Effective Date: March 1, 2026
Last Updated: March 27, 2026

Cybantage (“Cybantage,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information we collect through Cybantage.com and any related websites, landing pages, forms, downloads, consultations, assessments, scheduling pages, events, communications, and online services that link to this Privacy Policy (collectively, the “Site” or “Services”).

This Privacy Policy explains how we collect, use, disclose, retain, and protect information about visitors, prospects, clients, and other individuals who interact with us online. It also describes choices and rights that may be available to you.

By using our Site or Services, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are

Cybantage provides cybersecurity advisory, research, assessment, governance, resilience, and related professional services.

Contact Information
Cybantage
[Insert legal entity name, if different]
[Insert mailing address]
Email: [privacy@cybantage.com or info@cybantage.com]
Phone: [Insert phone number]

2. Scope of This Privacy Policy

This Privacy Policy applies to information we collect:

  • through our website and related pages;
  • when you download whitepapers, research, reports, or other content;
  • when you complete forms, request consultations, register for events, or communicate with us;
  • when you book meetings or appointments using embedded or linked scheduling tools;
  • through cookies, pixels, analytics, and similar technologies on our Site;
  • from service providers, marketing tools, CRM platforms, and other business systems supporting our operations.

This Privacy Policy does not apply to:

  • information processed solely on behalf of a client under a separate services agreement;
  • third-party websites, tools, or services not controlled by Cybantage, even if linked from our Site;
  • employment-related information collected from job applicants, employees, or contractors, unless specifically stated.

3. Information We Collect

We may collect the following categories of information.

A. Information You Provide Directly

You may provide us with information such as:

  • name;
  • business email address;
  • company name;
  • job title;
  • phone number;
  • industry or business information;
  • messages, comments, requests, or other content you submit;
  • scheduling details, appointment preferences, or meeting-related information;
  • event registration details;
  • information you provide when requesting research, assessments, consultations, demos, or follow-up contact.

B. Information Collected Automatically

When you visit or interact with our Site, we or our service providers may automatically collect information such as:

  • IP address;
  • device identifiers;
  • browser type and version;
  • operating system;
  • referring URL;
  • pages viewed;
  • links clicked;
  • date/time stamps;
  • session activity;
  • approximate geolocation inferred from IP address;
  • cookie or similar technology identifiers.

C. Information from Third Parties

We may receive information from:

  • analytics providers;
  • advertising or social media platforms;
  • CRM and sales tools;
  • scheduling and conferencing providers;
  • email delivery platforms;
  • publicly available sources such as company websites, public professional profiles, or business directories;
  • referral sources, partners, or event co-sponsors.

D. Sensitive Information

We do not intentionally request sensitive personal information through the public portions of our Site unless clearly necessary for a specific lawful purpose. Please do not submit highly sensitive information through general website forms unless expressly requested and secured for that purpose.

4. How We Use Information

We may use personal information for the following purposes:

  • to operate, maintain, and improve our Site and Services;
  • to provide requested whitepapers, research, downloads, newsletters, alerts, or other content;
  • to respond to inquiries and communicate with you;
  • to schedule and manage consultations, meetings, or events;
  • to provide assessments, advisory services, and related business support;
  • to personalize content, user experience, and communications;
  • to understand usage trends, engagement, and effectiveness of content or campaigns;
  • to manage leads, prospects, and client relationships;
  • to maintain security, detect fraud, and protect our systems, users, and business;
  • to enforce our Terms, contracts, and policies;
  • to comply with legal obligations, regulatory requirements, law enforcement requests, or lawful process;
  • to establish, exercise, or defend legal claims;
  • for other purposes disclosed at the time of collection or with your consent.

5. Legal Bases for Processing

If and to the extent applicable law requires a legal basis for processing, we may process personal information on one or more of the following grounds:

  • your consent;
  • performance of a contract or steps taken at your request before entering into a contract;
  • our legitimate business interests, such as operating the Site, responding to requests, improving services, protecting security, and marketing our services in a business-to-business context where permitted;
  • compliance with legal obligations;
  • protection of vital interests;
  • public interest or other lawful bases recognized by applicable law.

6. Cookies and Similar Technologies

We and our service providers may use cookies, pixels, tags, scripts, session replay tools, local storage, and similar technologies to:

  • keep the Site functioning properly;
  • remember preferences;
  • understand site traffic and usage;
  • measure campaign effectiveness;
  • improve performance and content;
  • support security and fraud prevention;
  • support permitted marketing and retargeting activities.

