Privacy Policy

Privacy Notice for DataKuff

Effective Date: 1st January, 2026

DataKuff (“we,” “us,” or “our”) is a security, risk, and compliance advisory firm. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit datakuff.com or engage our Services.

If you do not agree with this Privacy Policy, please do not use our website or Services.

1. WHO WE ARE

DataKuff provides security and compliance consulting services, including risk assessments, control framework alignment, governance advisory, and security architecture guidance for organizations.

We do not operate as a consumer data platform, SaaS data processor, or data broker.

2. INFORMATION WE COLLECT

A. Information You Voluntarily Provide

When you:

Submit a contact form

Request a consultation

Engage our Services

Communicate with us via email

We may collect:

Name

Business email address

Company name

Job title

Phone number

Professional or business-related information

We collect only the minimum information necessary to respond to inquiries or deliver Services.

B. Client Engagement Information

As part of our consulting work, we may access confidential organizational information, including:

Security documentation

Policies and procedures

Risk registers

System architecture diagrams

Compliance artifacts

Operational processes

This information is treated as confidential business information, not consumer personal data.

We do not collect or intentionally store client PINs, passwords, payment card data, or consumer sensitive personal data as part of our services.

If access to such information is required for assessment purposes, it is reviewed under contractual confidentiality and not retained beyond the engagement scope.

C. Website Usage Data

We may automatically collect limited technical information such as:

IP address

Browser type

Device information

Pages visited

Basic analytics data

This information is used strictly for website functionality, security monitoring, and performance improvement.

3. WHAT WE DO NOT COLLECT

DataKuff does not intentionally collect:

Health data

Biometric data

Consumer financial account numbers

Social security numbers

Payment card data

Sensitive personal identifiers

Our business model focuses on organizational security posture, not consumer data processing.

4. HOW WE USE INFORMATION

We use collected information to:

Respond to inquiries

Deliver consulting services

Execute contracts

Improve website functionality

Maintain security and prevent fraud

Comply with legal obligations

We do not sell personal information.

We do not use personal data for behavioral advertising.

5. LEGAL BASIS FOR PROCESSING

Where applicable, we process information under:

Contractual necessity

Legitimate business interests

Legal compliance obligations

Consent (where required by law)

6. INFORMATION SHARING

We may share information only:

With service providers supporting our operations (e.g., secure email, hosting, analytics)

Under contractual confidentiality agreements

If required by law or legal process

In connection with a merger, acquisition, or business transfer

We do not sell, rent, or trade personal information.

7. DATA RETENTION

We retain information:

For the duration of an engagement

As required by contractual obligations

As necessary to comply with legal requirements

Upon completion of an engagement, client data is either:

Returned

Deleted

Archived securely under contractual retention terms

Retention periods are minimized and aligned to professional security standards.

8. SECURITY MEASURES

Because DataKuff is a security-focused organization, we implement appropriate administrative, technical, and organizational safeguards, including:

Encryption in transit

Role-based access controls

Least-privilege principles

Secure cloud hosting environments

Confidentiality agreements

Vendor risk assessments

While no system is 100% secure, we apply industry-aligned safeguards consistent with modern security and compliance standards.

9. YOUR PRIVACY RIGHTS

Depending on your jurisdiction (including certain U.S. states and Canada), you may have the right to:

Request access to your personal information

Request correction of inaccurate information

Request deletion of personal information

Restrict or object to certain processing

Withdraw consent where applicable

To exercise your rights, contact us at:

[security@datakuff.com]

We will respond in accordance with applicable laws.

10. COOKIES AND ANALYTICS

We may use limited cookies or analytics tools to:

Maintain website functionality

Monitor performance

Improve security

You may disable cookies through your browser settings.

11. CHILDREN’S PRIVACY

DataKuff does not knowingly collect or solicit information from individuals under 18 years of age.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. Updates will be reflected by a revised “Effective Date.” Continued use of our website constitutes acceptance of any updates.

13. CONTACT US

If you have questions regarding this Privacy Policy, contact:

DataKuff

1910 Pacific Ave, Suite 2000 – 2771. Dallas, TX. 75201. United States.

Email: support@datakuff.com

Website: https://www.datakuff.com