Privacy Policy

Privacy Policy #

Last updated: June 1, 2025
Applies to: cybermonkey.net.au, delphi.cybermonkey.net.au, and all services provided by Code Monkey Cybersecurity

What We Collect #

We collect only what we need to deliver secure, reliable services:

  • Website Visits
    • IP (anonymized), browser, device type — for basic analytics via privacy-first platforms (e.g. Fathom, Plausible)
  • Account & Platform Usage (Delphi)
    • Name, email, role
    • Device metadata (e.g. OS, scan state, agent ID)
    • Logs, alerts, and telemetry from your monitored systems
  • Support Requests
    • Your messages and any files you voluntarily provide
  • Security Events & Audit Trails
    • Access logs, SSO activity, Vault actions — for compliance and forensic integrity

We do not collect behavioral tracking data, biometric data, or advertising profiles.

Why We Collect It #

We use your data to:

  • Deliver and operate our platform (e.g. security alerting, SSO, tenant isolation)
  • Respond to support requests and technical issues
  • Maintain system integrity and detect abuse
  • Improve features based on anonymized metrics

We never sell your data, and we do not use third-party advertising or tracking services.

Who Can Access #

Access is strictly limited to:

  • Authorized internal staff
    • Access is scoped by RBAC, logged, and reviewed
  • Trusted infrastructure providers
    • e.g. Hetzner (servers), Proton (internal mail), Tailscale (private network overlay)
  • Legal authorities, only when required
    • e.g. valid subpoena or legal obligation
  • No third-party analytics (Google Analytics, Meta Pixel, etc.) are used

Data Retention #

Our data handling follows industry best practices for MSSPs and MDR providers.

Data Type Retention
Account & identity data Active account + 12 mo
Logs (e.g. Wazuh, SIEM) 24–36 months
Agent telemetry 12–24 months
Support tickets & attachments Up to 24 months
System/application logs 90–180 days
Authentication/audit trails Up to 36 months

Clients can request custom retention tiers as part of their SLA.

Deletion requests may be submitted at any time (see below).

Your Rights #

You have the right to:

  • Access and export your personal data
  • Request corrections or deletions
  • Object to non-essential processing
  • Request data portability
  • File a complaint with a supervisory authority (e.g. OAIC, GDPR)

To make a request, email main@cybermonkey.net.au

Cookies #

We use no tracking cookies.

Our self-hosted analytics are fully GDPR/CCPA compliant and cookie-free by default. You won’t see cookie banners because we don’t collect fingerprinting data.

Where Your Data Lives #

Your data is stored securely in:

  • European Union
  • Australia

All storage uses AES-256 encryption at rest, and all transmission is protected by TLS 1.3 or higher.

Multi-tenancy isolation is enforced through virtualization, index segregation, and access control.

Updates to This Policy #

We will publish updates here. Major changes will be communicated via email to affected users.

Last major update: June 1, 2025

Contact Us #

Code Monkey Cybersecurity Pty Ltd
Email: privacy@cybermonkey.net.au

For more technical detail, please see our Data Handling & Retention Policy.

We believe security is a right — and privacy is a responsibility.

© 2025 Code Monkey Cybersecurity • Privacy PolicyTermsContact