Privacy Policy

Last updated: November 13, 2025

1) Who we are and scope

Dragonfli Group LLC (“Dragonfli,” “we,” “us,” “our”) provides cybersecurity and AI consulting services to business clients. This Privacy Policy explains how we collect, use, share, and protect personal information on dragonfligroup.com and related pages that link to this policy.

2) Not directed to children

Our website and services are intended for business users. We do not knowingly collect personal information from children under 13. If you believe a child provided personal information, contact us and we will delete it.

3) What data we collect

We collect the following categories of information, depending on how you interact with us:

  • Contact and Identity Data: name, company, job title, email, phone, mailing address.

  • Business Relationship Data: company size, industry, project context, contract details, communications.

  • Technical and Usage Data: IP address, device and browser type, operating system, pages viewed, referring URLs, timestamps, interaction logs, and cookie identifiers.

  • Marketing Preferences: newsletter opt-ins, event registrations, campaign responses.

  • Support and Inquiry Content: messages and files you send via forms or email.

We do not collect sensitive personal information through the website.

4) How we collect data

  • Directly from you: when you submit forms, book meetings, download content, or contact us.

  • Automatically: through cookies and similar technologies when you visit our site.

  • From third parties: limited business-context data from tools you use to engage us, conference platforms, or publicly available business sources.

5) Why we use data (lawful bases)

We use personal information to:

  • Operate and improve our site and services.

  • Respond to inquiries, schedule meetings, and send transactional notices.

  • Perform analytics that help us understand site performance and content effectiveness.

  • Send marketing communications where permitted.

  • Protect our rights, comply with legal obligations, and enforce agreements.

Legal bases include legitimate interests in operating a B2B website, performance of a contract when applicable, consent for marketing where required, and legal compliance.

6) Cookies and similar technologies

We use cookies, pixels, and local storage to run the site and understand usage.

Categories we use

  • Strictly Necessary: core site operations and security.

  • Functional: remember preferences.

  • Analytics/Performance: aggregated usage and traffic measurement.

  • Advertising (if present): only if we ever run retargeting. Currently not in use.

Managing cookies
On first visit, you can accept, reject, or manage non-essential cookies. You can also change preferences anytime through the “Cookie Preferences” link in the footer. You may set your browser to block or delete cookies; some site features may not work without certain cookies.

Examples of cookies

  • Analytics cookie: tracks pages visited and time on page.

  • Preference cookie: remembers your consent choices.

7) Do Not Track (DNT)

Some browsers transmit a “Do Not Track” signal. There is no consistent industry standard for responding to DNT. We currently do not change our data practices when we detect DNT signals. You can control cookies through the preferences tools described above.

8) Sharing your information

We do not sell personal information. We share limited data with service providers that support our site and operations, such as:

  • Hosting and cloud infrastructure

  • Website analytics

  • Customer relationship management and email tools

  • Security and performance monitoring

These providers are bound by contracts to use data only under our instructions and to protect it appropriately.

International transfers
If data is transferred outside your jurisdiction, we use appropriate safeguards such as Standard Contractual Clauses or other approved mechanisms. Details are available on request.

9) How we protect and store data

  • Encryption in transit and at rest: TLS 1.2+ for data in transit and industry-standard encryption for data at rest.

  • Passwords: never stored in plain text; strong, one-way hashing with salt where applicable.

  • Access controls: role-based access, least privilege, multi-factor authentication for administrative systems.

  • Transport-layer protections on the website: HTTPS is enforced, and we use HTTP Strict Transport Security.

  • Retention: we keep personal information only as long as needed for the purposes above, to meet legal or contractual requirements, and then delete or de-identify it following documented schedules.

10) Your privacy rights

Depending on your location, you may have the right to:

  • Access your personal information.

  • Correct inaccurate data.

  • Delete your data.

  • Restrict or object to certain processing.

  • Port your data to another provider.

  • Withdraw consent where consent was the legal basis.

  • Not be subject to decisions based solely on automated processing that have legal or similar significant effects.

We will respond within one month or as required by law. Some rights may be subject to limitations.

How to exercise your rights
Email: privacy@dragonfligroup.com
Web form: dragonfligroup.com/privacy-request
Mail: Dragonfli Group LLC, 300 New Jersey Avenue NW, Suite 900, Washington, DC 20001, USA

11) Regional disclosures

  • EEA/UK: Dragonfli is a controller for website data. We rely mainly on legitimate interests and consent where required. International transfers use approved safeguards.

  • California: We do not sell or share personal information for cross-context behavioral advertising. You can exercise the rights listed above through our contact methods.

12) Contact our Privacy Officer

Questions, requests, or complaints: privacy@dragonfligroup.com
Mail: Dragonfli Group LLC, Attn: Privacy Officer, 300 New Jersey Avenue NW, Suite 900, Washington, DC 20001, USA

13) Changes to this policy

We may update this policy from time to time. We will post updates here and revise the “Last updated” date. For material changes, we will provide a prominent notice on the site and, where appropriate, notify registered contacts by email before the changes take effect.