🏢 Who We Are

CYBER-BRO LLC is a cybersecurity company dedicated to providing
comprehensive security solutions and educational resources to individuals and organizations
worldwide.

Company Information

• Legal Name: CYBER-BRO LLC
• Business Registration: Limited Liability Company
• Primary Business: Cybersecurity services, software development, and
  security education
• Jurisdiction: Republic of Uzbekistan

SentinelBRO Desktop Application

SentinelBRO is a desktop application designed to run solely on your personal
computer. The application collects and processes data only on your own
device and never transmits it to any servers or external
sources.

Furthermore, 99% of SentinelBRO’s functionality is controlled by the user,
meaning you have full authority over how the application works and your data is used
exclusively with your permission.

🔧 Services and Applications Covered

This Privacy Policy applies to all services, platforms, and applications provided by
CYBER-BRO LLC, including but not limited to:

Desktop Applications

• Security monitoring and analysis tools
• Vulnerability assessment software
• System auditing applications
• Educational cybersecurity tools

Web Services

• Website: All web pages under cyber-bro.uz domain
• Blog Platform: Educational content and security insights
• CTF Platform: Capture The Flag challenges and competitions
• Online Tools: Web-based security utilities and resources

Educational Platforms

• Training modules and courses
• Interactive learning environments
• Certification programs
• Community forums and discussions

📊 Data our vulnerability scanner collect in local

We collect various types of information to provide and improve our services. This data is
categorized into the following types:

Technical Data

Security Configuration Data

System Identifiers

User Data

Important Note: We do not collect personal login credentials, passwords, or
sensitive personal information. All identifiers collected are system-generated or
hardware-based, not personally identifiable information.

🎯 Purpose of Data Use

The data we collect is used exclusively for legitimate business purposes related to security
auditing and service improvement:

Primary Purposes

• Security Auditing: Analyzing system configurations to identify
  potential security vulnerabilities and provide recommendations
• Threat Detection: Monitoring for suspicious activities and potential
  security threats
• Compliance Assessment: Evaluating systems against industry security
  standards and best practices
• Educational Content: Creating anonymized case studies and educational
  materials

Secondary Purposes

• Service Improvement: Enhancing our applications and services based on
  usage patterns
• Technical Support: Providing better assistance and troubleshooting
• Performance Optimization: Improving application performance and
  compatibility
• Research and Development: Developing new security tools and
  methodologies

🔒 Data Storage and Security

Storage Locations

We employ a multi-tier approach to data storage based on the sensitivity and purpose of the
information:

Local Storage

• Primary Location: Most data is stored locally on your device
• File Locations: Application data folders, temporary directories, and
  user-specified locations
• Encryption: Sensitive local data is encrypted using industry-standard
  algorithms
• Access Control: Files are protected with appropriate system-level
  permissions

Server Storage (When Applicable)

• Duration: Server logs and analysis data are stored for a maximum of 12
  months
• Purpose: Stored data is used only for security analysis and service
  improvement
• Security Measures:
  • End-to-end encryption during transmission
  • AES-256 encryption at rest
  • Regular security audits and penetration testing
  • Multi-factor authentication for access
• Geographic Location: Servers are located in secure data centers with
  appropriate jurisdictional protections

Data Retention Policies

Security Measures

• Access Controls: Strict role-based access controls with regular audits
• Monitoring: Continuous monitoring of data access and usage
• Incident Response: Comprehensive incident response plan for security
  breaches
• Regular Updates: Security measures are regularly updated to address
  emerging threats

🤝 Data Sharing and Disclosure

General Policy

We do not share, sell, or transfer your personal data to third parties
except in the limited circumstances described below:

Legal Requirements

Service Providers

We may share limited data with trusted service providers who assist in our operations:

• Cloud Infrastructure: Secure hosting and data processing services
• Analytics Services: Anonymized usage analytics (with data minimization)
• Security Services: Threat intelligence and security monitoring services

Contractual Protection: All service providers are bound by strict
contractual agreements to protect your data and use it only for specified purposes.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred
as part of the business. We will provide notice and ensure continued protection under this
Privacy Policy.

