Privacy Policy
Last updated: February 7, 2026
At Cyberkov W.L.L., we are committed to protecting your privacy and ensuring the security of your personal information in accordance with the laws of the State of Kuwait, including the Electronic Transactions Law (Law No 20 of 2014), the Cybercrime Law (Law No 63 of 2015), and applicable CITRA regulations. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.
Information We Collect
Personal Information
In accordance with Article 32 of the Electronic Transactions Law (Law No 20 of 2014) of the State of Kuwait, we collect personal information only with your explicit consent and for clearly stated purposes. This may include: your name, email address, phone number, company name, job title, and any other information you voluntarily provide through our contact forms, service requests, or consultation bookings.
Technical Information
We automatically collect certain technical information when you visit our website, including: IP address, browser type and version, operating system, referring URLs, pages viewed, time spent on pages, and other diagnostic data. This data is collected for the legitimate purpose of maintaining website security and improving service quality, consistent with the principles of the Kuwait E-Transactions Law.
Cookies and Tracking
We use cookies and similar tracking technologies to enhance your experience, in compliance with CITRA's Cloud Computing Regulatory Framework requirements. Essential cookies are required for basic functionality, while analytics cookies help us understand how visitors interact with our website. We clearly disclose the types of cookies used, including those from third-party services. You can manage your cookie preferences through our cookie consent banner at any time.
How We Use Your Information
Service Delivery
Pursuant to Articles 32 and 35 of the E-Transactions Law, we use your information strictly for the purposes stated at the time of collection: to provide, maintain, and improve our cybersecurity and signal security services, respond to your inquiries, and fulfill your service requests. We do not process your data for purposes beyond those originally disclosed without obtaining your additional consent.
Communication
We may use your contact information to send you important updates about our services, security alerts, newsletters (if subscribed), and marketing communications. In accordance with CITRA User Guidelines (Article 14), marketing communications are sent only with your verified consent and between the hours of 7:00 AM and 10:00 PM Kuwait time. You can opt out of marketing communications at any time.
Analytics and Improvement
We analyze usage patterns to improve our website functionality, develop new features, and enhance the overall user experience.
Data Protection & Security
Security Measures
As a cybersecurity company, and in compliance with Article 35 of the E-Transactions Law, we implement industry-leading security measures to protect your personal information. These include encryption, access controls, regular security audits, disaster recovery protocols, and compliance with international security standards (ISO/IEC 27001, ISO/IEC 27701). We regularly verify and update the accuracy of personal data stored in our systems.
Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.
Data Breach Notification
In the unlikely event of a data breach affecting your personal information, we will notify you and the relevant Kuwaiti authorities, including CITRA and the Electronic and Cyber Crime Combating Department (ECCCD) of the Ministry of Interior, as required by applicable law. Under the Cybercrime Law (Law No 63 of 2015), unauthorized access to or disclosure of personal data carries penalties of up to three years imprisonment and fines between KWD 3,000 and KWD 10,000.
Your Rights
Access and Portability
Under Article 33 of the E-Transactions Law, you have the right to request access to your personal data held by us and to receive a record of such data in a structured, commonly used format.
Correction and Deletion
Under Article 36 of the E-Transactions Law, you have the right to request correction of inaccurate data or deletion of your personal information from our records. Requests for access, modification, or deletion can be initiated by you or your authorized legal representative (Articles 25-26 of the Implementing Regulations, Decision No 48 of 2014).
Objection and Restriction
You have the right to object to certain processing activities and request restriction of processing in specific circumstances. Under Kuwaiti law, processing of your personal data must be limited to the stated purpose for which it was collected, and any processing beyond that scope requires your additional consent.
Withdrawal of Consent
In accordance with Article 4 of the E-Transactions Law and the CITRA Data Privacy Protection Regulation (DPPR), you may withdraw your consent to the use of your personal data at any time. Upon your request, we will dispose of and destroy all associated personal data in our possession, without affecting the lawfulness of processing carried out prior to withdrawal.
Third-Party Sharing
Service Providers
We may share your information with trusted third-party service providers who assist us in operating our website and delivering services. These providers are contractually bound to protect your information.
Legal Requirements
We may disclose your information when required by law, court order, or government request, or when necessary to protect our rights, safety, or property.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal information may be transferred as part of the transaction, with appropriate notice provided.
International Data Transfers
Cross-Border Transfers
Your information may be transferred to and processed in countries outside Kuwait for the purpose of delivering our services. In accordance with Articles 32 and 35 of the E-Transactions Law and Article 4(11) of the DPPR, we will notify you prior to any transfer of your personal data outside the State of Kuwait and obtain your consent for such transfers.
Safeguards
We implement contractual safeguards, encryption, and access controls to ensure your data receives equivalent protection regardless of where it is processed. All cross-border transfers comply with the consent and notification requirements of Kuwaiti law, and we maintain the same level of security measures as required by the E-Transactions Law.
Children's Privacy
Our services are not directed to individuals under the age of 18. In accordance with Kuwait's child protection laws and CITRA's Cloud Computing Regulatory Framework, we do not knowingly collect personal information from minors. If data collection involves individuals under 18, the consent of their parent or legal guardian is required. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately, and we will take steps to delete such information.
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website with a new "Last Updated" date. We encourage you to review this policy periodically to stay informed about how we protect your information.