Legal
Privacy Policy
Effective 1 January 2026. We treat your data with the same rigour we apply to client engagements.
1. Who we are
Sentryx Security Pvt. Ltd. is a cybersecurity firm headquartered in Bengaluru, India. We act as a data controller for marketing data and as a data processor for engagement data on behalf of our clients.
2. What we collect
Contact details you submit (name, email, company, phone), engagement scoping information, files you upload to our secure portal, and standard web analytics (anonymised IP, page views, referrer).
3. Why we collect it
To respond to assessment requests, deliver contracted security services, issue reports and invoices, and send opted-in threat intelligence updates. We do not sell or rent personal data.
4. Lawful basis (GDPR)
Performance of contract for engagement data, legitimate interest for prospect outreach, and consent for newsletters and analytics cookies.
5. Retention
Engagement artefacts are retained for 24 months post-delivery (or as contractually agreed), then securely destroyed. Marketing data is retained until you unsubscribe.
6. Your rights
You may request access, rectification, erasure, restriction, portability, or object to processing. Email privacy@sentryx.cc and we will respond within 30 days.
7. Security
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Engagement data is segregated per-client. Access is granted on least-privilege basis with audit logging.
8. Sub-processors
We use a limited number of vetted sub-processors (cloud hosting, email, analytics). A current list is available on request.
9. Updates
We may update this policy. Material changes will be notified via email to active clients and posted here with a revised effective date.
Questions? Contact privacy@sentryx.cc