Privacy Policy

Last updated: November 1, 2025

This Privacy Policy explains how CDSecurity (“we”, “us”, “our”) collects, uses, and shares personal information when you visit our website, contact us, or engage our security audit services.

Who We Are

CDSecurity is a boutique security firm focusing on smart-contract and protocol security reviews for Web3 companies. For privacy matters, contact: info@cdsecurity.io.

Information We Collect

  • Contact & Business Info — name, email, role, company, and any correspondence you send us.
  • Audit Materials — code, docs, architecture notes, and artifacts you provide for the engagement.
  • Usage & Technical Data — IP address, device/browser info, pages viewed, timestamps (for security and analytics).
  • Billing — limited payment and invoicing details handled by our payment providers.

How We Use Information

  • Deliver, operate, and improve our services and reports.
  • Communicate proposals, scopes, timelines, and findings.
  • Protect our website and services from fraud, abuse, or security incidents.
  • Comply with legal obligations and enforce agreements.

Legal Bases (EEA/UK)

  • Contract — to perform our services when you engage us.
  • Legitimate Interests — to run, secure, and improve our business and website.
  • Consent — where required (e.g., certain cookies/analytics or marketing).
  • Legal Obligation — to comply with applicable laws and requests.

Sharing & Transfers

We don’t sell personal information. We may share limited data with vetted service providers (hosting, email, analytics, payment processing, document management) under confidentiality and data-protection commitments. If data is transferred internationally, we use appropriate safeguards (e.g., SCCs) where required.

Retention

We keep personal data only as long as necessary for the purposes described here, to fulfill contracts, and to comply with legal obligations. Engagement artifacts may be retained for a reasonable period for reference, audit trails, and dispute resolution.

Security

We use technical and organizational measures designed to protect personal data. No method is 100% secure; please use caution when sharing sensitive info.

Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to processing, as well as data portability. To exercise your rights, email info@cdsecurity.io. We’ll respond as required by law.

CCPA/CPRA Notice (California)

We collect the categories listed above for business purposes. We do not sell or share personal information for cross-context behavioral advertising within the meaning of the CPRA. California residents may request access, deletion, or correction by contacting us.

Children

Our services are not directed to children under 16. We do not knowingly collect personal information from children.

Changes

We may update this policy from time to time. We’ll revise the “Last updated” date and, where required, provide additional notice.

Contact

Questions about this policy or our data practices? Email info@cdsecurity.io.

Back to top ↑