Privacy Policy

Last Updated: March 24, 2026

1. Introduction

7Stack Solutions ("Company," "we," "us," or "our") is committed to protecting the privacy and security of your information. As a Managed Security Service Provider (MSSP), we understand the critical importance of data protection and handle all information with the highest level of security and confidentiality.

This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, engage our services, or interact with us in any capacity. Please read this policy carefully to understand our practices regarding your information.

2. Information We Collect

2.1 Information You Provide

  • Contact Information: Name, email address, phone number, company name, job title
  • Account Information: Login credentials for client portals and dashboards
  • Communication Data: Correspondence, support tickets, and feedback
  • Contractual Information: Billing details, service agreements, and compliance documentation

2.2 Security Monitoring Data

As part of our managed security services, we may collect and process:

  • Log Data: System logs, security event logs, network traffic logs, and application logs
  • Endpoint Data: Device information, process data, file metadata, and system configurations
  • Network Data: IP addresses, network flow data, DNS queries, and connection metadata
  • Threat Intelligence: Indicators of compromise (IOCs), malware signatures, and threat actor information
  • Incident Data: Security incident details, forensic artifacts, and remediation records

2.3 Automatically Collected Information

  • Browser type and version
  • Operating system
  • IP address and geolocation data
  • Pages visited and time spent on our website
  • Referring website addresses

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

  • Providing managed SIEM, EDR, and security monitoring services
  • Detecting, analyzing, and responding to security threats
  • Generating security reports and compliance documentation
  • Conducting threat hunting and vulnerability assessments
  • Maintaining and improving our security infrastructure

3.2 Communication

  • Responding to inquiries and support requests
  • Sending security alerts and incident notifications
  • Providing service updates and maintenance notices
  • Delivering newsletters and security advisories (with consent)

3.3 Legal and Compliance

  • Complying with legal obligations and regulatory requirements
  • Responding to law enforcement requests when legally required
  • Protecting our rights, privacy, safety, or property
  • Supporting incident response and forensic investigations

4. Data Retention

We retain data according to the following guidelines:

  • Security Logs: Retained for the period specified in your service agreement (typically 90-365 days)
  • Incident Data: Retained for a minimum of 3 years or as required by applicable regulations
  • Contact Information: Retained for the duration of the business relationship plus 3 years
  • Compliance Records: Retained as required by applicable laws and regulations

Upon termination of services, we will securely delete or return your data as specified in your service agreement, unless retention is required by law.

5. Data Security

We implement comprehensive security measures to protect your information:

  • Encryption: Data encrypted at rest (AES-256) and in transit (TLS 1.3)
  • Access Controls: Role-based access control (RBAC) and multi-factor authentication
  • Network Security: Firewalls, intrusion detection systems, and network segmentation
  • Physical Security: Secure data centers with 24/7 monitoring and access controls
  • Security Assessments: Regular penetration testing and vulnerability assessments
  • Employee Training: Mandatory security awareness training for all personnel
  • Incident Response: Documented incident response procedures and breach notification protocols

6. Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

6.1 Service Providers

We may share data with trusted third-party service providers who assist us in delivering our services, including cloud infrastructure providers, threat intelligence partners, and technology vendors. All service providers are bound by confidentiality agreements and data processing terms.

6.2 Threat Intelligence Sharing

We may share anonymized and aggregated threat intelligence data with industry partners, ISACs (Information Sharing and Analysis Centers), and law enforcement to improve collective cybersecurity. This data does not identify individual clients.

6.3 Legal Requirements

We may disclose information when required by law, court order, or government request, or when necessary to protect our rights or the safety of others.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Portability: Request transfer of your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Withdrawal of Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at info@7stacksolutions.org.

8. International Data Transfers

If we transfer your data to countries outside your jurisdiction, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by relevant authorities
  • Data processing agreements with adequate security provisions
  • Compliance with applicable data protection frameworks

9. Regulatory Compliance

We maintain compliance with applicable data protection regulations, including:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Health Insurance Portability and Accountability Act (HIPAA) - where applicable
  • Payment Card Industry Data Security Standard (PCI DSS) - where applicable
  • SOC 2 Type II compliance
  • ISO 27001 security standards

10. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

  • Ensure website functionality and security
  • Remember your preferences
  • Analyze website traffic and usage patterns
  • Improve our services and user experience

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. For significant changes affecting your rights, we will provide additional notice via email or through our client portal.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

7Stack Solutions

Data Protection Officer

Email: info@7stacksolutions.org