.
• Secure Deletion: After consultation completion, all temporary investigation data, file samples, and system snapshots are securely deleted using industry-standard methods.

6. Cookies and Website Tracking

Our website uses minimal tracking:

• Google Analytics or Similar Services: We just use normal traffic analytics like Google Analytics.

7. Your Privacy Rights

You have the right to:

• Request access to your personal information we hold
• Request correction of inaccurate or incomplete information
• Request deletion of your data (subject to legal and service requirements)
• Withdraw consent for data processing where applicable
• Request data portability for information you provided
• Lodge a complaint with relevant data protection authorities

8. Data Retention Periods

We retain information for different periods based on purpose:

• Payment Records: 1 years for tax and legal compliance
• Consultation Notes: 1 years for service quality and legal protection
• Security Investigation Data: Deleted immediately after consultation completion
• Contact Information: 1 year after last service interaction

9. International Data Transfers

Our services involve data processing globally. So, We ensure:

• Secure transmission methods for all data movement
• Protecting clients data while we are investigating it
• Secure deletion of client's personal data after finishing the investigation

10. Children's Privacy

Our cybersecurity services are intended for adults (18+). We do not knowingly collect information from minors. Parents or guardians concerned about a child's security incident should contact us directly for guidance.

11. Security Incident Reporting

If we discover a security breach affecting your data:

• We will notify affected individuals within 72 hours
• We will provide details of the breach and mitigation steps
• We will cooperate with relevant authorities as required

12. Contact for Privacy Concerns

For privacy-related questions, data requests, or concerns, please contact us through our website or email us at: HusamShbib.com Husam@HusamShbib.com.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our services or legal requirements. Material changes may be communicated to existing clients. The updated policy will be posted with a new "Last Updated" date.

← Back to Home