Zazmic Inc. (hereinafter `we,` `our,` or `us`) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Zazmic Inc. regarding our specialized security services SaaS platform. This Privacy Policy applies to this website and its associated subdomains (the Service or Product). By accessing or using our platform, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy. This document describes that we are thoughtful about the personal information we ask you to provide and store this information for only as long as we have a reason to keep it.
Zazmic Inc. provides professional security services, including Penetration Testing, Security Posture Assessments (SPA), and Google SecOps/SCCE setup. Your data is collected by Zazmic Inc. and is not used by or shared with anyone not mentioned in this Privacy Policy. If you have any questions, comments, or requests related to data collection or this policy, please contact us at legacy@zazmic.com.
We collect information to provide our security products, to communicate with you, or to make our services better. We collect this information: when you register an account, create a service order, and automatically via cookies.
Personal data. When you sign up or create a profile, we collect personally-identifying information including your name, company name, and email address. Since you actively submit this information, you will know precisely what data we collect.
Service & Technical Data. To perform security audits, you provide us with technical endpoints, IP addresses, and cloud environment details. For Security Posture Assessments, you may upload JSON configuration files to allow our admins to connect to your cloud environment.
Behavioral data. We collect information about how you use the platform, including timezone, date/time of visits, and URL clickstreams. We gather this data automatically through Google Analytics and cookies to understand usage trends and manage the platform.
Content information. This includes any media or files you upload, specifically the JSON credential files and the resulting PDF audit reports generated by our admins.
For providing Security Services: We use your uploaded JSON files, IP addresses, and endpoints solely to conduct the ordered Penetration Tests or Security Posture Assessments.
For contacting you: We use your contact information to provide updates on your orders and respond to your questions.
For platform administration: Our admins access your uploaded data via a secure admin panel to manage orders and upload final PDF audit reports.
For automated processing: We use cookies and Google Analytics to improve your experience and the platform`s functionality.
We share information about you in limited circumstances:
Third-party vendors. We share information with vendors who provide services to us, specifically Google Cloud Storage (GCS) for the encrypted storage of your findings, JSON files, and PDF reports. We require vendors to agree to privacy commitments.
Business transfers. In the event of a merger or sale, user information would likely be one of the transferred assets, and this Privacy Policy would continue to apply.
Aggregated information. We may share de-identified information that can no longer reasonably be used to identify you for internal statistics.
By submitting your email address, you agree to receive communications regarding your security orders. We do not send unsolicited commercial emails. You can opt-out of marketing communications at any time, though you will still receive transactional emails related to your active security audits.
We keep your information only so long as we need it to fulfill the purposes described in this policy.
Technical Audit Data: Specifically for this platform, all uploaded JSON credential files, IP/Endpoint lists, and audit findings are retained for a period of one (1) year following the completion of the service, after which they are permanently removed from our systems.
Account Data: Profile information is kept as long as your account is active.
Logs: Standard web server logs are kept for approximately 30 days for security and traffic analysis.
This Privacy Policy is governed by the laws of the United States and the State of California without regard to its conflict of laws provision. You consent to the exclusive jurisdiction of the courts in connection with any action or dispute arising under this Privacy Policy.
If you are located in certain parts of the world, including California (CCPA/CPRA) and countries under the GDPR, you have the right to request access to, correction of, or deletion of your personal data.
We disclose the categories of information we collect and how we use it as explained above. We do not sell your personal data. You may exercise your:
If you would like to exercise any of these rights, please contact us at legacy@zazmic.com.
Zazmic Inc. does not knowingly collect information from children under the age of 18. This platform is intended for business-to-business security services.
We may update this policy to reflect changes in our Service. We will notify you through the Site before changes take effect. Continued use of the platform signifies acceptance of the updated terms.
By using our website, registering an account, or creating a service order, you hereby consent to our Privacy Policy and agree to its terms.
Via Email: legacy@zazmic.com
Via Phone Number: 415-728-1621
Address: 415 Mission St, San Francisco, CA