Privacy policy.

Effective Date: September 17, 2025

At WhisperSec LLC, we are committed to protecting your privacy and safeguarding your personal information. We prioritize secure, transparent practices to ensure your trust. This Privacy Policy explains how we collect, use, store, and protect your data when you interact with our website (whisper-sec.com) and services, in compliance with applicable data protection laws, including the California Consumer Privacy Act (CCPA) and General Data Protection Regulation (GDPR).

1. Information We Collect

We collect limited personal information to provide our cybersecurity consulting services and respond to your inquiries:

  • Contact Forms: When you submit a contact form on our website (via the Contact page), we collect:

    • Name

    • Business Email

    • Company Name (optional)

    • Preferred Contact Method (e.g., Email, Signal, WhatsApp)

    • Message Content

  • Automatically Collected Data: We may collect non-personal data via website analytics, such as:

    • IP address (anonymized)

    • Browser type

    • Device information

    • Pages visited and time spent

  • No Cookies or Tracking: We do not use cookies, tracking pixels, or third-party advertising trackers to ensure maximum privacy.

2. How We Use Your Information

We use your information solely to:

  • Respond to your inquiries and provide consulting services (e.g., scheduling consultations, discussing cybersecurity needs).

  • Communicate via your preferred method (e.g., email, Signal, WhatsApp).

  • Improve our website and services through anonymized analytics (e.g., understanding site usage patterns).

  • Comply with legal obligations (e.g., record-keeping for data protection compliance).

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Legal Basis for Processing

We process your data based on:

  • Consent: When you submit a contact form or choose a communication method (e.g., Signal, WhatsApp).

  • Legitimate Interest: To provide our services, respond to inquiries, and improve our website’s functionality.

  • Legal Obligation: To comply with applicable data protection laws (e.g., CCPA, GDPR).

4. Data Storage and Security

  • Storage: Your data is stored securely on encrypted servers and we retain contact form data for up to 12 months unless required for ongoing client engagements or legal compliance.

  • Security Measures: We use industry-standard encryption (e.g., TLS for form submissions, end-to-end encryption for Signal/WhatsApp communications) and access controls to protect your data.

  • Global Operations: As a US-registered LLC, we ensure our data practices comply with applicable laws wherever we operate or serve clients.

5. Your Rights

Depending on your location, you may have the following rights under applicable data protection laws:

  • Access: Request a copy of your personal data.

  • Correction: Update inaccurate or incomplete data.

  • Deletion: Request deletion of your data, subject to legal obligations.

  • Opt-Out: Opt out of data processing (e.g., withdraw consent for form submissions).

  • Portability: Receive your data in a structured, machine-readable format.

  • Non-Discrimination: We will not discriminate against you for exercising your rights.

To exercise these rights, contact us at privacy@whisper-sec.com.

6. Third-Party Services

  • Form Processing: We use secure, privacy-compliant form services to process contact form submissions. These services are bound by data protection agreements.

  • Messaging Apps: If you choose Signal or WhatsApp, your communications are end-to-end encrypted, and we do not store message content beyond what’s needed to respond.

  • No Marketing Partners: We do not share your data with third-party marketers or advertisers.

7. International Data Transfers

We may transfer data between regions (e.g., US, EU) to provide our services. We ensure transfers comply with applicable data protection laws (e.g., GDPR’s Standard Contractual Clauses) and use encrypted channels to protect your data.

8. Children’s Privacy

Our website and services are not intended for individuals under 16. We do not knowingly collect data from children.

9. Changes to This Policy

We may update this Privacy Policy to reflect legal or operational changes. Updates will be posted on this page with a revised effective date. Significant changes will be communicated via email or website notice.

10. Contact Us

For questions about this Privacy Policy or to exercise your data rights, contact us at:

  • Email: privacy@whisper-sec.com

WhisperSec LLC is committed to resolving privacy concerns promptly and transparently.