PRIVACY POLICY

1. Introduction

This Privacy Policy defines how “DIGIFENCE” LLC (hereinafter referred to as “DIGIFENCE”, “we”, “us”, “our”) collects, uses, processes, stores, transfers, and protects data in the course of providing IT services, cybersecurity services, and consulting services.

We are committed to ensuring lawful, fair, and transparent processing of personal data in accordance with applicable legislation, including the principles of the European Union General Data Protection Regulation (GDPR).

2. Data Classification

In DIGIFENCE, data is classified into the following levels:

  • Confidential
  • Internal
  • Public

DIGIFENCE classifies personal data and customer data as confidential data.

3. Categories of Data Processed

3.1 Personal Data

We may process the following data:

  • First and last name
  • Job title
  • Company name
  • Phone number
  • Email address
  • Contact details
  • Contractual data
  • Payment and billing data
  • Customer inquiries and request data

3.2 Technical Data

When using the website or services, the following data may be collected automatically:

  • IP address
  • Device identifiers
  • Operating system
  • Browser type
  • Timestamps
  • Usage statistics
  • Access and activity logs

3.3 Data within Cybersecurity Services

During service delivery, the following data may be processed:

  • Information security event data
  • Network traffic metadata
  • Firewall, IDS/IPS, SIEM, and other system logs
  • Vulnerability assessment results
  • System configuration data
  • Information security incident investigation materials

Such data is processed solely for the purpose of fulfilling contractual obligations.

4. Principles of Data Processing

We process data based on the following principles:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

5. Purposes of Data Processing

In DIGIFENCE, data may be processed for the following purposes:

Service Provision

  • IT infrastructure management
  • Technical support
  • Cybersecurity services
  • Consulting services
  • Contract execution

Security Assurance

  • Security monitoring
  • Detection of cyberattacks
  • Incident response
  • Risk assessment
  • Business continuity assurance

Legal Purposes

  • Compliance with legal obligations
  • Protection of legal interests
  • Dispute resolution

Operational Purposes

  • Service quality improvement
  • Risk management
  • Statistical analysis

6. Legal Basis for Processing

Processing of data may be based on:

  • Necessity for performance of a contract
  • Consent of the data subject
  • Compliance with legal obligations
  • Legitimate interests of DIGIFENCE
  • Necessity for security purposes

7. Data Retention Periods

Data is retained only for as long as necessary for:

  • Service delivery
  • Fulfillment of contractual obligations
  • Compliance with legal requirements
  • Investigation of security incidents

After the retention period expires, data is securely deleted or anonymized.

8. Transfer of Data to Third Parties

We may transfer data to:

  • Contractors and subcontractors
  • Cloud service providers
  • Data storage service providers
  • Law enforcement and government authorities where required by law

All third parties are required to ensure an adequate level of data protection.

9. International Data Transfers

Where data is transferred outside the European Economic Area (EEA), we apply appropriate legal and technical safeguards, including:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Other applicable mechanisms

10. Information Security Measures

We implement industry best-practice security measures, including:

  • Multi-layer protection
  • Access control
  • Multifactor authentication (MFA)
  • Data encryption
  • Security monitoring
  • Incident management
  • Backup and disaster recovery mechanisms
  • Vulnerability management
  • Employee security awareness training

11. Cookie Policy

Cookies are small text files stored on a user’s device that help ensure website functionality, security, and statistical analysis.

Our website may use:

Necessary Cookies

For essential website functionality.

Analytical Cookies

For collecting website usage statistics.

Security Cookies

For detecting fraud, unauthorized access, and security threats.

Users may manage cookie settings through their browser.

12. Rights of the Data Subject

You have the right to:

  • Obtain information about data processing
  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of data (“Right to be Forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

13. Automated Decision-Making

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on data subjects unless otherwise specified in the relevant service agreement.

14. Data Breach Management

In the event of a data breach, DIGIFENCE will take all necessary measures to:

  • Identify the incident
  • Contain the incident
  • Assess the impact
  • Mitigate consequences
  • Notify relevant authorities and data subjects in accordance with applicable law

15. Term of Use

15.1 Intellectual Property

All materials published on the website, including texts, images, graphical elements, logos, software solutions, and other content, are protected by copyright and other intellectual property rights.

Copying, distribution, or commercial use of such materials without the prior written consent of DIGIFENCE is prohibited.

15.2 Acceptable Use

The user agrees to:

  • Comply with applicable laws
  • Not attempt to gain unauthorized access
  • Not interfere with the normal operation of the website
  • Not use the website for harmful or fraudulent purposes

15.3 Limitation of Liability

DIGIFENCE shall not be liable for any indirect damages or losses arising from the use of the website.

15.4 Third-Party Links

The website may contain links to third-party resources for which DIGIFENCE assumes no responsibility.

16. Information Security Policy Statement

DIGIFENCE is committed to ensuring the confidentiality, integrity, and availability of its information assets, as well as the information assets of its clients.

DIGIFENCE:

  • Applies a risk-based approach to information security management
  • Continuously monitors information security
  • Ensures protection of client data against unauthorized access
  • Implements technical and organizational security measures
  • Regularly assesses vulnerabilities and information security threats
  • Ensures employee training and awareness in information security
  • Supports compliance with applicable legal, regulatory, and contractual requirements
  • Continuously improves its information security management processes

Information security is one of DIGIFENCE’s strategic priorities.

17. Changes to This Policy

We reserve the right to modify this Privacy Policy at any time.

The updated version will be published on the website and becomes effective upon publication unless otherwise stated.

18. Contact Us

If you have any questions, requests, or complaints regarding the processing of your data, you may contact us:

“DIGIFENCE” LLC

Address: 11 Sayat-Nova Avenue, Yerevan

Phone: (374) 11 48 48 48

Email: [email protected]

Website: www.digifence.am