Securing Connection

Initializing security protocols...

Back to Home

Privacy Policy

Last updated: January 2025

1. Introduction

At Scorpiones ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our security services.

2. Information We Collect

2.1 Information You Provide

  • Contact information (name, email, phone number, company)
  • Professional information (job title, department, security role)
  • Target scope for penetration testing engagements
  • Network ranges, domains, and application URLs for testing
  • Security assessment requirements and compliance needs
  • Communications through our contact forms or secure channels
  • Payment information (processed securely through third-party providers)

2.2 Information Collected Automatically

  • IP address and browser information
  • Device type and operating system
  • Pages visited and time spent on our website
  • Referring website addresses
  • Cookie data (see Cookie Policy section)

3. How We Use Your Information

We use collected information for:

  • Conducting authorized penetration testing and security assessments
  • Preparing detailed vulnerability reports and remediation guidance
  • Coordinating testing schedules and engagement logistics
  • Responding to inquiries and urgent security matters
  • Sending critical security updates and vulnerability advisories
  • Processing payments and maintaining engagement records
  • Complying with legal obligations and industry regulations
  • Protecting against unauthorized testing or fraudulent activities
  • Improving our testing methodologies and service delivery

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information only in the following circumstances:

  • With your consent: When you explicitly agree to share information
  • Service providers: With trusted third parties who assist in operating our business
  • Legal requirements: When required by law, court order, or government request
  • Protection of rights: To protect our rights, privacy, safety, or property
  • Business transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

As penetration testing professionals, we implement stringent security measures to protect your information, including:

  • AES-256 encryption for all data stored in our secure NAS
  • Isolated testing environments and encrypted storage infrastructure
  • Multi-factor authentication for all team members
  • Regular internal security assessments and third-party audits
  • Strict access controls with role-based permissions
  • Comprehensive logging and monitoring of data access
  • Secure deletion protocols for engagement data
  • 24/7 incident response and breach notification procedures

All vulnerability findings and sensitive data are handled with the highest level of security, following industry best practices and compliance standards.

6. Data Retention

We retain information according to strict policies:

  • All client data and reports: Stored in encrypted NAS (Network Attached Storage) for exactly 1 year from engagement completion
  • Security measures: All data is encrypted at rest using AES-256 encryption within our secure NAS infrastructure
  • Access controls: Limited to authorized personnel only, with audit logging of all access
  • Data deletion: Automatic secure deletion after the 1-year retention period expires
  • Payment records: Maintained separately per financial regulations (typically 7 years)

Upon request, we can provide certificates of data destruction after the retention period expires.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your information
  • Portability: Receive your information in a portable format
  • Objection: Object to certain processing of your information
  • Restriction: Request restriction of processing

To exercise these rights, contact us at [email protected]

8. Cookie Policy

We use cookies and similar tracking technologies to enhance your experience on our website. When you first visit our site, you'll be presented with a cookie consent banner where you can choose to accept or decline non-essential cookies.

Types of cookies we use:

  • Essential cookies: Required for website functionality and security (cannot be disabled)
  • Analytics cookies: Help us understand website usage and improve our services (optional)
  • Preference cookies: Remember your settings and cookie consent choices (optional)

You can change your cookie preferences at any time through the cookie settings button in the website footer or by clearing your browser cookies.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers in accordance with applicable laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Security: [email protected]

General: [email protected]