Privacy Policy

Last updated: October 10, 2025

This Privacy Policy describes how DynoFlows ("we," "us," or "our") collects, uses, and protects your information when you use our cybersecurity services.

1. Information We Collect

1.1 Information You Provide

  • • Contact information (name, email address, phone number)
  • • Business information (company name, website domain)
  • • Communication preferences and service requirements
  • • Payment information (processed securely through third-party providers)

1.2 Automatically Collected Information

  • • Website usage data and analytics
  • • IP addresses and geolocation data
  • • Device information and browser details
  • • Performance metrics and error logs

1.3 Security Monitoring Data

  • • DNS query patterns and email authentication records
  • • Threat intelligence data (anonymized and aggregated)
  • • Security event logs and incident reports
  • • Network traffic patterns (metadata only, no content)

2. How We Use Your Information

  • Service Delivery: Provide cybersecurity services, DMARC implementation, and threat monitoring
  • Communication: Send service updates, security alerts, and technical support
  • Improvement: Enhance our services and develop new security features
  • Compliance: Meet legal obligations and industry security standards
  • Protection: Detect and prevent fraud, abuse, and security threats

3. Legal Basis for Processing (GDPR)

Legitimate Interest: Processing necessary for cybersecurity services and threat protection

Contract Performance: Fulfilling our service agreements and providing requested services

Legal Compliance: Meeting regulatory requirements and industry security standards

Consent: Where explicitly provided for marketing communications and optional services

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

  • Service Providers: Trusted third parties who assist in service delivery (hosting, analytics, payment processing)
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Security Threats: To protect against fraud, abuse, or security incidents
  • Business Transfer: In connection with mergers, acquisitions, or asset sales
  • Threat Intelligence: Anonymized and aggregated security data with industry partners

We never sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Security

We implement industry-standard security measures:

  • • End-to-end encryption for data transmission and storage
  • • Multi-factor authentication and access controls
  • • Regular security audits and penetration testing
  • • SOC 2 Type II compliance and security certifications
  • • Incident response procedures and breach notification protocols

6. Your Rights

Under GDPR, CCPA, and other privacy laws, you have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Limit how we process your personal data
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Revoke consent for processing where applicable

To exercise these rights, contact us at privacy@dynoflows.com

7. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential: Website functionality and security
  • Analytics: Understanding website usage and performance
  • Preferences: Remembering your settings and choices
  • Security: Detecting and preventing threats

You can manage cookie preferences through your browser settings. See our Cookie Policy for details.

8. Data Retention

We retain your information for as long as necessary to:

  • • Provide ongoing services and support
  • • Comply with legal and regulatory requirements
  • • Resolve disputes and enforce agreements
  • • Maintain security and prevent fraud

Specific retention periods vary by data type and are detailed in our data retention schedule available upon request.

9. International Transfers

Your data may be transferred to and processed in countries outside your jurisdiction. We ensure adequate protection through:

  • • Standard Contractual Clauses (SCCs) approved by the European Commission
  • • Adequacy decisions for countries with equivalent data protection laws
  • • Additional safeguards and security measures for international transfers

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

11. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes via email or prominent website notice. Your continued use of our services constitutes acceptance of the updated policy.

12. Contact Information

Data Protection Officer: privacy@dynoflows.com

General Inquiries: info@dynoflows.com

Address: DynoFlows Privacy Team
[Business Address - To be updated with actual address]

EU Representative: [To be appointed if required under GDPR Article 27]