Privacy Policy

Last Updated: November 2025

1. Introduction

Welcome to CurlSek ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

By using our website or services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide to us when you:

  • Register for an account or use our services
  • Fill out forms on our website
  • Contact us via email, phone, or other communication methods
  • Subscribe to our newsletter or marketing communications
  • Participate in surveys, contests, or promotions

This information may include:

  • Name, email address, phone number, and mailing address
  • Company name, job title, and professional information
  • Payment and billing information
  • Information about your security testing needs and requirements
  • Any other information you choose to provide

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and browsing behavior, including:

  • IP address and location data
  • Browser type and version
  • Operating system
  • Pages visited, time spent on pages, and navigation patterns
  • Referring website addresses
  • Device identifiers and characteristics

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect and store information about your preferences and activities. You can control cookie preferences through your browser settings, though disabling cookies may affect website functionality.

3. How We Use Your Information

We use the collected information for various purposes, including:

  • Service Delivery: To provide, maintain, and improve our penetration testing services and platform
  • Communication: To respond to your inquiries, send service updates, and provide customer support
  • Account Management: To create and manage your account, process transactions, and send administrative information
  • Marketing: To send promotional materials, newsletters, and marketing communications (with your consent where required)
  • Analytics: To analyze usage patterns, improve our website and services, and conduct research
  • Security: To detect, prevent, and address security issues, fraud, and unauthorized access
  • Legal Compliance: To comply with legal obligations, enforce our terms, and protect our rights

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: With third-party vendors, consultants, and service providers who perform services on our behalf (e.g., payment processing, data analytics, cloud hosting)
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, where your information may be transferred as part of the transaction
  • Legal Requirements: When required by law, court order, or government regulation, or to protect our rights, property, or safety
  • Consent: With your explicit consent for any other purpose

We require all third parties to respect the security of your personal information and to treat it in accordance with applicable data protection laws.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and vulnerability testing
  • Access controls and authentication mechanisms
  • Employee training on data protection
  • Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely delete or anonymize it.

Factors that determine retention periods include:

  • The nature and sensitivity of the information
  • The purposes for which we process the information
  • Legal and regulatory requirements
  • The potential risk of harm from unauthorized use or disclosure

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, including:

  • Access: The right to request access to your personal information
  • Correction: The right to request correction of inaccurate or incomplete information
  • Deletion: The right to request deletion of your personal information
  • Portability: The right to receive your personal information in a structured, machine-readable format
  • Objection: The right to object to processing of your personal information
  • Restriction: The right to request restriction of processing
  • Withdraw Consent: The right to withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We take appropriate safeguards to ensure that your personal information receives adequate protection, including:

  • Using standard contractual clauses approved by relevant data protection authorities
  • Ensuring that recipients are subject to appropriate data protection obligations
  • Implementing additional security measures as necessary

9. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete such information promptly.

10. Third-Party Links

Our website may contain links to third-party websites or services that are not owned or controlled by us. This Privacy Policy does not apply to such third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending an email notification to registered users (for significant changes)
  • Displaying a prominent notice on our website

Your continued use of our services after such changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

CurlSek

Email: connect@curlsek.ai

Website: curlsek.ai

For data protection inquiries or to exercise your rights, please include "Privacy Policy Inquiry" in your subject line.