Privacy Policy

Privacy Policy

At CAP Security Solutions, we are committed to protecting the privacy and confidentiality of our clients. This Privacy Policy outlines how we handle client information in alignment with our professional standards and regulatory requirements.

1. Information Collection and Use
We do not collect or store client Personally Identifiable Information (PII) during our engagements. Any client data shared with us is used solely for the purpose of delivering our services, such as Security Assessments, Security Advisory, and Virtual CISO services.

2. Data Security
All client information is encrypted at rest and in motion, ensuring the highest level of security. We implement robust security measures to protect against unauthorized access, disclosure, or misuse of client data.

3. Data Retention
Client data is retained for a period of 90 days after the conclusion of an engagement. After this period, all client data is securely deleted unless otherwise agreed upon in writing.

4. Confidentiality
We uphold strict confidentiality practices. Findings, reports, or any other client-specific information are not disclosed to third parties without prior consent. Confidentiality agreements are utilized to prevent conflicts of interest and ensure competitive neutrality.

5. Third-Party Services
While we do not directly offer training services, we may recommend trusted partners for specialized training needs. In such cases, client information is shared only with explicit consent.

6. Regulatory Compliance
Our services are designed to help clients comply with regulations such as GDPR, HIPAA, and PCI-DSS. We adhere to all applicable legal and regulatory requirements in the course of our work.

7. Contact Us
If you have any questions or concerns about this Privacy Policy or how your information is handled, please contact us at chad@capsecurity.us or through LinkedIn.