Legal

Privacy & Cookie Policy

Last updated: June 2026  ·  Applies to: nodecypher.com

This page explains how NodeCypher Inc. handles personal data and uses cookies on the nodecypher.com website. It covers the website only — it does not apply to the GRC Pocket Auditor mobile app (which has its own privacy policy) or to ChargeHub Connect.

Section 1 — Privacy Policy

1.1 Who We Are

NodeCypher Inc. is the data controller for nodecypher.com. We are a Secure SaaS & Rapid Application Delivery company. Our registered office is at:

  • 9580 Yonge St, Unit 9, Richmond Hill, Ontario, Canada

General enquiries: hello@nodecypher.com

1.2 What This Policy Covers

This policy covers personal data collected through the nodecypher.com website — including contact forms, meeting bookings, and general website use. It does not cover the GRC Pocket Auditor mobile app or ChargeHub Connect, each of which is subject to its own privacy policy.

1.3 What We Collect

  • Contact form submissions — your name, email address, and the message you submit through any form on the Site.
  • Emails you send us — any personal information you include when emailing dpo@nodecypher.com.
  • Meeting booking data — information you provide when booking a discovery call via our cal.com link (name, email, scheduling preferences). This data is also subject to cal.com’s Privacy Policy.
  • Website analytics data — if analytics tools are in use, this is covered in the Cookie Policy section below.

1.4 How We Use It

  • To respond to your enquiries and service requests.
  • To schedule and conduct booked discovery calls and consultations.
  • To deliver contracted services across our service lines: Secure SaaS, Enterprise RAD, CyberSecurity Essentials, MDR/XDR, and vCISO & GRC Support.
  • To improve our website and communications.

We do not sell your data. We do not use your data for advertising purposes.

1.5 Legal Basis (GDPR / UK GDPR)

Where UK or EU data-protection law applies, we rely on:

  • Legitimate interests — responding to business enquiries you initiate and keeping the Site secure.
  • Contractual necessity — delivering booked consultations and contracted services.
  • Legal obligation — retaining records required by applicable tax and corporate law.

1.6 Data Retention

  • Enquiry emails and contact form submissions — retained for 2 years from your last contact.
  • Service engagement records, contracts, and correspondence — retained for 7 years from the end of the engagement to meet legal and tax obligations.
  • Meeting booking records — governed by cal.com’s retention policy.

1.7 Third-Party Services

We use a small number of third-party services to operate the Site. Each handles data under its own privacy policy:

  • cal.com (meeting scheduling) — cal.com/privacy
  • Hosting & infrastructure provider — our hosting provider processes standard server logs on our behalf.

We do not share your data with advertisers or data brokers.

1.8 Your Rights

Under UK GDPR and EU GDPR you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — ask us to correct inaccurate or incomplete data.
  • Erasure — ask us to delete your data where there is no lawful reason to keep it.
  • Restriction — ask us to pause processing while a concern is resolved.
  • Objection — object to processing based on our legitimate interests.
  • Portability — receive your data in a portable, machine-readable format.

To exercise any of these rights, email dpo@nodecypher.com. We will respond within 30 days. You may also lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk, or with your local supervisory authority.

1.9 International Transfers

NodeCypher operates from Canada and Pakistan and serves clients globally. Data may be processed across these locations. Where required by GDPR or UK GDPR, such transfers are carried out under appropriate safeguards consistent with applicable data-protection law.

Section 2 — Cookie Policy

2.1 What Are Cookies

Cookies are small text files that a website asks your browser to store on your device when you visit. They allow the site to remember certain information during or between visits — for example, keeping a form session active, or enabling an embedded booking widget to work. Cookies cannot run programs or access other files on your device; they contain only text and are specific to the website that set them.

2.2 Cookies We Use

The table below covers every category of cookie present on nodecypher.com.

Cookie / Category Type Purpose Duration
Session / security token Strictly necessary Protects form submissions against cross-site request forgery (CSRF). Required for the contact form and any interactive form on the Site to function correctly. No consent required. Session — deleted when you close your browser
Analytics cookies Analytics We do not currently use analytics or tracking cookies. This policy will be updated, and consent will be requested where required, before any analytics tool is introduced. N/A
cal.com embed Third-party functional Set by cal.com when you interact with a booking widget on this Site. Used to manage your booking session and scheduling preferences within cal.com. Governed by cal.com’s cookie policy. No advertising cookies are set. Varies — see cal.com’s policy

2.3 What We Do Not Do

  • We do not use advertising or remarketing cookies.
  • We do not load social media tracking pixels.
  • We do not use third-party tracking cookies for behavioural profiling.
  • We do not sell or share cookie data with any third party.

2.4 Managing Your Cookies

You can view, block, or delete cookies at any time through your browser settings. Instructions for the most common browsers:

Please note that disabling strictly necessary cookies may affect the functionality of the contact form and other interactive elements on the Site.

2.5 Updates

If our use of cookies changes, we will update this page with a new “Last updated” date before any new cookies are set. We recommend checking this page periodically. Continued use of the Site after an update constitutes acceptance of the revised policy.

Contact & Data Rights

For any questions about this policy, or to exercise your data rights, contact our Data Protection team:

NodeCypher Inc.

dpo@nodecypher.com