Privacy Policy

Last updated: May 2, 2026

Shomar Security collects the account, organization, contact, and product usage information needed to provide security scanning, compliance workflows, support, billing, and service communications. We do not sell personal information.

Customer code, scan findings, compliance evidence, and integration metadata are processed only to deliver the platform, secure the service, troubleshoot issues, and meet legal obligations. Access is limited to authorized personnel and protected through administrative, technical, and organizational controls.

We retain information for as long as an account is active or as required for legal, security, audit, and legitimate business purposes. Customers may request access, correction, deletion, export, or restriction of personal information by contacting privacy@shomarsec.com.

For users in jurisdictions covered by POPIA, NDPR, Kenya DPA, GDPR, or similar privacy laws, Shomar will support applicable data subject rights and provide additional processing terms where required.