Cookies may be session cookies or persistent cookies.

Types of Cookies We May Use

  • Essential cookies – required for core site functionality.
  • Analytics cookies – help us understand how users interact with the Site.
  • Functional cookies – remember settings and improve usability.
  • Advertising or marketing cookies – may support audience measurement, remarketing, or campaign attribution where used.

You can usually control cookies through your browser settings. Disabling cookies may affect site functionality.

Do Not Track

Some browsers offer a “Do Not Track” setting. Because there is no universally accepted standard for responding to DNT signals, our Site may not respond to them in a uniform way. California guidance has long expected operators to disclose how they treat DNT signals and similar tracking choices.

7. How We Disclose Information

We do not sell personal information in exchange for money in the ordinary course of our business unless we explicitly state otherwise.

We may disclose personal information to:

  • hosting providers and website infrastructure vendors;
  • analytics providers;
  • email, CRM, marketing automation, or lead management providers;
  • scheduling, conferencing, and communications providers;
  • document delivery, download, or content management providers;
  • professional advisors such as attorneys, accountants, insurers, and auditors;
  • law enforcement, regulators, courts, or other parties where required by law or legal process;
  • acquirers, investors, lenders, or other parties involved in an actual or proposed merger, acquisition, financing, reorganization, sale of assets, or similar transaction;
  • other parties with your direction or consent.

We may also disclose aggregated or de-identified information that does not reasonably identify you.

8. No Sale or Sharing Statement

We do not sell your personal information for monetary consideration in the ordinary course of business.

We also do not knowingly share personal information for cross-context behavioral advertising in a manner that would trigger opt-out rights under applicable law unless we specifically implement such practices and update this Privacy Policy accordingly.

If our practices change, we will update this Privacy Policy and any required notices.

9. How Long We Retain Information

We retain personal information for as long as reasonably necessary to:

  • fulfill the purposes described in this Privacy Policy;
  • provide Services and maintain business records;
  • comply with legal, tax, accounting, contractual, or regulatory obligations;
  • resolve disputes;
  • enforce agreements; and
  • protect our legal interests.

Retention periods may vary depending on the type of information, the sensitivity of the data, the purpose of collection, and applicable legal requirements.

10. Data Security

We use reasonable and appropriate administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. The FTC’s business guidance emphasizes that sound security begins with understanding what data you hold, how it flows, and who can access it.

However, no method of transmission over the Internet and no system can be guaranteed to be 100% secure. You should use care when transmitting information online.

If we become aware of a data incident affecting personal information, we will take steps we deem appropriate under the circumstances and as required by applicable law.

11. Third-Party Services and Embedded Tools

Our Site may include links to, or integrations with, third-party services such as:

  • scheduling platforms;
  • video conferencing tools;
  • customer relationship management systems;
  • analytics tools;
  • email delivery services;
  • embedded content providers;
  • social media platforms.

These third parties may collect information directly from you or automatically through their own technologies. Their privacy practices are governed by their own privacy notices and terms, not this Privacy Policy. We encourage you to review those notices before submitting information or using those tools.

12. Email Communications and Marketing

If you provide your contact information, we may send you:

  • requested downloads or research materials;
  • follow-up communications related to your request;
  • updates about our research, Services, events, or insights;
  • other business communications where permitted by law.

You may opt out of marketing emails by using the unsubscribe link in the email or by contacting us directly. Even if you opt out of marketing emails, we may still send non-marketing communications, such as responses to your inquiries, transactional messages, security notices, or important updates.

13. Children’s Privacy

Our Site and Services are intended for business and professional audiences and are not directed to children under 13. We do not knowingly collect personal information from children under 13 through the Site. If we learn that we have collected personal information from a child under 13 without appropriate authorization, we will take steps to delete it.

If you believe a child has provided personal information to us, please contact us.

14. International Users

Our Site is operated in the United States. If you access the Site from outside the United States, your information may be transferred to, stored in, and processed in the United States or other jurisdictions where our service providers operate.

Those jurisdictions may have data protection laws different from those in your country. By using the Site or providing information to us, you understand that your information may be transferred to and processed in jurisdictions outside your place of residence, subject to applicable legal requirements.

