TelhawkTELHAWK
Legal

Telhawk Systems, Inc. Privacy Policy

Effective Date: June 1, 2026 · Last Updated: June 1, 2026

Telhawk Systems, Inc. (“Telhawk,” “we,” “our,” or “us”) provides software security review, code audit, AI security validation, AI-agent review, remediation validation, and related cybersecurity services. This Privacy Policy explains how we collect, use, disclose, retain, and protect information when you visit our website, contact us, request services, submit materials for review, or use Telhawk products or services.

This Privacy Policy is intended to apply to personal information and business information we collect through our website, forms, communications, portals, audit workflows, and related services. Customer contracts, statements of work, data processing agreements, nondisclosure agreements, or other written agreements may provide additional or different terms for specific engagements.

1. Information We Collect

We may collect information directly from you, automatically through our website and systems, from business partners, and through security review engagements.

A. Contact and Business Information

We may collect:

  • Name
  • Business email address
  • Phone number
  • Company name
  • Job title
  • Company website
  • Business address
  • Investor, partner, or customer inquiry details
  • Communications with Telhawk
  • Meeting notes or service intake information

B. Account, Portal, and Service Information

If we provide access to a customer portal, secure workspace, audit workflow, or other service environment, we may collect:

  • Login credentials or authentication identifiers
  • User role and permission information
  • Organization or tenant identifiers
  • Account settings
  • Service usage records
  • Support requests
  • Audit history and validation status
  • System activity associated with use of the service

C. Code, Repository, API, and Technical Materials

In connection with security audits, validation reviews, or related services, customers may submit or authorize access to technical materials, including:

  • Source code
  • Repository metadata
  • Pull requests, commits, branches, or version identifiers
  • API routes, schemas, endpoints, request/response samples, or documentation
  • Configuration files
  • Infrastructure or deployment information
  • Authentication or authorization logic
  • AI-agent workflows, tool permissions, prompts, policies, or integration details
  • Logs, stack traces, test output, or security scan results
  • Remediation materials, corrected code, or validation submissions

We treat customer-submitted code, technical materials, and security findings as confidential customer materials, subject to applicable contractual terms.

D. Security Findings and Audit Outputs

Telhawk may generate or process security-related outputs, including:

  • Potential vulnerabilities
  • Proof-backed findings
  • Affected code paths
  • Data-flow analysis
  • Missing controls
  • Permission or authorization issues
  • Remediation guidance
  • Validation status
  • Audit-ready reports
  • Executive summaries
  • Technical review notes

These materials may contain confidential customer information and, in some cases, personal information if such information appears in code, logs, sample data, or submitted materials.

E. Website and Usage Information

When you visit our website or interact with online services, we may collect:

  • IP address
  • Browser type
  • Device information
  • Operating system
  • Referring pages
  • Pages viewed
  • Date and time of access
  • Clickstream or interaction data
  • Approximate location based on IP address
  • Cookie and similar tracking information

F. Payment and Billing Information

If applicable, we may collect or process billing-related information such as:

  • Billing contact information
  • Subscription or service plan information
  • Invoice details
  • Payment status
  • Transaction records

Payment card or banking information may be processed by third-party payment providers. Telhawk does not intend to store full payment card numbers unless expressly stated through the applicable payment process.

G. Information from Partners and Third Parties

We may receive information from:

  • Referral partners
  • Resellers or distributors
  • Managed service providers
  • Cybersecurity consultancies
  • Technology integration partners
  • Public business sources
  • Security or compliance service providers

This may include business contact information, lead information, service context, or customer-request details.

