Privacy Policy
Last Updated: DEC 2025
This Privacy Policy is drafted specifically for CyberAries, operating in India, and aligned
with the Digital Personal Data Protection Act (DPDP Act, 2023). It details how we collect, use, and protect personal data
in compliance with Indian regulations and best practices.
1. Introduction
CyberAries (“Company”, “we”, “our”, “us”) is a cybersecurity service provider based in India offering
VAPT services, Penetration Testing, Incident Response, Cloud Security, SOC monitoring, Compliance consulting,
and related digital security solutions.
This Privacy Policy outlines how we collect, use, store, and safeguard Personal Data
in accordance with the Digital Personal Data Protection Act (DPDP Act), 2023 and applicable
best practices.
2. Applicability
This policy applies to:
- Visitors of our website: www.cyberaries.com
- Clients who engage our cybersecurity services
- Individuals contacting us via web forms, email, WhatsApp, or support channels
- Employees, vendors, trainees, and service partners
3. What Personal Data We Collect
3.1 Data You Provide to Us
- Name, Email, Phone number
- Company Name, Role/Designation
- Inquiry messages, project requirements
- Billing information (if services are purchased)
- Documents voluntarily shared for security audits
3.2 Data Collected Automatically
- IP address
- Browser/device information
- Website analytics and user journey
- Cookies (functional & analytics only)
3.3 Sensitive Personal Data
CyberAries does NOT request or process sensitive personal data unless required for compliance or legal purposes.
4. Purpose of Collecting Personal Data
CyberAries processes personal data for:
- Providing cybersecurity services (VAPT, PT, SOC monitoring, Cloud security assessments)
- Responding to inquiries & support requests
- Improving website performance
- Compliance with legal/regulatory obligations (CERT-In, ISO 27001, etc.)
- Client onboarding, project execution, invoicing
- Security awareness communication
5. Lawful Basis Under DPDP Act (India)
We process data based on:
- Consent – Provided through forms, contracts, or email communication
- Legitimate Uses – Delivering cybersecurity services requested by you
- Legal Compliance – CERT-In incident reporting, audit requirements, invoices
6. How We Use Cookies
- Essential cookies – Required for site functionality
- Analytics cookies – To measure website usage (non-personally identifiable)
- No advertising/marketing cookies are used
7. Sharing of Personal Data
We may share data with:
- Internal CyberAries security teams
- Trusted service providers (cloud hosting, email delivery, analytics)
- Regulatory authorities (CERT-In or Government agencies when required)
- Partners performing audits under NDA
We NEVER sell personal data.
8. Data Security Measures
CyberAries implements:
- Encryption at rest and in transit
- Role-based access control (RBAC)
- Multi-layer firewalls
- Secure DevOps practices
- Continuous security monitoring
- Regular penetration testing
9. Data Retention
Data is retained only as long as required for the purposes stated, or as required by Indian law.
10. Your Rights Under DPDP Act
Users can request:
- Access to their data
- Correction of inaccurate data
- Deletion of personal data
- Withdrawal of consent
- Grievance redressal
11. Children’s Data
CyberAries does not knowingly collect data of children under 18.
12. International Transfer of Data
If required, data may be stored or processed outside India with adequate safeguards.
13. Contact for Data Requests
Data Protection Officer / Grievance Officer:
CyberAries Security Solutions
Email: privacy@cyberaries.com
Location: Hiranandani Business Park, Powai, Mumbai - 400071 India
14. Changes to this Privacy Policy
We may update this policy from time to time and will reflect the updated date at the top.