Emergency Situations

We may disclose information in emergency situations to:

• Protect the safety of our users or the public
• Prevent fraud or illegal activities
• Protect our legal rights and property

⚖️ Your Privacy Rights

We respect your privacy rights and provide you with comprehensive control over your personal
data:

Right to Information

• Data Transparency: Request information about what data we have
  collected
• Processing Purpose: Understand how and why your data is being processed
• Data Recipients: Know who has access to your data
• Retention Period: Learn how long your data will be stored

Right to Access

Right to Deletion

• Complete Deletion: Request deletion of all your personal data
• Selective Deletion: Request deletion of specific data categories
• Verification Process: Identity verification may be required for
  deletion requests
• Exceptions: Some data may be retained if required by law or for legal
  proceedings

Right to Opt-Out

• Data Collection: Opt-out of data collection (may limit application
  functionality)
• Processing Activities: Opt-out of specific types of data processing
• Future Contact: Opt-out of future communications

Right to Object

• Processing Objection: Object to specific types of data processing
• Automated Decision-Making: Object to automated decision-making
  processes
• Direct Marketing: Object to use of data for marketing purposes

Right to Data Portability

• Data Export: Export your data in a structured, machine-readable format
• Transfer: Transfer your data to another service provider

Right to Non-Use

How to Exercise Your Rights: Contact us at
info@cyber-bro.uz to exercise any of these rights. We will respond promptly
and work with you to address your concerns.

🍪 Cookies and Similar Technologies

We use cookies and similar technologies to enhance your experience and improve our services:

Types of Cookies We Use

Essential Cookies

• Purpose: Required for basic website functionality
• Examples: Session management, security features, login status
• Duration: Session-based (deleted when browser closes)
• Opt-out: Cannot be disabled as they are necessary for service operation

Functional Cookies

• Purpose: Remember user preferences and settings
• Examples: Language preferences, theme choices, interface customizations
• Duration: Up to 1 year
• Opt-out: Can be disabled (may affect user experience)

Analytics Cookies

• Purpose: Understand how users interact with our services
• Examples: Page views, user flow, feature usage
• Duration: Up to 2 years
• Data: Anonymized and aggregated
• Opt-out: Can be disabled in browser settings

Security Cookies

• Purpose: Detect and prevent security threats
• Examples: Fraud detection, suspicious activity monitoring
• Duration: Varies based on security requirements
• Opt-out: Cannot be disabled for security reasons

Managing Cookies

Third-Party Cookies

We may use third-party services that set their own cookies:

• Analytics Services: Google Analytics (anonymized)
• Content Delivery: CDN services for improved performance
• Security Services: DDoS protection and threat detection

These third parties have their own privacy policies and cookie practices.

Local Storage

In addition to cookies, we may use browser local storage for:

• Offline functionality
• Performance optimization
• User preference storage

📋 Policy Changes and Updates

Notification Process

We are committed to transparency regarding changes to this Privacy Policy:

Major Changes

Minor Changes

• Website Update: Updated policy posted on website
• Change Log: Detailed change log maintained
• Email Summary: Monthly summary of minor changes

Types of Changes

• Data Collection: Changes to what data we collect
• Usage Purposes: New purposes for data usage
• Sharing Practices: Changes to data sharing practices
• User Rights: Updates to user rights and options
• Legal Requirements: Changes due to new legal requirements

Effective Dates

Policy changes become effective:

• Major Changes: 30 days after notification
• Minor Changes: Immediately upon posting
• Legal Requirements: As required by law
• Emergency Changes: Immediately for security or safety reasons

User Options

Version History: We maintain a complete version history of this Privacy
Policy, available upon request.

📞 Contact Information

We are committed to addressing your privacy concerns and questions. Please don’t hesitate to
contact us:

Response Times

• General Inquiries: Within 2-3 business days
• Data Access Requests: Within 30 days
• Data Deletion Requests: Within 30 days
• Privacy Concerns: Within 1-2 business days
• Security Issues: Within 24 hours

What to Include in Your Contact

Data Protection Officer

For matters specifically related to data protection and privacy compliance, you may contact
our Data Protection Officer directly at the same email address, using the subject line “Data
Protection Officer – [Your Request]”.

Language Support: We can respond in English, Russian, and Uzbek languages.