Privacy Policy

Introduction

LockedCyber ("we", "our", or "us") is committed to protecting your privacy and complying with the Protection of Personal Information Act (POPIA) of South Africa. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

Information We Collect

Security Scanner

When you use our free security scanner, we collect:

• The website URL you submit for scanning
• Your email address (to deliver scan results)
• Your IP address (for rate limiting, anonymized in storage)
• Scan results (technical data about the scanned website)

Contact Forms

When you contact us, we collect:

• Your name
• Email address
• Company name (optional)
• Phone number (optional)
• Message content

AI Chatbot

When you use our AI chatbot, we collect:

• Your IP address (for rate limiting, not stored permanently)
• Conversation messages (processed by Groq API, not stored permanently)

Chatbot conversations are processed in real-time and are not retained after your session ends. Rate limiting data is temporarily stored to prevent abuse.

Newsletter

When you subscribe to our newsletter, we collect:

• Your email address
• Subscription date and status

You can unsubscribe at any time using the link provided in each newsletter email.

What We Do NOT Collect

• Passwords or credentials
• Personal browsing data
• Cookies from scanned websites
• Financial information (unless you become a paying client)

How We Use Your Information

• To provide and deliver the security scanning service
• To send you the scan results via email
• To respond to your inquiries and support requests
• To prevent abuse of our services (rate limiting)
• To improve our services and develop new features
• To comply with legal obligations

Data Retention

• Scan results: Automatically deleted after 90 days
• Lead data (email/URL): Retained until you request deletion
• Rate limit data: 24-hour rolling window only
• Contact form submissions: Retained for business purposes until deletion requested
• AI chatbot conversations: Not stored permanently; processed in real-time only
• Newsletter subscriptions: Retained until you unsubscribe or request deletion

Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• All data transmitted over HTTPS (encrypted in transit)
• Database encryption at rest
• Access controls and authentication
• Regular security assessments
• Secure hosting infrastructure

Your Rights (POPIA)

Under the Protection of Personal Information Act (POPIA), you have the right to:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate personal information
• Deletion: Request deletion of your personal information
• Object: Object to the processing of your personal information
• Portability: Request transfer of your data to another party

To exercise any of these rights, please contact us at privacy@lockedcyber.co.za

Third-Party Services

We may use the following third-party services:

• Vercel: Website hosting and serverless functions
• Gmail: Email delivery via SMTP
• Google DNS: DNS record lookups for security scanning
• Groq API: AI chatbot processing
• Upstash: Redis database for rate limiting and data storage

Each of these services has their own privacy policies governing the use of your information.

Cookies

Our website uses essential cookies only for basic functionality. We do not use tracking cookies or third-party analytics that track your personal browsing behavior.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: privacy@lockedcyber.co.za
• Address: Johannesburg, South Africa