Home Privacy Policy

Privacy Policy

How Netsyn collects, uses, discloses, and protects information in connection with netsynvector.com and related services.

Effective date: April 12, 2026  |  Last updated: April 12, 2026

Important. This Privacy Policy ("Policy") describes the information practices of Netsyn LLC, a California limited liability company ("Netsyn," "Company," "we," "us," or "our"), in connection with the website at netsynvector.com and all related online properties, services, research publications, and communications (collectively, the "Site"). By accessing or using the Site or submitting information to us through any channel, you acknowledge and agree to the practices described in this Policy. If you do not agree, do not use the Site or submit information. This Policy is not legal advice. For privacy-related questions, contact contact@netsynvector.com.

1. Who we are

Netsyn LLC is a California limited liability company operating as a cyber research group. We publish independent cybersecurity research, evaluate enterprise security platforms, and facilitate referral introductions between organizations and security vendors. Under the California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively, "CCPA"), we are the "business" responsible for the personal information we collect through the Site. We do not act as a "service provider" or "contractor" (as those terms are defined by the CCPA) when processing personal information submitted by Site visitors.

2. Scope

This Policy applies to all personal information we collect through (a) the Site, (b) email addresses published on the Site, (c) forms hosted on or through the Site, and (d) communications initiated through Site-provided channels. This Policy does not apply to:

  • Information collected by third-party websites, platforms, or services under their own privacy policies, even if linked from the Site;
  • Information governed by a separate written agreement between you and Netsyn LLC (such as a mutual nondisclosure agreement or consulting engagement letter);
  • Information that has been de-identified or aggregated such that it cannot reasonably be used to identify a natural person.

3. Information we collect

We collect the following categories of personal information. Not every visitor provides every category.

  • Identifiers. Name, business email address, organization name, job title or role, phone number, and similar contact information you submit through forms (including contact inquiries, partnership applications, and assessment requests).
  • Commercial and professional information. Organization size, industry, inquiry type, solution categories of interest, security stack descriptions, annual contract value ranges, target customer profiles, and other business context you provide in free-text fields.
  • Internet and network activity. IP address, browser type and version, device type, operating system, referring and exit URLs, pages viewed, timestamps, and similar technical data transmitted automatically by your browser or device.
  • Form and submission metadata. Form names, submission timestamps, unique identifiers, and anti-abuse signals (including honeypot fields designed to detect automated submissions).
  • Communications content. The substance of emails, form messages, or other communications you send to addresses published on the Site.

We do not intentionally collect sensitive personal information as defined by the CCPA (Cal. Civ. Code §1798.140(ae)), including government identifiers, financial account numbers, precise geolocation, racial or ethnic origin, health data, biometric data, or private communications content beyond what you voluntarily submit to us. Do not submit passwords, security credentials, classified material, protected health information, or other regulated data through Site forms. We are not equipped to receive or safeguard such data through standard web channels.

4. How we collect information

  • Directly from you when you complete a form, send us an email, or otherwise initiate a communication.
  • Automatically through server logs, hosting infrastructure, and similar technologies when you load pages on the Site.
  • From service providers that host, deliver, or process data on behalf of the Site (for example, Netlify for hosting and form processing, Google for font delivery).

We do not purchase personal information from data brokers or third-party data providers.

5. Cookies, tracking, and Do Not Track

The Site may use cookies, local storage, or similar technologies as implemented by our hosting provider or as we add them in the future. As of the effective date, the Site loads fonts from Google Fonts; Google may receive your IP address and related technical data when fonts are requested. We do not control Google's data practices; consult Google's privacy documentation for details.

We do not currently deploy third-party analytics, advertising pixels, or cross-site tracking technologies on the Site. If this changes, we will update this Policy before deployment.

Do Not Track. Some browsers transmit "Do Not Track" (DNT) signals. There is no uniform standard for responding to DNT. As of the effective date, the Site does not respond to DNT signals because we do not engage in cross-site tracking. This disclosure is provided pursuant to Cal. Bus. & Prof. Code §22575.

Your browser settings may allow you to block or delete cookies. Blocking cookies may affect Site functionality, including form submissions.

