Keith Makan Security Consultancy ("KMSEC", "we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy informs you about how we handle your personal data when you visit our website or engage with our consultancy services, and outlines your privacy rights in accordance with the Protection of Personal Information Act (POPIA) of South Africa.
During the course of our professional engagements—ranging from secure source code reviews to deep-dive manual security assessments—we may collect, use, store, and transfer different kinds of data, including:
We will only use your data when legally permitted. Primarily, your information is utilized to:
Given the sensitive nature of our work, KMSEC employs strict, industry-leading technical and organizational measures to secure your data against unauthorized access, alteration, disclosure, or destruction. Project-specific artifacts (such as decompiled binaries or identified exploit paths) are heavily restricted, encrypted in transit and at rest, and accessible only to authorized personnel bound by strict non-disclosure obligations.
We retain personal and technical data only for as long as necessary to fulfill the purposes for which it was collected. Upon the conclusion of a security assessment and the expiration of our contractual reporting windows, client-specific vulnerability data, source code, and binaries are securely purged from our active analysis environments.
Under POPIA, you have rights in relation to your personal data, including the right to request access to, correction of, erasure of, or restriction of the processing of your personal data. If you wish to exercise any of these rights, please contact us directly.