2. How We Use Information

We may use information to:

  • Provide, operate, and improve Telhawk services
  • Evaluate, scope, and deliver security audits
  • Review code, APIs, AI agents, access paths, remediation efforts, and related technical materials
  • Generate proof-backed findings, remediation guidance, validation records, and audit reports
  • Communicate with customers, partners, investors, and website visitors
  • Respond to inquiries and support requests
  • Manage accounts, authentication, permissions, and service access
  • Prepare proposals, statements of work, invoices, and service documentation
  • Validate corrected code, configurations, permissions, or agent workflows
  • Improve service quality, workflow reliability, and user experience
  • Protect our systems, customers, users, and services from misuse, fraud, abuse, or security threats
  • Comply with legal, contractual, regulatory, accounting, and security obligations
  • Enforce agreements and protect Telhawk’s rights
  • Develop internal analytics and business intelligence
  • Send business communications, subject to applicable law and opt-out rights

3. How We Use Customer Code and Technical Materials

Telhawk understands that source code, repositories, API details, AI-agent workflows, security findings, and remediation materials may be highly sensitive.

Unless otherwise agreed in writing, Telhawk uses customer code and technical materials only to provide, secure, support, validate, and improve the services requested by the customer.

Telhawk does not sell customer source code or customer security findings.

Telhawk does not publicly disclose customer vulnerabilities, customer code, or customer security reports without authorization, except where required by law.

Telhawk may use limited metadata, aggregated information, de-identified information, or operational learnings to improve services, security workflows, reporting formats, and detection methodologies, provided such use does not identify the customer or expose customer confidential information.

4. AI-Assisted Review and Automated Processing

Telhawk may use artificial intelligence, machine learning, large language models, automated analysis tools, static or dynamic analysis techniques, security review workflows, and proprietary systems, including Galen, to assist with security analysis and validation.

AI-assisted workflows may be used to:

  • Organize technical evidence
  • Analyze code paths and data flows
  • Identify potential missing controls
  • Evaluate API and permission behavior
  • Support remediation guidance
  • Support validation review
  • Improve report clarity
  • Reduce unsupported or duplicative findings

Telhawk may use third-party AI or cloud infrastructure providers when necessary to provide services. Where customer code or sensitive technical materials are involved, Telhawk seeks to apply appropriate contractual, technical, and organizational safeguards based on the engagement and service model.

Telhawk does not intend to use customer-submitted source code or confidential technical materials to train public AI models unless expressly authorized in writing by the customer.

5. Cookies and Similar Technologies

We may use cookies, pixels, analytics tools, and similar technologies to:

  • Operate the website
  • Remember preferences
  • Understand site usage
  • Improve website performance
  • Measure marketing effectiveness
  • Detect misuse or security threats

You may be able to control cookies through your browser settings. Some website features may not function properly if cookies are disabled.

If required by applicable law, we may provide additional cookie notices or consent tools.

6. How We Disclose Information

We may disclose information to the following categories of recipients.

A. Service Providers

We may share information with service providers that support our business, such as:

  • Hosting and cloud infrastructure providers
  • Communication and collaboration tools
  • Customer relationship management systems
  • Analytics providers
  • Payment processors
  • Security tools
  • AI, code-analysis, or infrastructure providers
  • Professional advisors

These providers are authorized to use information only as needed to provide services to Telhawk, subject to applicable contractual obligations.

B. Customers and Authorized Users

For customer engagements, information may be disclosed to authorized customer users, administrators, security personnel, developers, or designated recipients according to the customer’s instructions and applicable agreements.

C. Partners and Channel Relationships

If a customer engages Telhawk through a partner, reseller, distributor, MSP, MSSP, consultancy, or other channel relationship, we may share relevant business, service, audit-status, or delivery information with that partner as appropriate for the engagement and subject to applicable agreements.

D. Legal and Compliance Purposes

We may disclose information if we believe it is necessary to:

  • Comply with law, regulation, subpoena, court order, or legal process
  • Respond to lawful requests by public authorities
  • Enforce our agreements and policies
  • Protect the rights, property, safety, or security of Telhawk, our customers, users, or others
  • Investigate, prevent, or address fraud, abuse, or security incidents

7. Confidentiality and Security

Telhawk uses reasonable administrative, technical, and organizational safeguards designed to protect information from unauthorized access, disclosure, alteration, and destruction.

Security measures may include:

  • Access controls
  • Role-based permissions
  • Encryption where appropriate
  • Secure transmission
  • Logging and monitoring
  • Vendor security review
  • Internal confidentiality practices
  • Segmentation of customer materials
  • Secure deletion or retention procedures
  • Incident-response procedures

No method of transmission or storage is completely secure. Telhawk cannot guarantee absolute security, but we work to maintain safeguards appropriate to the sensitivity of the information we process.