6. How we use information

We use personal information for the following business and commercial purposes:

  • Operating, maintaining, securing, and improving the Site;
  • Responding to inquiries, assessment requests, and partnership applications;
  • Facilitating referral introductions between you and third-party security vendors, where you have requested or consented to such introductions;
  • Publishing and distributing research content;
  • Internal analytics, quality assurance, and understanding how visitors use the Site;
  • Detecting, preventing, and responding to fraud, abuse, security incidents, and unauthorized access;
  • Enforcing our Terms of Service and protecting our rights, property, and safety;
  • Compliance with applicable law, regulation, legal process, or governmental request;
  • Communicating with you about your requests and, where permitted by law, about research publications or services we believe are relevant to your stated interests.

We do not sell your personal information as defined by the CCPA. We do not share your personal information for cross-context behavioral advertising. We do not use personal information for automated decision-making or profiling that produces legal or similarly significant effects.

7. Referral disclosures

Netsyn may receive referral fees, commissions, or other compensation from third-party security vendors when an introduction facilitated through our research and assessment process results in a commercial engagement between you and that vendor. This compensation structure does not alter the information practices described in this Policy. When we share your contact information or assessment details with a vendor as part of a facilitated introduction, we will inform you before or at the time of that disclosure. Your decision to engage with any vendor is voluntary and governed by your separate agreement with that vendor.

8. Legal bases

Where applicable law requires a legal basis for processing, we rely on one or more of the following: (a) your consent, such as when you submit a form or request an introduction; (b) our legitimate interests in operating a secure website, conducting research, responding to business inquiries, and facilitating referral introductions, balanced against your privacy rights; (c) performance of steps you request prior to entering into a contract; and (d) compliance with legal obligations.

9. How we disclose information

We may disclose personal information to the following categories of recipients:

  • Service providers and contractors. Entities that assist us with hosting, form processing, email delivery, IT security, and similar operational functions. These parties process data on our behalf under contractual obligations to use it only for the services they provide to us.
  • Security vendors (referral introductions). When you engage our assessment process and we identify platforms that match your requirements, we may share your contact information and relevant assessment context with those vendors to facilitate the introduction. We do this only with your knowledge and in connection with a requested assessment.
  • Professional advisors. Attorneys, accountants, auditors, and consultants under professional confidentiality obligations.
  • Legal authorities. Government agencies, law enforcement, or regulatory bodies when we believe disclosure is required by law, subpoena, court order, or governmental request, or when disclosure is reasonably necessary to protect the rights, safety, security, or property of Netsyn, our users, or the public.
  • Successors. A buyer, assignee, or successor entity in connection with a merger, acquisition, financing, reorganization, dissolution, or sale of all or a portion of our assets, subject to this Policy continuing to apply to previously collected information unless you are notified otherwise.

Netlify. Web forms on the Site are processed using Netlify Forms or comparable hosting-integrated form processing. Data you submit through forms is transmitted to and stored by Netlify, Inc. and its infrastructure partners pursuant to Netlify's own terms of service and privacy policy. By submitting a form, you acknowledge this processing. Netsyn does not control Netlify's data practices beyond our contractual relationship with them.

We do not sell personal information. We do not share personal information with unrelated third parties for their own independent direct marketing purposes without your prior consent.

10. International visitors and data transfers

Netsyn LLC is based in California, United States. If you access the Site from outside the United States, your information will be transferred to, stored in, and processed in the United States. The United States may not provide the same level of data protection as your jurisdiction. By using the Site, you consent to such transfer to the extent permitted by applicable law. Where required by law (such as the GDPR), we will implement appropriate safeguards, which may include Standard Contractual Clauses.

11. Retention

We retain personal information for as long as reasonably necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. Retention criteria include: the nature and duration of our relationship with you; whether you have an open or pending inquiry; our legal, tax, accounting, and regulatory obligations under federal and California law; the statute of limitations for potential claims; and whether retention is advisable for security monitoring or dispute resolution. Form submissions, assessment records, and related business correspondence may be retained for a minimum of five (5) years from the date of last interaction. De-identified or aggregated data may be retained indefinitely.

12. Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, disclosure, alteration, destruction, or loss, consistent with industry standards and the sensitivity of the information. These measures include encrypted data transmission (TLS/SSL), access controls, and periodic review of our information practices.

No method of transmission over the Internet or method of electronic storage is 100% secure. We cannot and do not guarantee absolute security. You are responsible for maintaining the security of your own systems, credentials, and communications channels. If you believe your information has been compromised in connection with the Site, contact us immediately at contact@netsynvector.com.

