Privacy Policy

Most companies like to collect as much data as possible about their (potential) customers. We believe there is a better way to form a healthy relationship with our customers, partners, and members of the community.

Your privacy is important

Privacy is sensitive subject. As privacy fanatics ourselves, we respect your privacy and want to do business in a respectable way. On this page we share what data we collect and why we do so. Where applicable, we will provide additional information and tips to improve your privacy. Honest business and transparancy, that is the way how business should be done.

About this privacy policy


A privacy policy should be easy to read. For that reason, we avoid formal language and try to specify things as detailed as possible.


We retain the right to change this privacy policy when needed. Typically this is done to improve the readability or add clarity. We will keep a changelog at the same page.


How we obtain data

Most data that we receive from individuals and companies is provided by the subject itself. In other words, you may have subscribed yourself to our mailing list, requested a trial, or placed an order.

Opposed to what other information security companies do, we are not actively seeking private information or details. We do not 'guess' email addresses from websites or sites like LinkedIn.

Data retention

We store data in a few places that are required to do business.

  • Our CRM system
  • Lynis Enterprise portal (SaaS customers)
  • Mailing list (subscribers)
  • Accounting software

Note: Dutch laws for tax regulation requires us to maintain accounting data for seven years. Where possible, we delete any old accounting details.

Our promises

Promise: Privacy by design

We apply the principle of privacy by design, also known as PET. Only data is stored when it is really needed. Where possible, default options are set to be as privacy-friendly as possible.

Tip: Ask companies what data they store and why!

Promise: No invading analytic tools

Except for troubleshooting purposes, we rather not use analytics tools on our website. Although it is a powerful marketing instrument, your privacy is more important to us. Most of our website will work without any external scripts. Only if you make a purchase, external resources of our payment processor Stripe are required.

Tip: Block the loading of external scripts if they are not required for websites to work. This can be done with a browser plugin like Ghostery, NoScript, Privacy Badger.

Promise: Anonymous access and no cookies

Our website is fully available as an anonymous user. We don't require you to accept cookies, as we avoid them as much as possible.

Note: You may see the 'csrftoken' cookie in your browser, which is used on HTML forms as an additional security measure. This is a randomized value and not linked to the submitter of the form.

Promise: Reduce the collection of personal information

Our goal is to have the least amount of personal information as possible. On our website, we do not collect any personal information, except in the trial and order forms. This information is stored in our CRM solution to process your request.

Promise: Limited logging

Access requests to our website are logged for security purposes, which is something you may expect from a security firm. We use the information to generate basic visitor statistics, allowing us to scale our resources properly where needed. This logging contains data like your IP address, browser, and the page requested.

Tip: You can hide your IP address by using a VPN solution, or an internet proxy.


2.0.0Updated version with changelog, including changes related to GDPR


Do you want to know something about how we deal with your data, let us know.