Privacy Policy
This Privacy Policy explains how [TBC — Shiryon legal entity name] ("Shiryon", "we", "us", "our") collects, uses, and protects information when you visit this website or engage us for services. Shiryon is an IT service provider offering governance, risk and compliance (GRC), penetration testing, phishing awareness training, and infrastructure hardening services.
1. Information We Collect
We collect information in the following ways:
- Information you provide directly — for example, when you request an assessment, contact us, or otherwise submit information through this site, we collect the details you choose to provide (such as name, company, email address, and the content of your message).
- Automatically collected information — standard technical data generated by your browser and our hosting provider (Cloudflare), such as IP address, browser type, device type, referring page, and timestamps, used for security, performance, and abuse prevention.
- Cookies and similar technologies — see our Cookie Policy for full detail on what we use and why.
2. How We Use Information
- To respond to assessment requests and other inquiries submitted through this site.
- To operate, secure, and improve this website.
- To meet legal, contractual, and regulatory obligations relevant to our services.
- To communicate with existing or prospective clients about our services, where you have not opted out.
We do not sell personal information, and we do not use advertising trackers on this site.
3. Legal Basis for Processing
Where applicable data protection law requires a stated legal basis, we rely on: performance of a contract or steps taken at your request prior to entering one (e.g., responding to an assessment request), our legitimate interests in operating and securing this website, and compliance with legal obligations. [TBC — confirm governing jurisdiction and, if applicable, add any jurisdiction-specific legal-basis language, e.g. APPI (Japan) or GDPR (EU) as relevant to Shiryon's client base].
4. Sharing of Information
We do not sell or rent personal information. We may share limited information with:
- Service providers who support our website and operations, currently including Cloudflare (hosting and content delivery) and Google (web font delivery).
- Client engagements — where you are a client, information relevant to a signed statement of work or service agreement is handled under the terms of that agreement, which take precedence over this website-level policy for engagement-specific data.
- Legal and regulatory bodies, where required by applicable law or a valid legal process.
5. International Data Transfers
Some service providers we rely on (including Cloudflare and Google) operate global infrastructure, which may involve processing data outside your home country. Where this occurs, we expect our providers to maintain appropriate safeguards consistent with their own published data protection commitments. [TBC — confirm and document specific transfer safeguards if Shiryon serves EU or other regulated markets].
6. Data Retention
We retain information only for as long as reasonably necessary for the purposes described in this policy, to comply with legal or contractual obligations, or to resolve disputes. [TBC — confirm specific retention periods for inquiry/assessment-request data].
7. Your Rights
Depending on where you are located, you may have rights to access, correct, delete, or restrict the use of your personal information, and to object to certain processing. To exercise any of these rights, contact us using the details in Section 10.
8. Security of Your Information
As a security services provider, we take the protection of information seriously and apply reasonable administrative, technical, and organizational safeguards. No method of transmission or storage is completely secure; see our Limitation of Liability & Disclaimers for further detail.
9. Children's Privacy
This website is intended for a business audience and is not directed at children. We do not knowingly collect personal information from children.
10. Contact Us
Questions about this Privacy Policy, or requests relating to your personal information, can be directed to: [TBC — insert privacy contact email].
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last reviewed" date above.