Privacy Policy

1. Data Controller

The data controller responsible for your personal data is PROACT Engineering, with registered offices in Cairo (Egypt), Dubai (UAE), and Riyadh (Saudi Arabia). For all data protection enquiries, contact us at privacy@proactengineering.com.

2. Data We Collect

We collect the following personal data when you submit the contact form on our website:

• Full name — to address you correctly in our response
• Email address — to respond to your enquiry
• Company / organisation name — to understand your context and relevant services
• Message content — to respond accurately to your specific request

We do not collect sensitive personal data (such as health, financial, or biometric data) through this website. We do not use cookies for tracking or advertising purposes beyond what is strictly necessary for the operation of this website.

3. Legal Basis for Processing

We process your personal data on the following legal bases:

• Consent (GDPR Art. 6(1)(a)): By submitting the contact form and ticking the consent checkbox, you consent to us processing your data to respond to your enquiry.
• Legitimate interests (GDPR Art. 6(1)(f)): We have a legitimate interest in responding to business enquiries sent to us.
• Contractual necessity: Where a contact leads to a service engagement, processing is necessary to perform that contract.

4. How We Use Your Data

We use your data exclusively to:

• Respond to your enquiry or service request
• Provide information about our OT cybersecurity services
• Send follow-up communications where you have consented or where a service engagement is ongoing
• Comply with applicable legal obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes.

5. Data Retention

We retain contact form submissions for a maximum of 24 months from the date of submission, or for as long as is necessary to fulfil any resulting service engagement, whichever is longer. After this period, data is securely deleted. Where a service contract is formed, data is retained for the duration of that contract plus any legally required retention period.

6. Data Security

We apply appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted communications (TLS/HTTPS), access controls, and internal data handling policies aligned with our own OT cybersecurity standards. As a specialist cybersecurity firm, we hold our own information security practices to the same high standard we recommend to clients.

7. Your Rights

Subject to applicable law, you have the right to:

• Access the personal data we hold about you
• Rectify inaccurate or incomplete data
• Erase your data ("right to be forgotten") where there is no overriding legal basis for continued retention
• Restrict processing in certain circumstances
• Data portability — receive your data in a structured, machine-readable format
• Object to processing based on legitimate interests
• Withdraw consent at any time without affecting the lawfulness of processing before withdrawal

To exercise any of these rights, contact us at privacy@proactengineering.com. We will respond within 30 days.

8. Third-Party Processors

Our website is hosted on Vercel Inc. (San Francisco, CA, USA). Vercel processes server request logs (including IP addresses) as part of normal hosting operations. Vercel is certified under the EU-US Data Privacy Framework. We do not use third-party advertising networks, social media pixels, or behavioural tracking services on this website.

9. International Transfers

Our operations span Egypt, UAE, and Saudi Arabia. Personal data submitted via this website may be accessed by staff in any of these locations as part of responding to your enquiry. All such access is subject to this Privacy Policy and applicable national data protection law. Where data is transferred from the EEA, we rely on Standard Contractual Clauses or other appropriate safeguards as required by GDPR Chapter V.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The effective date at the top of this page will reflect the date of the most recent revision. We encourage you to review this policy periodically. Material changes will be communicated via a notice on the website homepage.

11. Contact & Complaints

For any privacy-related questions or to exercise your rights, contact us at: privacy@proactengineering.com

If you are located in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority. In the UAE, complaints may be directed to the UAE Data Office. In Egypt, to the Personal Data Protection Centre (PDPC).