HomePrivacy Policy

Privacy Policy

Effective Date: [April 18, 2025]

1. Introduction

Welcome to Dehack. This Privacy Policy explains how Dehack (“[Dehack d.o.o]”, “we”, “us”, or “our”) collects, uses, shares, and protects information obtained from visitors to our website dehack.io (the “Site”) and users of our related services, including our contact forms and scheduling tools (like Calendly). We are committed to protecting your privacy and handling your data in an open and transparent manner.

Our contact details are: Dehack d.o.o – info@dehack.io

2. Information We Collect

We may collect and process the following types of information:

  • Information You Provide Voluntarily:
    • When you fill out contact forms, request a consultation, or communicate with us via email: Your name, email address, company name (optional), phone number (optional), and the content of your message.
    • When you schedule a meeting via third-party tools like Calendly: Your name, email address, and any other information you provide during the scheduling process.
  • Information Collected Automatically:
    • When you visit our Site: We may automatically collect certain information about your device and usage, such as your IP address, browser type, operating system, referring URLs, pages visited, time spent on pages, and approximate location derived from your IP address. This information is collected using cookies, server logs, and similar technologies (e.g., Google Analytics).

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to your inquiries, schedule consultations, and provide information about our penetration testing services.
  • To operate, maintain, and improve our Site and services.
  • To understand how visitors use our Site using analytics (often in aggregated or pseudonymized form).
  • To ensure the security of our Site.
  • To comply with applicable legal obligations, regulations, or legal processes.
  • We do not sell your personal information to third parties.

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for collecting and using the personal information described above will depend on the information concerned and the specific context:

  • Consent: Where required by law, such as for placing non-essential cookies or sending marketing communications (if applicable), we will obtain your consent.
  • Performance of a Contract (or pre-contractual steps): Processing is necessary to respond to your requests for services or information (e.g., responding to contact forms, scheduling consultations).
  • Legitimate Interests: We process some data based on our legitimate interests, such as improving our Site, analyzing usage, and maintaining security, provided these interests are not overridden by your data protection interests or fundamental rights.
  • Legal Obligation: We may need to process your information to comply with legal or regulatory requirements.

5. Data Sharing and Disclosure

We do not share your personal information with third parties except in the following circumstances:

  • Service Providers: We may share information with third-party vendors who perform services on our behalf, such as website hosting, data analytics (e.g., Google Analytics), communication tools, and scheduling services (e.g., Calendly). These providers are contractually obligated to protect your data and use it only for the services they provide to us.
  • Legal Requirements: We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: If Dehack is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction.

6. Cookies and Tracking Technologies

Our Site uses cookies and similar technologies to enhance user experience, analyze site traffic, and ensure proper functioning. We use essential cookies for site operation and analytics cookies (like Google Analytics) to understand usage patterns. You will be presented with options regarding non-essential cookies upon visiting our Site. For more details, please refer to our Cookie Policy.

7. Data Security

We implement reasonable technical and organizational security measures designed to protect the personal information we collect against unauthorized access, disclosure, alteration, or destruction. However, please be aware that no internet transmission or electronic storage method is 100% secure.

8. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including responding to your inquiries, providing services, complying with legal obligations, resolving disputes, and enforcing our agreements, or as otherwise required by law.

9. Your Data Protection Rights (EEA Residents)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the GDPR:

  • The right to access, correct, update, or request deletion of your personal information.
  • The right to object to processing of your personal information when it’s based on our legitimate interests.
  • The right to ask us to restrict processing of your personal information.
  • The right to data portability.
  • The right to withdraw consent at any time, if we relied on your consent to process your information.
  • The right to lodge a complaint with a data protection authority (in Croatia, this is the AZOP – Agencija za zaštitu osobnih podataka).

To exercise any of these rights, please contact us at privacy@dehack.io.

10. International Data Transfers

Your information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different from the laws of your country. Specifically, our website servers may be located in Europe, and third-party service providers (like Google Analytics, Calendly) may operate around the world. We have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy, such as implementing Standard Contractual Clauses for transfers of personal information where applicable.

11. Children’s Privacy

Our Site and services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected such information, we will take steps to delete it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Effective Date” at the top. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: privacy@dehack.io

Schedule Consultation