Para soporte en vivo, por favor habilita JavaScript o contáctanos directamente en support@nubesti.com

Privacy Policy

Effective Date: August 1, 2025

Welcome to Nubesti LLC (“we,” “our,” or “us”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our AI-powered cybersecurity services. We are committed to protecting your privacy and ensuring compliance with applicable laws including the Delaware General Corporation Law, the European Union General Data Protection Regulation (GDPR), and Colombian data protection laws.

1. Information We Collect

1.1 Personal Information

We may collect the following categories of personal information:

  • Identity Data: Name, username, title, company name
  • Contact Data: Email address, telephone numbers, billing address, delivery address
  • Financial Data: Bank account and payment card details
  • Technical Data: Internet protocol (IP) address, login data, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
  • Profile Data: Username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses
  • Usage Data: Information about how you use our website, products and services
  • Marketing and Communications Data: Your preferences in receiving marketing from us and our third parties and your communication preferences

1.2 Special Categories of Personal Data

In the course of providing cybersecurity services, we may process special categories of data including data concerning security incidents, vulnerability assessments, and penetration testing results.

1.3 Data Collection Methods

We collect data through:

  • Direct interactions (forms, correspondence, phone calls)
  • Automated technologies (cookies, server logs, web beacons)
  • Third parties (analytics providers, advertising networks, search information providers)

2. How We Use Your Information

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of Contract: To provide our cybersecurity services, process payments, and manage your account
  • Legitimate Interest: To improve our services, conduct business analytics, and protect our business
  • Legal Compliance: To comply with legal obligations including those under Delaware law, GDPR, and Colombian regulations
  • Consent: For marketing communications and certain automated processing activities

2.1 Specific Uses Include:

  • Providing AI-powered red team cybersecurity services
  • Processing transactions and managing billing
  • Communicating with you about our services
  • Improving our website and services through analytics
  • Ensuring network and information security
  • Complying with legal and regulatory requirements
  • Detecting and preventing fraud and security incidents

For our European users, we process personal data on the following legal bases:

  • Article 6(1)(a): Consent
  • Article 6(1)(b): Contract performance
  • Article 6(1)(c): Legal obligation
  • Article 6(1)(f): Legitimate interests

For special categories of data, we rely on:

  • Article 9(2)(a): Explicit consent
  • Article 9(2)(c): Protection of vital interests
  • Article 9(2)(f): Legal claims

4. Data Sharing and Disclosure

We may share your personal information with:

4.1 Service Providers

Third-party vendors who provide services on our behalf, including:

  • Cloud hosting providers
  • Payment processors
  • Email service providers
  • Analytics providers

We may disclose your information when required by:

  • Delaware state law
  • Federal law (USA)
  • European Union law
  • Colombian law
  • Court orders or legal proceedings

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. International Data Transfers

For our global operations, we may transfer your data outside your country of residence. For EU residents, we ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Certification schemes

6. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfill the purposes outlined in this policy
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

Specific retention periods:

  • Customer account data: Duration of relationship plus 7 years
  • Financial records: 7 years (Delaware law requirement)
  • Marketing data: Until consent is withdrawn
  • Security incident data: 5 years

7. Your Rights

7.1 Rights Under GDPR (EU Residents)

  • Right of access: Request copies of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your data
  • Right to restrict processing: Limit how we use your data
  • Right to data portability: Receive your data in a structured format
  • Right to object: Object to certain types of processing
  • Rights related to automated decision making: Protection against solely automated decisions

7.2 Rights Under Colombian Law

  • Right to know, update, and rectify personal data
  • Right to request proof of authorization for data processing
  • Right to be informed about data usage
  • Right to file complaints with authorities
  • Right to access personal data free of charge

7.3 Rights Under Delaware/US Law

  • Right to know what personal information is collected
  • Right to request deletion of personal information
  • Right to opt-out of sale of personal information
  • Right to non-discrimination for exercising privacy rights

To exercise your rights, contact us at legal@nubesti.com.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Ensure website functionality
  • Analyze website usage
  • Provide personalized experiences
  • Deliver targeted advertising

You can control cookies through your browser settings. For EU users, we obtain consent before using non-essential cookies.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Employee training on data protection
  • Incident response procedures

10. Children’s Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If we learn we have collected such data, we will delete it promptly.

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying prominent notices on our website

13. Supervisory Authorities

You have the right to lodge a complaint with supervisory authorities:

  • EU: Your local Data Protection Authority
  • Colombia: Superintendencia de Industria y Comercio (SIC)
  • USA: Federal Trade Commission (FTC) and Delaware Attorney General’s Office

14. Contact Information

For any questions about this Privacy Policy or to exercise your rights, please contact us:

Nubesti LLC
Address: 1111B S Governors Ave STE 23840, Dover, DE 19904, USA
Email: legal@nubesti.com
Phone: +57 320 545 1915

Data Protection Officer (for EU matters):
Email: dpo@nubesti.com

Representative in the EU:
[To be appointed as needed]

This Privacy Policy demonstrates our commitment to protecting your personal information and complying with applicable data protection laws. Thank you for trusting Nubesti LLC with your personal data.

Ready to Secure
Your Enterprise?

24/7 autonomous testing
Minimal false positives
Auto-remediation patches
Book a Demoicon
4.9 / 5
From Enterprise Security Teams