Privacy Policy

Privacy Policy for VeroCyber

VeroCyber (“VeroCyber,” “we,” “us,” or “our”) is committed to protecting the privacy, confidentiality, integrity, and security of the information entrusted to us. As a provider of Cybersecurity Consulting, Healthcare Cybersecurity, HITRUST Consulting, HIPAA Compliance Services, SOC 2 Compliance Consulting, PCI DSS Assessments, NIST Cybersecurity Framework Assessments, Third-Party Risk Management Services, Cyber Risk Assessments, Information Security Consulting, and Virtual CISO Services, we recognize the importance of safeguarding personal and business information.

This Privacy Policy explains how we collect, use, disclose, protect, retain, and process information when you visit our website, request services, subscribe to communications, or otherwise interact with VeroCyber.

By accessing or using our website, you acknowledge and agree to the practices described in this Privacy Policy.

Information We Collect

Information You Provide

We may collect information that you voluntarily provide, including:

Name
Company name
Job title
Email address
Telephone number
Mailing address
Consultation requests
Contact form submissions
Service inquiries
Project requirements
Security assessment information
Vendor assessment information
Compliance-related documentation

Information Automatically Collected

When you visit our website, we may automatically collect:

IP address
Browser type and version
Device information
Operating system
Referring website
Pages visited
Date and time of access
Website interaction data
Cookie identifiers

Information Collected During Professional Services

When providing cybersecurity services, we may receive information necessary to perform:

Cybersecurity assessments
HITRUST readiness reviews
HIPAA assessments
NIST CSF assessments
SOC 2 readiness assessments
PCI DSS assessments
Third-party risk assessments
Virtual CISO engagements

Such information may include business, technical, operational, security, and compliance-related information provided by clients.

How We Use Information

We use information to:

Deliver cybersecurity services
Respond to inquiries
Schedule consultations
Provide proposals and statements of work
Perform risk assessments
Conduct compliance reviews
Improve website functionality
Deliver educational content
Send newsletters and updates
Monitor website performance
Detect fraud and security incidents
Meet legal and contractual obligations

We process information only for legitimate business purposes and in accordance with applicable laws.

Cookies and Analytics

Our website may use cookies, pixels, and similar technologies to:

Improve user experience
Analyze website traffic
Understand visitor behavior
Enhance website performance
Support marketing and outreach activities

Users may disable cookies through their browser settings; however, some website functionality may be affected.

We may utilize third-party analytics providers such as Google Analytics or similar services to help us understand website usage.

Third-Party Services

We may use trusted third-party service providers to support:

Website hosting
Email communications
Customer relationship management (CRM)
Analytics
Scheduling platforms
Marketing automation
Security monitoring

These providers are contractually required to protect information and may only use information as necessary to provide services on our behalf.

Data Security

VeroCyber maintains administrative, technical, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, misuse, and destruction.

Our security practices may include:

Encryption technologies
Access controls
Multi-factor authentication
Secure network architectures
Security monitoring
Vulnerability management
Incident response procedures
Security awareness training

While we employ reasonable security measures, no method of transmission or storage can be guaranteed to be 100% secure.

Confidentiality Commitment

As a cybersecurity advisory firm, confidentiality is central to our operations.

Information shared with VeroCyber during cybersecurity consulting engagements, compliance assessments, risk assessments, and advisory services is handled in accordance with contractual obligations, professional standards, and confidentiality requirements.

We do not sell client information.

HIPAA and Healthcare Information

VeroCyber provides Healthcare Cybersecurity, HITRUST Consulting, and HIPAA Compliance Advisory Services.

Unless specifically engaged under a Business Associate Agreement (BAA), VeroCyber does not seek to collect Protected Health Information (PHI) through its public website.

Clients should not transmit PHI through website contact forms or unsecured communication channels unless explicitly authorized through contractual arrangements.

Data Retention

We retain information only for as long as necessary to:

Provide services
Meet contractual obligations
Comply with legal requirements
Resolve disputes
Maintain business records

When information is no longer required, we may securely delete, destroy, anonymize, or archive it in accordance with applicable requirements.

International Privacy Rights

Depending on your location, you may have certain privacy rights, including:

Access to personal information
Correction of inaccurate information
Deletion requests
Data portability
Restriction of processing
Objection to processing
Withdrawal of consent

Residents of certain jurisdictions, including the European Economic Area (EEA), United Kingdom, and California, may have additional rights under applicable privacy laws.

California Privacy Rights

California residents may have rights under applicable California privacy laws, including the right to:

Know what information is collected
Request deletion of personal information
Request correction of inaccurate information
Limit certain uses of personal information
Exercise rights without discrimination

Requests may be submitted using the contact information below.

GDPR Notice

Where applicable, VeroCyber processes personal information in accordance with applicable data protection laws and principles, including lawfulness, fairness, transparency, purpose limitation, data minimization, and security.

Children’s Privacy

Our services and website are intended for business professionals and organizations.

We do not knowingly collect personal information from children under the age of 13.

Data Sharing and Disclosure

We may disclose information:

With client consent
To service providers supporting our operations
To comply with legal obligations
To protect legal rights
During business transactions such as mergers or acquisitions

We do not sell personal information to third parties.

Limitation of Liability

While VeroCyber implements reasonable safeguards to protect information, users acknowledge that no internet transmission, cloud platform, or electronic storage method can guarantee absolute security.

To the fullest extent permitted by law, VeroCyber disclaims liability for unauthorized access, data loss, cyberattacks, or other events beyond our reasonable control.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in legal requirements, business operations, services, or technology.

Updates will be posted on this page with a revised effective date.

Contact Us

If you have questions about this Privacy Policy, privacy practices, cybersecurity services, or data protection matters, please contact:

VeroCyber

Website: https://verocyber.io

Contact Page: https://verocyber.io/contact-us

Schedule a Cybersecurity Consultation

Interested in strengthening your cybersecurity posture, achieving HITRUST certification readiness, improving HIPAA compliance, preparing for SOC 2 audits, implementing the NIST Cybersecurity Framework, or conducting cyber risk assessments?

Contact VeroCyber today to schedule a consultation and learn how our cybersecurity experts can help your organization protect sensitive information, reduce cyber risk, and strengthen compliance.