ALFA Network LK

1. Operational Overview

At ALFA Network LK, we operate with the precision and integrity of a defense-grade security firm. This Privacy Policy outlines how we collect, use, and safeguard data in the context of our offensive security engagements, professional training, and hardware distribution.

2. Data Collection & Analysis

During specialized auditing and penetration testing engagements, ALFA Network LK may interact with sensitive organizational data. All such data is handled under strict Non-Disclosure Agreements (NDAs) and Rules of Engagement (RoE).

Engagement Metadata: Timestamps, target range, and operator IDs.
Operational Intelligence: Vulnerability mapping and exploit verification data.
Client Information: Contact details for authorized reporting and logistics.

3. Data Retention & Secure Sanitization

Operational data gathered during an audit is retained only for the duration specified in the client contract (typically 30-90 days post-remediation). Upon completion, all sensitive findings are securely sanitized using NIST-compliant data destruction standards.

4. Third-Party Disclosure

ALFA Network LK does not sell, trade, or otherwise transfer your personally identifiable information to outside parties. This excludes trusted third parties who assist us in operating our website and conducting our business, provided they agree to keep this information strictly confidential.

5. Legal Compliance

We comply with relevant Sri Lankan and International data protection regulations, including GDPR where applicable for our global operations. Any legal inquiries regarding data handling should be directed to our Corporate Compliance department.