Privacy Policy

Last Updated: 23 January 2026

Bytewerk FZE ("we", "us", "our") offers a business intelligence platform through which businesses can obtain defense market intelligence and analytics (the "Services"). This Privacy Policy explains how we process personal information that is submitted to us through our Services or otherwise collected, stored, used, disclosed, or processed by us.

This Privacy Policy describes our practices for collecting, storing, using, disclosing, and otherwise processing personal information in relation to visitors to Defsight.com ("Website"), our marketing activities, and Customers' use and access of our Services.

We are committed to complying with the EU General Data Protection Regulation (GDPR), applicable U.S. federal and state privacy laws (including CCPA/CPRA), and other applicable international data protection laws.

You can exercise your privacy rights by contacting us at data@defsight.com. This is the fastest way to access your information or have it deleted from our systems.

1. Data Controller

Bytewerk FZE
Al Smookh Business Center
Umm Al Quwain, United Arab Emirates
Email: data@defsight.com

For GDPR purposes, Bytewerk FZE acts as the Data Controller.

2. Scope

This Privacy Policy applies to:

  • Visitors of the Website
  • Registered users with authenticated accounts
  • Subscribers to newsletters, intelligence products, and briefings
  • Customers, partners, and prospects
  • Users interacting with us via email, forms, events, or webinars

Defense Industry Context

Defsight.com operates as a business-to-business defense market intelligence and analytics platform. The Services rely exclusively on open-source information, publicly available data, and commercial and corporate disclosures.

Defsight.com does not collect, process, store, or handle classified information, controlled military data, or government-restricted material.

This Privacy Policy does not apply to third-party websites or services linked from our Website.

3. Personal Data We Collect

Data You Provide Directly

We collect strictly business and contact data only. We do not collect classified information or special categories of personal data.

This includes:

  • Full name, business email address, company name
  • Job title and professional role
  • Country and business location
  • Account credentials (username, encrypted password)
  • Billing details necessary for invoicing (processed via Stripe)
  • Communications with us (support requests, emails, forms)

Account and Authentication Data

When you create a DefSight account, we process login credentials, account status, subscription tier, and usage metadata. Passwords are stored using industry-standard hashing and are never stored in plain text.

Data Collected Automatically

When you access the Website, we may automatically collect IP address, browser type and version, device and operating system information, pages visited and interaction data, referral URLs, and cookie identifiers.

Analytics and Marketing Data

We use Google Analytics to understand Website usage and LinkedIn Insight Tag for B2B analytics and advertising measurement. These tools may collect online identifiers and usage data subject to your cookie consent preferences.

4. Legal Bases for Processing (GDPR)

We process personal data under the following legal bases:

  • Contractual necessity (Article 6(1)(b)) – to create and manage user accounts, subscriptions, and paid Services
  • Consent (Article 6(1)(a)) – for newsletters, marketing communications, and non-essential cookies
  • Legal obligation (Article 6(1)(c)) – accounting, tax, and compliance obligations
  • Legitimate interests (Article 6(1)(f)) – operating a B2B intelligence platform, ensuring security, improving Services, and conducting limited B2B marketing

We do not rely on legitimate interest for intrusive tracking or unsolicited mass marketing.

5. How We Use Personal Data

We use personal data to:

  • Create, manage, and secure user accounts
  • Provide access to intelligence products, reports, and dashboards
  • Process payments and subscriptions via Stripe
  • Deliver newsletters, product updates, and marketing communications
  • Respond to inquiries and provide customer support
  • Analyze platform usage and improve functionality
  • Maintain platform security and prevent fraud or misuse
  • Comply with legal, regulatory, and contractual obligations
6. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential Website functionality and security
  • Analytics and performance measurement (Google Analytics)
  • B2B marketing and advertising measurement (LinkedIn Insight Tag)

For users in the European Union and European Economic Area, we implement a cookie consent manager that allows you to accept or reject non-essential cookies before they are placed.

You may also manage cookies through your browser settings at any time.

7. Data Sharing and Disclosure

We may share personal data with:

  • Stripe – for payment processing and subscription management
  • Cloud hosting and infrastructure providers
  • Analytics and marketing providers (Google, LinkedIn)
  • Email delivery and CRM service providers
  • Professional advisors (legal, tax, accounting)
  • Authorities or regulators where legally required

We do not sell personal data and do not share personal data for cross-context behavioral advertising within the meaning of U.S. state privacy laws.

8. International Data Transfers

Bytewerk FZE is based in the United Arab Emirates. Personal data may be processed in the UAE, the European Union, and the United States.

Where required under GDPR, international transfers are safeguarded using:

  • European Commission-approved Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Additional technical and organizational safeguards
9. Data Retention

We retain personal data only as long as necessary to:

  • Fulfill the purposes outlined in this Policy
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

Retention periods vary depending on data type and legal requirements.

10. Your Rights

GDPR Rights (EEA / UK)

You have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request erasure (where legally applicable)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

U.S. Privacy Rights

Depending on your U.S. state of residence (including California), you may have the right to:

  • Know what personal information we collect and use
  • Request deletion or correction of personal information
  • Opt out of certain data uses

We do not discriminate against users for exercising privacy rights. Requests can be submitted to data@defsight.com.

11. Data Security

We implement appropriate technical and organizational measures to protect personal data, including secure hosting environments, access controls, and encryption where appropriate.

However, no system is 100% secure, and we cannot guarantee absolute security.

12. Children's Privacy

Defsight.com is a business-to-business platform and is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors.

13. Third-Party Services

Our Website may include links to third-party services. We are not responsible for their privacy practices. Please review their privacy policies separately.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised "Last updated" date.

15. Contact

For questions, requests, or complaints regarding this Privacy Policy or data protection matters, contact:

Bytewerk FZE
Al Smookh Business Center
Umm Al Quwain, United Arab Emirates
Email: data@defsight.com

You also have the right to lodge a complaint with your local data protection authority if you are located in the EU or UK.