Privacy Policy
How Cyberneza LLC collects, uses, and protects information from visitors and clients.
Last updated: January 5, 2026
Cyberneza LLC ("Cyberneza", "we", "us", or "our") respects your privacy and is committed to protecting it. This Privacy Policy explains how we collect, use, and share information when you visit our website at cyberneza.com, interact with us, or engage our services.
1. Information we collect
We collect the following categories of personal information:
Information you provide directly
- Contact information: name, email address, phone number, company name
- Communications: messages you send via contact forms, email, or scheduling tools
- Professional information: job title, company size, industry, and compliance needs you share with us
Information collected automatically
- Device information: IP address, browser type and version, operating system, device type
- Usage data: pages visited, time spent on pages, referring URLs, click patterns
- Location data: approximate geographic location based on IP address (country/region level only)
2. Legal basis for processing (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases:
- Consent: When you submit a contact form or book a call, you consent to us processing your information to respond to your inquiry.
- Legitimate interests: We process usage data to improve our website, understand how visitors use our services, and maintain security. Our legitimate interests do not override your fundamental rights and freedoms.
- Contract performance: When you engage our services, we process information necessary to fulfill our contractual obligations.
- Legal obligation: We may process data when required to comply with applicable laws.
3. Cookies and tracking technologies
We use the following cookies and similar technologies:
Essential cookies
Required for basic website functionality. These cannot be disabled.
Analytics cookies
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics | Distinguishes unique users | 2 years |
| _ga_* | Google Analytics | Maintains session state | 2 years |
Google Analytics: We use Google Analytics 4 to understand website usage patterns. Google may transfer data to servers in the United States. Learn more: Google Privacy Policy | Opt-out Browser Add-on
Managing cookies
You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality. Most browsers allow you to:
- View and delete existing cookies
- Block third-party cookies
- Block cookies from specific sites
- Block all cookies
4. How we use information
We use the information we collect to:
- Respond to inquiries and communicate with you about potential or ongoing engagements
- Provide, operate, and improve our services and website
- Understand aggregate usage patterns to improve content, messaging, and user experience
- Send relevant information about our services (only with your consent)
- Maintain the security of our website and services and detect or prevent abuse
- Comply with legal obligations where applicable
Automated decision-making: We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.
5. How we share information
We do not sell, rent, or trade your personal information. We do not share your information for cross-context behavioral advertising. We may share information in the following limited situations:
- Service providers: Third parties who help us operate our website, analytics, or communications, bound by contractual confidentiality obligations and data processing agreements.
- Professional advisors: Legal, accounting, or other professional advisors when reasonably necessary.
- Legal requirements: When required to comply with applicable laws, regulations, court orders, or legal processes.
- Business transfers: In connection with a merger, acquisition, or sale of assets, with notice provided to affected users.
Third-party services we use
- Google Analytics: Website analytics — Privacy Policy
- Calendly: Appointment scheduling — Privacy Policy
- Netlify: Website hosting — Privacy Policy
- CISO Assistant: GRC and compliance management — Privacy Policy
6. Data retention
We retain personal information for specific periods based on the type of data and purpose:
- Contact form submissions: 3 years from last interaction, or until you request deletion
- Email correspondence: 3 years from last interaction
- Client engagement records: 7 years after engagement ends (for legal and accounting purposes)
- Analytics data: 26 months (Google Analytics default retention)
- Server logs: 90 days
When information is no longer needed, we securely delete or anonymize it.
7. Information security
As a security-focused company, we implement appropriate technical and organizational measures to protect personal information, including:
- HTTPS encryption for all data in transit
- Access controls limiting who can view personal data
- Regular security assessments of our systems
- Secure configuration of third-party services
However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we commit to notifying affected individuals and relevant authorities of any breach as required by applicable law.
8. Your privacy rights
Depending on your location, you may have the following rights regarding your personal information:
All users
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information
- Opt-out: Opt out of marketing communications at any time
EEA, UK, and Swiss residents (GDPR)
In addition to the above, you have the right to:
- Portability: Receive your data in a structured, commonly used, machine-readable format
- Restriction: Request restriction of processing in certain circumstances
- Object: Object to processing based on legitimate interests
- Withdraw consent: Withdraw consent at any time where processing is based on consent
- Lodge a complaint: File a complaint with your local data protection authority
Response time: We will respond to verified requests within 30 days. If we need additional time, we will notify you of the reason and extension period (up to 60 additional days).
California residents (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to know: Request disclosure of the categories and specific pieces of personal information we have collected
- Right to delete: Request deletion of your personal information, subject to certain exceptions
- Right to correct: Request correction of inaccurate personal information
- Right to opt-out of sale/sharing: We do not sell or share personal information for cross-context behavioral advertising
- Right to limit use of sensitive personal information: We do not use or disclose sensitive personal information for purposes other than those permitted by the CPRA
- Right to non-discrimination: We will not discriminate against you for exercising your privacy rights
Categories of information collected in the past 12 months: Identifiers (name, email, IP address), internet activity information (browsing history on our site), and professional information (job title, company).
To exercise your rights: Contact us at larry@cyberneza.com. We will verify your identity before processing your request.
9. International data transfers
Cyberneza LLC is based in the United States. If you access our website or services from outside the U.S., your information will be transferred to and processed in the United States.
For transfers from the EEA, UK, or Switzerland to the United States, we rely on:
- Standard Contractual Clauses (SCCs): We use EU-approved SCCs with service providers that process data on our behalf
- Data Privacy Framework: Where applicable, we work with service providers certified under the EU-U.S. Data Privacy Framework
You may request a copy of the safeguards we use by contacting us.
10. Third-party websites and services
Our site contains links to third-party websites and services, including Calendly for scheduling and various compliance framework resources. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies:
11. Children's privacy
Our website and services are not directed to children under 16 (or under 13 in the United States), and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately so we can delete it.
12. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Revise the "Last updated" date at the top of this page
- Provide notice on our website for significant changes
- Where required by law, obtain your consent to material changes
We encourage you to review this page periodically to stay informed about our practices.
13. How to contact us
If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how we handle personal information, contact us at:
Cyberneza LLC
626 North Alafaya Trail
Orlando, Florida 32828
United States
Email: larry@cyberneza.com
Privacy inquiries response time: We aim to respond to all privacy-related inquiries within 5 business days.