Introduction

This Privacy Policy describes how ANMASEC processes personal data. We are committed to maintaining transparency, confidentiality, and compliance with applicable regulations including GDPR when serving clients across the Middle East and Europe.

By using our website or engaging with our services, you agree to the practices described below.

Information We Collect

1. Information You Provide Directly

This includes information submitted through contact forms, email or during service engagement:

• Name and contact details (email, phone number)
• Company name and position
• Project scope details or service requests
• Billing and invoicing information (if applicable)

2. Information Collected Automatically

When browsing our website, we automatically collect:

• IP address and geolocation approximation
• Browser type and device information
• Pages visited and interaction patterns
• Cookies and tracking data

3. Service-Related Technical Data

During penetration tests, audits, or assessments, we access only data required for the project. This may include configuration files, logs, architecture diagrams, or test accounts. All sensitive information is strictly controlled under NDAs and securely deleted after project closure.

How We Use Your Information

We use personal data for the following purposes:

• To provide and manage cybersecurity services
• To communicate regarding proposals, missions, or support
• To send administrative updates or critical notices
• To improve website functionality and user experience
• To comply with legal and regulatory requirements

ANMASEC never sells personal information to third parties.

Legal Basis for Processing (GDPR)

Depending on the context, we process personal data based on:

• Contractual necessity — delivering the service you request
• Legitimate interest — improving operations and cybersecurity effectiveness
• Consent — optional newsletters or cookie banners
• Legal obligations — accounting, compliance, and audit logs

How We Share Your Data

We may share personal data only with:

• Trusted service providers (hosting, infrastructure, secure email)
• Specialized subcontractors working under strict NDAs
• Authorities when legally required

We do not share data with advertisers or unrelated third parties.

International Data Transfers

Depending on the engagement, data may be processed in the UAE, Lebanon, or EU. When transferred outside the EU, we implement safeguards such as Standard Contractual Clauses, encryption, and strict access controls.

Cookies & Tracking Technologies

We use cookies to ensure the website functions correctly, improve performance, and understand usage patterns. You may disable non-essential cookies through your browser settings.

Data Retention

Personal data is retained only as long as necessary for service delivery, legal obligations, or security operations. Penetration testing data is securely deleted after final report delivery and client confirmation.

Security Measures

We implement strict technical and organizational measures, including:

• End-to-end encryption of sensitive data
• Strong access control and multi-factor authentication
• Secure storage and controlled retention periods
• Logging, monitoring, and intrusion detection systems
• NDA-bound staff and subcontractors

Your data is handled with the same level of protection we apply to cybersecurity missions.

Your Rights

Under GDPR and similar regulations, you have the right to access, correct, delete, restrict, or object to the processing of your personal data, as well as request data portability.

To exercise your rights, contact us at: privacy@anmasec.com

Contact Us

For any questions about this Privacy Policy or how we handle data, you can reach us via:

Email: info@anmasec.com

Website: www.anmasec.com