Home / Privacy Policy

Privacy Policy

How SecKonnect collects, uses, stores, and protects your information — written in plain language and aligned with GDPR and global privacy regulations.

Effective Date: 30 April 2026
Last Updated: 30 April 2026
Version: 1.0

At SecKonnect, privacy isn't a marketing claim — it's an engineering principle. This Privacy Policy explains what we collect, why we collect it, how we use it, and the rights you have over your data.

1. Overview

This Privacy Policy applies to:

  • The SecKonnect website (seckonnect.com).
  • The SecKonnect hardware edge device and the data it generates during use.
  • The SecKonnect admin panel and any cloud-hosted services we provide.
  • Any communications you exchange with us (email, phone, support tickets, demo bookings).

2. Information We Collect

2.1 Information You Provide

When you register an enquiry, request a demo, or contact support, we collect:

  • Name, work email, company name, role, and phone number.
  • Information you voluntarily share about your environment or use case.
  • Any documents or files you send to us.

2.2 Information Collected Automatically

  • Device data: SecKonnect devices generate session metadata (device identity, timestamp, scope, outcome) that is logged for security and compliance.
  • Website usage: IP address, browser type, pages visited, referring URL, and similar information collected through standard web analytics.
  • Cookies: See Section 8 for details on the cookies we use.

2.3 What We Do Not Collect

SecKonnect does not store the content of network traffic that flows through our devices. We collect session metadata only — not the data inside the tunnel.

3. How We Use Information

We use the information we collect to:

  • Respond to enquiries, schedule demos, and onboard customers.
  • Provide, operate, and improve the Services.
  • Generate audit and compliance reports for customers.
  • Detect and prevent security incidents, fraud, or abuse.
  • Send service-related communications (we do not send marketing emails without explicit consent).
  • Comply with legal obligations.

If you are in the European Economic Area or United Kingdom, we process personal data on the following bases:

  • Contract: To provide the Services you have purchased or are evaluating.
  • Legitimate interests: To operate, secure, and improve the Services.
  • Consent: Where you have given us specific consent (e.g., for marketing).
  • Legal obligation: To comply with applicable laws.

5. How We Share Information

We do not sell personal data. We share information only in the following circumstances:

  • Service providers: Vetted vendors that help us operate the Services (e.g., cloud hosting, email delivery, analytics). All providers are bound by data processing agreements.
  • Customers: If you are an end user of a SecKonnect device issued by an organization, that organization (the customer) controls the device and has access to its session metadata.
  • Legal requirements: When required by law, court order, or government request that is valid under applicable law.
  • Business transfers: If SecKonnect is involved in a merger, acquisition, or asset sale, your information may be transferred subject to standard protections.

6. Data Security

We implement strong technical and organizational measures to protect personal data:

  • AES-256 encryption for data at rest.
  • mTLS encryption for data in transit.
  • Hardware-backed key storage on SecKonnect devices.
  • Role-based access control and least-privilege defaults.
  • Continuous monitoring, logging, and anomaly detection.
  • Regular security reviews and third-party assessments.

No system can be guaranteed 100% secure, but we hold ourselves to the same standards we sell to our customers.

7. Data Retention

We retain personal data only for as long as necessary to provide the Services, fulfill the purposes outlined in this Policy, or comply with our legal obligations. Specifically:

  • Enquiry data: retained for 24 months unless you opt out earlier.
  • Customer session metadata: retained per the duration specified in your contract (typically 12 months).
  • Web analytics: aggregated and retained for up to 26 months.

8. Cookies & Similar Technologies

The SecKonnect website uses a small number of cookies:

  • Strictly necessary cookies: Required for the website to function properly.
  • Analytics cookies: Help us understand how visitors use the website. You can disable these in your browser settings.
  • Preference cookies: Remember your preferences (e.g., dismissed banners).

We do not use third-party advertising or tracking cookies.

9. Your Rights

Depending on where you live, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Restriction: Request that we limit how we process your data.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, email privacy@seckonnect.com. We respond within 30 days.

10. International Data Transfers

SecKonnect operates from India and may use service providers located in other countries. When we transfer personal data internationally, we use appropriate safeguards — such as Standard Contractual Clauses or equivalent mechanisms — to protect that data in line with applicable laws.

11. Children's Privacy

The Services are intended for enterprise use and are not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, contact us and we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the website or by email at least 30 days before they take effect. The "Last Updated" date at the top of this page will always reflect the most recent revision.

13. Contact Us

For privacy questions, requests, or concerns:

If you are based in the EEA or UK and feel your concern has not been adequately addressed, you have the right to lodge a complaint with your local data protection authority.

SecKonnect is committed to handling your data with the same rigor we expect from our customers. If anything in this policy is unclear, please reach out — we'll do our best to explain it without the legalese.