5D Cyber Logo
Privacy

Privacy Policy

Last Updated: January 2025

Zero-Data-Monetization Guarantee

At 5D Cyber, your privacy is paramount. We never sell client data to third parties. This policy explains how we collect, use, and protect your information in accordance with the strictest compliance frameworks, including NIST 800-171 and HIPAA.

1. Information We Collect

Principle: We only collect data necessary to secure your network and fulfill compliance reporting obligations.

Types of Information Collected:

  • Account Information: Name, email, company details, billing information
  • Network Telemetry: Log data, traffic patterns, threat indicators, security events
  • Device Information: IP addresses, device types, operating systems, configurations
  • Compliance Data: Audit logs, control assessments, evidence artifacts

Data Minimization: We do not collect personal browsing history, message content, or any information beyond what is required for security and compliance purposes.

2. How We Use Your Information

Information collected is used exclusively for:

  • Threat Detection & Response: Identifying and mitigating security threats in real-time
  • Compliance Reporting: Generating audit logs and evidence for regulatory requirements
  • Service Improvement: Analyzing aggregated, anonymized data to enhance platform performance
  • Communication: Sending service updates, security alerts, and support notifications

3. Third-Party Sharing

We NEVER sell client data to third parties. Period.

Limited Sharing for Service Delivery: Data is only shared with our infrastructure partners for the sole purpose of threat mitigation and network connectivity:

  • Seceon®: Threat intelligence data processed through the Vigilance Hub platform
  • Cytracom®: Network traffic routing and secure communications through Secure Connect

These partners are contractually bound to maintain the same level of data protection and confidentiality as 5D Cyber. They may not use your data for any purpose other than providing services on our behalf.

Legal Disclosure: We may disclose information if required by law, court order, or governmental authority.

4. How We Protect Your Data

5D Cyber employs industry-leading security measures:

Encryption

AES-256 at rest, TLS 1.3 in transit

Access Control

Multi-factor authentication, zero-trust perimeters

Data Centers

SOC 2 Type II certified, US-based Tier IV facilities

Monitoring

24/7 threat detection and anomaly analysis

5. Compliance Framework Alignment

Our data handling practices align with:

NIST 800-171 Privacy Controls

We implement all required privacy controls for handling Controlled Unclassified Information (CUI), including data minimization, purpose specification, and individual participation.

HIPAA Privacy Rule

For healthcare clients, we adhere to HIPAA's Privacy Rule, limiting use and disclosure of Protected Health Information (PHI) to the minimum necessary for authorized purposes.

SOC 2 Type II

Our infrastructure undergoes annual SOC 2 Type II audits, verifying our controls for security, availability, processing integrity, confidentiality, and privacy.

PCI-DSS

For organizations processing payment card data, we maintain PCI-DSS compliance standards to protect cardholder information and ensure secure transaction processing.

6. Your Privacy Rights

You have the right to:

  • Access: Request a copy of your data we store
  • Correction: Request corrections to inaccurate information
  • Deletion: Request deletion of your data (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format

To exercise these rights, contact us at [email protected]

Questions About Your Privacy?

Contact our privacy team for clarification or to exercise your rights.

[email protected]