🛡️ Cybersecurity without the headache

Privacy Policy

Your privacy and data protection are fundamental to how we operate

Last updated: June 30, 2025

Our Commitment to Your Privacy

NonaSec ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our cybersecurity services.

1. Information We Collect

Personal Information You Provide

We collect information you voluntarily provide when you:

  • Contact us through our website forms
  • Request a free security assessment
  • Subscribe to our newsletter or updates
  • Engage our cybersecurity services
  • Participate in surveys or feedback requests

Types of Personal Information:

  • Contact Information: Name, email address, phone number, company name, job title
  • Business Information: Industry, company size, security challenges, compliance requirements
  • Communication Data: Messages, feedback, and correspondence with our team
  • Technical Information: Information related to your cybersecurity infrastructure (when providing services)

Information Automatically Collected

  • Website Analytics: Pages visited, time spent, referral sources, device information
  • Technical Data: IP address, browser type, operating system, screen resolution
  • Chatbot Interactions: Conversation history, responses to qualification questions, lead scoring data, service preferences
  • CRM Integration: HubSpot tracking cookies, lead source attribution, conversion events
  • Cookies and Tracking: See our Cookie Policy section for detailed information

Interactive Chatbot Data Collection:

Our website features an interactive chatbot that helps qualify your security needs. During these conversations, we collect:

  • Responses to security assessment questions
  • Company size and industry information
  • Budget ranges and timeline preferences
  • Service interest and priority levels
  • Lead qualification scores based on responses

This data is used solely to provide relevant recommendations and connect you with appropriate services.

2. How We Use Your Information

Legitimate Business Purposes

  • Service Delivery: Providing cybersecurity assessments, AI governance advisory, business continuity planning, and security services
  • Communication: Responding to inquiries, providing updates, and maintaining customer relationships
  • Lead Qualification: Using chatbot responses and behavioral data to provide relevant service recommendations
  • Business Operations: Processing requests, scheduling consultations, and managing client relationships
  • Analytics & Optimization: Tracking user behavior through Google Analytics, HubSpot, and conversion metrics
  • Legal Compliance: Meeting regulatory requirements and maintaining necessary business records
  • Website Improvement: Analyzing usage patterns to enhance user experience and website functionality
  • Security: Protecting our systems and detecting fraudulent or suspicious activity

Marketing Communications (With Consent)

We may send you marketing communications about our services, cybersecurity insights, and industry updates only if you have:

  • Explicitly opted in to receive marketing communications
  • Are an existing client with whom we have a legitimate business relationship
  • Have not opted out of receiving such communications

3. Information Sharing and Disclosure

We Do NOT Sell Your Personal Information

NonaSec does not sell, rent, or lease your personal information to third parties for marketing purposes.

Limited Sharing Circumstances

  • Service Providers: Trusted third-party vendors including HubSpot (CRM), Google Analytics, email services, and website hosting (under strict confidentiality agreements)
  • Social Media Platforms: LinkedIn, Facebook, and Instagram for business marketing purposes (only with your explicit interaction)
  • Legal Requirements: When required by law, court order, or to protect our legal rights
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (with notification to affected users)
  • Consent: When you have given explicit consent for specific sharing purposes

4. Data Security

As a cybersecurity company, we implement industry-leading security measures to protect your personal information:

Technical Safeguards

  • SSL/TLS encryption for data transmission
  • Encrypted data storage
  • Multi-factor authentication
  • Regular security audits and monitoring

Administrative Safeguards

  • Access controls and role-based permissions
  • Employee training on data protection
  • Incident response procedures
  • Regular policy reviews and updates

5. Your Privacy Rights

Regardless of your location, you have the following rights regarding your personal information:

Access and Portability

Request a copy of the personal information we hold about you in a portable format.

Correction and Update

Request correction of inaccurate or incomplete personal information.

Deletion

Request deletion of your personal information (subject to legal and contractual obligations).

Opt-Out

Unsubscribe from marketing communications or withdraw consent at any time.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience and analyze website usage.

Types of Cookies We Use

Essential Cookies (Always Active)

Required for basic website functionality, security, and user preferences.

Analytics Cookies (Optional)

Help us understand how visitors interact with our website to improve user experience.

Marketing Cookies (Optional)

Used to deliver relevant content and track the effectiveness of our marketing campaigns.

You can manage your cookie preferences through our cookie consent banner or by visiting ourCookie Preferences Center.

7. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have additional rights under the CCPA:

Your California Rights:

  • Right to Know: Request disclosure of categories and specific pieces of personal information collected
  • Right to Delete: Request deletion of personal information (subject to exceptions)
  • Right to Opt-Out: Opt-out of the sale of personal information (Note: We do not sell personal information)
  • Right to Non-Discrimination: Equal service and pricing regardless of exercising privacy rights

To exercise your CCPA rights, please contact us using the information in the Contact section below.

8. General Data Protection Regulation (GDPR) Rights

If you are located in the European Economic Area (EEA), you have rights under the GDPR:

Your GDPR Rights:

  • Right of Access: Obtain confirmation of data processing and access to your personal data
  • Right to Rectification: Correct inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of personal data under certain circumstances
  • Right to Restrict Processing: Limit how we use your personal data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you have given clear consent for specific processing activities
  • Contractual Necessity: To perform our cybersecurity services and fulfill contractual obligations
  • Legitimate Interests: For business operations, website improvement, and security purposes
  • Legal Compliance: To comply with applicable laws and regulations

9. Children's Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date at the top of this policy
  • Sending email notifications for significant changes (where we have your consent)

11. Contact Information

Data Protection Officer & Privacy Inquiries

Contact Methods:

Phone

(866) NONASEC

Mailing Address

NonaSec
Lake Nona, FL 32827
United States

Response Time:

We will respond to privacy requests within:

  • GDPR requests: 30 days (may extend to 60 days for complex requests)
  • CCPA requests: 45 days (may extend to 90 days for complex requests)
  • General inquiries: 5-10 business days