Privacy Policy

We collect information you provide directly to us, such as when you fill in our contact form, book a consultation, or correspond with us by email. This may include your name, work email address, company name, job title, and any information you choose to include in your message. We also collect certain technical information automatically when you visit our website, including your IP address, browser type, operating system, referring URL, and pages visited. This information is used solely to improve our website and understand how visitors use it.

We use the information we collect to: • Respond to your enquiries and provide the services or information you have requested • Communicate with you about our solutions, advisory services, and relevant insights (only where you have indicated interest) • Improve our website and the way we present our services • Comply with our legal obligations We do not use your information for automated decision-making or profiling. We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Where the General Data Protection Regulation (GDPR) applies, we process your personal data on the following legal bases: • Consent: Where you have provided clear consent for us to contact you • Legitimate interests: To respond to enquiries and maintain business relationships where this is not overridden by your interests • Legal obligation: Where processing is necessary to comply with applicable law

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Contact enquiries are retained for a maximum of three years from the date of last contact, unless you request deletion sooner or we enter into a business relationship that requires longer retention.

As a cybersecurity advisory firm, we take data security seriously. We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction, or alteration. These measures are regularly reviewed and updated in line with current security practices.

Depending on your location and applicable law, you may have the right to: • Access the personal data we hold about you • Request correction of inaccurate data • Request deletion of your data • Object to or restrict processing • Request data portability • Withdraw consent at any time (where processing is based on consent) To exercise any of these rights, please contact us at hello@cyvoxai.com. We will respond within 30 days.

We use essential cookies to ensure our website functions correctly. We may also use analytics cookies to understand how visitors interact with our website. You can control cookie settings through your browser. Using our website without disabling cookies constitutes acceptance of essential cookies.

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies. We may use third-party services to host our website and process analytics data. Any such providers are contractually bound to process data only as instructed.

We may update this Privacy Policy from time to time. When we do, we will update the date at the top of this page. We encourage you to review this policy periodically.

If you have questions about this Privacy Policy or how we handle your data, please contact us at: hello@cyvoxai.com CYVOXAI Dubai, United Arab Emirates