13. Your rights and choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Right to know. Request disclosure of the categories and specific pieces of personal information we have collected, the sources, the business purposes, and the categories of third parties to whom we have disclosed it.
  • Right to delete. Request deletion of personal information we have collected from you, subject to statutory exceptions (such as data necessary to complete a transaction, detect security incidents, comply with legal obligations, or exercise legal claims).
  • Right to correct. Request correction of inaccurate personal information.
  • Right to opt out. Opt out of the sale or sharing of personal information. We do not currently sell or share personal information as defined by the CCPA, but you may submit an opt-out request at any time for future effect.
  • Right to limit use of sensitive personal information. We do not collect sensitive personal information as defined by the CCPA beyond what you voluntarily provide.
  • Right to non-discrimination. We will not discriminate against you for exercising any privacy right.
  • Right to appeal. If we deny a verifiable request, you may appeal. If the appeal is denied, you will be provided information on how to contact the California Attorney General or applicable state authority.

To exercise any right, email contact@netsynvector.com with a description of your request and sufficient detail for us to verify your identity. We may require you to confirm specific data points to verify you are the individual whose data is subject to the request. We will respond within forty-five (45) days as required by the CCPA, with one extension of up to forty-five (45) additional days if reasonably necessary. You may designate an authorized agent to submit a request on your behalf; we may require signed written authorization and independent identity verification.

14. California residents — CCPA/CPRA disclosures

This section provides disclosures required by the California Consumer Privacy Act as amended by the California Privacy Rights Act (Cal. Civ. Code §1798.100 et seq.).

Categories collected. In the preceding twelve (12) months, we have collected the categories of personal information described in Section 3: identifiers; commercial and professional information; internet and network activity; form metadata; and communications content.

Sources. Directly from you; automatically through your use of the Site; and from service providers who process data on our behalf.

Business purposes. As described in Section 6.

Categories disclosed. We have disclosed identifiers, commercial information, and communications content to service providers (hosting, form processing) and, in connection with requested assessments, to security vendor partners as described in Section 9.

Sale and sharing. We have not sold personal information and have not shared personal information for cross-context behavioral advertising in the preceding twelve (12) months, as those terms are defined by the CCPA.

Sensitive personal information. We do not collect sensitive personal information as defined by Cal. Civ. Code §1798.140(ae) beyond what consumers voluntarily submit.

Retention. As described in Section 11.

California "Shine the Light" (Cal. Civ. Code §1798.83). California residents may request information about personal information disclosed to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing purposes. If this changes, we will update this Policy and offer an opt-out mechanism.

California minor users. We do not knowingly collect personal information from minors under 16 years of age. We do not sell or share the personal information of consumers under 16.

15. Other U.S. state residents

Residents of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, and other states with comprehensive privacy laws may have similar rights to those described in Section 13. Submit requests to contact@netsynvector.com. If we deny a request, you may have the right to appeal as provided by your state's applicable law.

16. Nevada residents

Under Nevada Revised Statutes Chapter 603A, Nevada residents may opt out of the sale of certain covered information. We do not currently sell covered information as defined under Nevada law. To submit an opt-out request or ask questions, contact contact@netsynvector.com.

17. European Economic Area, United Kingdom, and Switzerland

If you are located in the EEA, UK, or Switzerland, you may have rights under the General Data Protection Regulation (GDPR) or local equivalents, including the rights to access, rectification, erasure, restriction of processing, data portability, and objection. You may lodge a complaint with a supervisory authority in your jurisdiction. Our lawful bases for processing are described in Section 8. International transfers of data to the United States may rely on Standard Contractual Clauses or other appropriate safeguards as required by applicable law. Contact contact@netsynvector.com for data protection requests.

18. Children

The Site is not directed to individuals under the age of sixteen (16), or under the age of thirteen (13) where applicable under COPPA (15 U.S.C. §6501 et seq.). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has submitted personal information through the Site, contact us at contact@netsynvector.com and we will take reasonable steps to delete such information.

19. Third-party links and services

The Site may contain links to third-party websites, products, or services. We are not responsible for and do not control the privacy practices of any third party. This Policy does not apply to third-party sites. Review the privacy policies of any third party before providing personal information.

20. Changes to this Policy

We reserve the right to update or modify this Policy at any time. We will post the revised Policy on this page, update the "Last updated" date, and, for material changes, may provide additional notice through the Site or by email to the extent we have your contact information. Your continued use of the Site after the effective date of a revised Policy constitutes acceptance of the revised terms, except where applicable law requires affirmative consent.

21. Contact

For privacy inquiries, data subject requests, or questions about this Policy:

A physical mailing address will be provided upon request for legal, regulatory, or law enforcement correspondence.