// Legal

Privacy Policy

Last updated: June 2026 · NextLevelSec Inc.

Overview

NextLevelSec Inc. ("NextLevelSec", "we", "us") is committed to protecting the privacy and security of your personal data. This policy explains how we collect, use, and protect information you provide when using our website or services.

        Effective date: June 1, 2026  |  Jurisdiction: Malaysia  |  Penang, Malaysia  |  Contact: privacy@nextlevelsec.io
      

Information We Collect

We collect information you voluntarily provide and data generated by your use of our platform:

Contact information (name, email address, company name) when you request an audit or subscribe
Technical data (IP address, browser type, pages visited) via standard server logs
Communication records (emails, support tickets) when you contact us
Security assessment data collected during contracted engagements (governed by separate client agreements)

How We Use Your Information

To provide, operate, and improve our cybersecurity services
To communicate with you about security assessments, reports, and account updates
To send security advisories and relevant threat intelligence you opt into
To comply with legal obligations and enforce our Terms of Service
To protect the security of our platform and detect fraudulent activity

Data Security

We practice what we preach. All client data is encrypted at rest (AES-256) and in transit (TLS 1.3+). Access is role-based and logged. We conduct internal security audits of our own systems quarterly.

Client engagement data (findings, reports, scan results) is stored in isolated, access-controlled environments and never shared between clients or used for any purpose outside the contracted engagement.

Data Sharing

We do not sell, rent, or trade your personal information. We may share data only:

With service providers who process data on our behalf (under strict data processing agreements)
When required by law, court order, or valid legal process
To protect the rights, property, or safety of NextLevelSec, our clients, or the public

Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal data. To exercise any of these rights, contact us at privacy@nextlevelsec.io. We will respond within 30 days.

Cookies

Our website uses minimal cookies — only those necessary for session management and security. We do not use advertising or tracking cookies. You can disable cookies in your browser settings without affecting core site functionality.

Contact

For privacy-related inquiries: privacy@nextlevelsec.io
For security vulnerability disclosures, see our Security.txt.