15. Your Privacy Rights and Choices

Depending on where you live and subject to applicable law, you may have rights regarding your personal information, such as the right to:

  • know or access the personal information we hold about you;
  • request correction of inaccurate personal information;
  • request deletion of certain personal information;
  • obtain a portable copy of certain personal information;
  • opt out of certain processing activities, where applicable;
  • withdraw consent where processing is based on consent;
  • appeal a denial of a privacy rights request, where applicable.

To exercise privacy rights, contact us using the information at the end of this Policy. We may need to verify your identity before processing certain requests. We may also decline requests where permitted by law.

16. California Privacy Notice

This section applies to California residents to the extent the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), applies to Cybantage. The CCPA applies only to businesses meeting statutory thresholds, including certain revenue or data-volume thresholds. California also separately requires many operators that collect personally identifiable information online from Californians to conspicuously post a privacy policy and comply with it.

Categories of Personal Information We May Collect

Over the prior 12 months, we may have collected the following categories:

  • identifiers, such as name, email address, company name, IP address, and online identifiers;
  • commercial information, such as records of requested services or downloads;
  • internet or other electronic network activity information, such as browsing activity and interactions with the Site;
  • professional or employment-related information, such as title, company, and business contact details;
  • geolocation data derived from IP address;
  • inferences drawn from the above to support business outreach, content relevance, or service delivery.

Sources

We collect personal information:

  • directly from you;
  • automatically from your device and browser;
  • from service providers and business systems;
  • from public or third-party sources.

Business or Commercial Purposes

We collect and use personal information for the purposes described in this Policy, including operating the Site, responding to requests, providing Services, improving content, maintaining security, and permitted marketing.

Disclosure

We may disclose these categories to service providers, contractors, advisors, business partners, and other parties as described in this Policy.

California Rights

Subject to applicable law and verification, California residents may have the right to:

  • know/access;
  • correct inaccurate personal information;
  • delete personal information;
  • obtain portable access to certain data;
  • opt out of sale or sharing, if applicable;
  • limit use of sensitive personal information, if applicable;
  • receive non-discriminatory treatment for exercising rights.

Authorized Agents

California residents may designate an authorized agent to submit requests on their behalf, subject to verification requirements.

Notice of Financial Incentives

We do not currently offer financial incentives for personal information unless expressly disclosed in a separate notice.

Shine the Light

California residents may also have certain rights under California Civil Code Section 1798.83 regarding direct marketing disclosures, where applicable.

17. Virginia Privacy Notice

This section applies to Virginia residents to the extent the Virginia Consumer Data Protection Act (“VCDPA”) applies to Cybantage. The VCDPA grants certain rights to Virginia consumers and requires covered controllers to meet specific obligations.

Subject to applicable law, Virginia residents may have rights to:

  • confirm whether we process their personal data;
  • access personal data;
  • correct inaccuracies;
  • delete personal data;
  • obtain a copy of personal data in a portable format;
  • opt out of targeted advertising, sale of personal data, or profiling in furtherance of decisions producing legal or similarly significant effects, where applicable.

Virginia residents may appeal a decision we make regarding a privacy rights request by contacting us at [appeals@cybantage.com or privacy@cybantage.com] with the subject line “Privacy Appeal.”

18. Nevada Residents

Nevada residents may have the right to direct an operator not to make certain sales of covered information under Nevada law. Because we do not sell covered information in the ordinary course as contemplated here, we do not currently offer a separate Nevada opt-out process beyond the contact methods provided below unless our practices change.

19. Data Breach and Incident Notice

If we experience a security breach involving personal information, we will respond in accordance with applicable law. For example, Virginia’s breach notification law requires notice without unreasonable delay in certain circumstances involving unencrypted or unredacted personal information of Virginia residents.

20. Accuracy and Responsibility for Submitted Information

You are responsible for ensuring that information you submit to us is accurate and up to date, and that you have authority to provide it if you submit information on behalf of another person or organization.

21. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date above. If changes are material, we may provide additional notice as required by law or as appropriate under the circumstances.

Your continued use of the Site after an updated Privacy Policy becomes effective means the updated Policy will apply to your interactions going forward, subject to applicable law.

22. Contact Us

If you have questions about this Privacy Policy or wish to exercise applicable privacy rights, contact us at:

Cybantage
[Insert mailing address]
Email: [privacy@cybantage.com]
General Contact: [info@cybantage.com]
Phone: [Insert phone number]

For privacy rights requests, please include enough information for us to understand, evaluate, and respond to your request, including your relationship to Cybantage and the email address or contact details relevant to your request.