Privacy Policy

1. Introduction

Welcome to National Cyber Security Intelligence (NCSI), a specialized wing of Khiti World IT. We are committed to protecting your digital privacy and ensuring the security of any data you share with us during investigations, consultations, or while using our website.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our cyber intelligence services. By accessing our services, you consent to the data practices described in this statement.

2. Information We Collect

We collect distinct types of information to provide our intelligence and security services effectively:

A. Personal Identification Information

We may collect personal details when you fill out a "Report Incident" form, subscribe to our newsletter, or contact us. This includes:

• Full Name and Organization/Company Name.
• Email Address and Phone Number.
• Government ID (only if required for verification in specific investigations).

B. Technical & Operational Data

For clients undergoing Vulnerability Assessments (VAPT) or Forensic Analysis, we may process:

• Server Logs, IP Addresses, and Device Identifiers.
• System Architecture diagrams provided for auditing.
• Incident logs relating to cyber attacks.

3. How We Use Your Data

NCSI uses the collected data for legitimate intelligence and business purposes, including:

4. Data Security

We employ military-grade security measures to protect your personal and operational data. Our security protocols include:

• Encryption: All sensitive data is encrypted in transit (SSL/TLS) and at rest (AES-256).
• Access Control: Strict Role-Based Access Control (RBAC) ensures only authorized intelligence analysts can access case files.
• Data Isolation: Client investigation data is stored on air-gapped or isolated servers where necessary.

While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet is 100% secure.

5. Information Sharing

NCSI maintains a strict Non-Disclosure Agreement (NDA) standard. We do not sell, trade, or rent your personal identification information to others.

We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners and trusted affiliates for the purposes outlined above.

Law Enforcement: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or CERT-In).

6. Cookies & Tracking

Our website uses "cookies" to enhance the user experience. Your web browser places cookies on your hard drive for record-keeping purposes and sometimes to track information about them.

You may choose to set your web browser to refuse cookies or to alert you when cookies are being sent. If you do so, note that some parts of the Site may not function properly (e.g., the Client Portal).

7. Your Rights

In accordance with the Digital Personal Data Protection (DPDP) Act, 2023, you have the right to:

• Request access to the personal data we hold about you.
• Request correction of any incorrect or incomplete data.
• Request erasure of your personal data ("Right to be Forgotten"), subject to legal retention requirements for criminal investigations.
• Withdraw your consent for data processing at any time.

8. Contact Us

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with NCSI, please reach out to our Data Protection Officer via our secure portal.