8. Data Retention

We retain information for as long as reasonably necessary to:

  • Provide services
  • Complete audits and validation reviews
  • Maintain customer records
  • Comply with legal, regulatory, contractual, accounting, and security obligations
  • Resolve disputes and enforce agreements

Customer code, submitted technical materials, audit artifacts, and reports may be retained according to the applicable service agreement, statement of work, customer instructions, or Telhawk retention policies.

Customers may request deletion or return of certain materials, subject to legal, security, backup, audit, contractual, and operational limitations.

9. Customer Responsibilities

Customers are responsible for ensuring they have the right to submit or authorize access to code, repositories, logs, API information, AI-agent workflows, data samples, or other materials provided to Telhawk.

Customers should avoid submitting unnecessary personal information, production secrets, credentials, private keys, regulated personal data, or sensitive customer data unless required for the engagement and authorized under the applicable agreement.

If production data, secrets, credentials, or regulated data are required for a review, customers should coordinate with Telhawk to determine an appropriate secure submission and handling process.

10. Personal Information in Code, Logs, or Technical Materials

Code, logs, configuration files, screenshots, sample data, or other technical materials submitted to Telhawk may contain personal information. Telhawk processes such materials as part of the security review engagement and treats them as confidential customer materials, subject to the applicable agreement and this Privacy Policy.

11. International Data Transfers

Telhawk may process information in the United States and other locations where Telhawk, its affiliates, service providers, or infrastructure providers operate.

If required by applicable law, Telhawk may use appropriate transfer mechanisms or contractual safeguards for international data transfers.

12. Your Privacy Choices and Rights

Depending on your location and applicable law, you may have rights regarding your personal information, such as the right to:

  • Request access to personal information
  • Request correction of inaccurate personal information
  • Request deletion of personal information
  • Request portability of certain information
  • Object to or restrict certain processing
  • Opt out of certain marketing communications
  • Withdraw consent where processing is based on consent
  • Appeal certain privacy-rights decisions where applicable

To make a privacy request, contact us using the information in the “Contact Us” section below.

We may need to verify your identity before responding. Some information may be exempt from deletion or access requests due to legal, security, confidentiality, contractual, or operational limitations.

13. Marketing Communications

If you receive marketing communications from Telhawk, you may opt out by following the unsubscribe instructions included in the communication or by contacting us. We may still send service-related, transactional, or legally required communications.

14. California Privacy Notice

California residents may have additional rights under California privacy law, including rights to know, access, correct, delete, and opt out of certain sharing or sales of personal information.

Telhawk does not sell customer source code or customer security findings.

Telhawk does not intend to sell personal information as “sale” is commonly understood. If Telhawk engages in activities that constitute “sale” or “sharing” under applicable California law, Telhawk will provide required notices and opt-out mechanisms.

California residents may submit privacy requests using the contact information below.

15. Children’s Privacy

Telhawk’s website and services are intended for business and professional users. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 without appropriate consent, we will take steps to delete it.

16. Third-Party Websites and Integrations

Our website or services may link to or integrate with third-party websites, products, or services. Telhawk is not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

17. Security Incident Handling

Telhawk maintains procedures designed to identify, investigate, and respond to security incidents involving Telhawk systems. Where required by law or contract, Telhawk will provide appropriate notifications regarding security incidents that affect personal information or customer materials.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated policy will be posted on our website with a revised “Last Updated” date. If changes are material, we may provide additional notice as required by law.

19. Contact Us

For privacy questions, privacy-rights requests, data-protection inquiries, customer inquiries, or general business inquiries, contact:

Telhawk Systems
General inquiries: sales@telhawk.com
Partnership inquiries: Partnerships@telhawk.com

20. Security Contact

For responsible disclosure, vulnerability reports, or security-related concerns involving Telhawk systems, contact:

support@telhawk.com

Please do not submit sensitive customer code, credentials, secrets, or vulnerability details through unsecured channels.