DarkStar Intelligence – Privacy Policy

Last Updated: December 1, 2025


DarkStar Intelligence (“DarkStar,” “we,” “us,” or “our”) provides intelligence analysis, cybersecurity, national security support, and related services to U.S. Government clients and commercial partners (the “Services”). This Privacy Policy describes how we collect, use, disclose, and protect personal information obtained through:

  • Our corporate website;
  • Online platforms, portals, or forms we operate;
  • Recruitment, subcontractor engagement, events, or other business interactions.

This Privacy Policy does not apply to information processed strictly on behalf of U.S. Government customers under contract (e.g., Controlled Unclassified Information (CUI), Covered Defense Information (CDI)). Such information is governed by federal regulations, contract clauses, and security requirements, including but not limited to NIST SP 800‑171 and DFARS safeguarding obligations.

Our Services are designed for professional, commercial, and government use. All personal information covered by this Privacy Policy is treated as relating to individuals acting in an official or business capacity.


1. Personal Information We Collect

Information You Provide to Us

We may collect:

  • Business Contact Information: Name, job title, organization, email address, mailing address, phone number.
  • Communications: Contents of emails, forms, inquiries, and other messages you send.
  • Applicant & Recruiting Data: Resumes, work history, education, certifications, voluntary security clearance information, and other data submitted when applying for a position.
  • Vendor & Subcontractor Information: Contact details, compliance documentation, certifications, and contractual information.
  • Marketing Preferences: Your choices regarding newsletters, briefings, or event communications.

Automatic Data Collection

We may automatically collect information including:

  • Device & Technical Data: IP address, browser type, operating system, device identifiers, and approximate location.
  • Usage Data: Website pages viewed, time on site, navigation patterns, and interactions with emails or content.

We may use:

  • Cookies
  • Local storage technologies
  • Pixel tags / web beacons

You may manage these through your browser settings.


2. How We Use Personal Information

We use personal information to:

Operate and Improve Our Services

  • Maintain, secure, and support our website and systems
  • Respond to inquiries or support requests
  • Personalize and enhance user experience

Recruitment and Contract Engagement

  • Evaluate applicants for employment or contracting opportunities
  • Manage onboarding and talent acquisition processes

Business Operations

  • Manage subcontractors, partners, vendors, and compliance verifications
  • Conduct internal analytics, planning, and reporting

Legal, Contractual, and Compliance Purposes

  • Comply with applicable laws and lawful requests
  • Meet regulatory obligations under federal contracting rules
  • Investigate or prevent fraud, cybersecurity threats, or other unlawful activity

Creation of De‑Identified Data

We may create aggregated or de‑identified data, which is not reasonably capable of identifying an individual, for lawful business purposes.

We do not sell personal information.
We do not share mobile numbers or SMS opt‑in information with third parties for marketing.


3. How We Share Personal Information

We may share information with:

  • Service Providers
  • Companies supporting our operations (e.g., hosting, analytics, applicant tracking, communications, background checks).
  • Government Agencies
  • When contractually required, legally mandated, or necessary to report certain cybersecurity incidents.
  • Professional Advisors
  • Legal counsel, auditors, insurers, and compliance specialists.
  • Business Transaction PartiesIn connection with a merger, acquisition, restructuring, or sale of assets.

We do not share personal information with third parties for their own marketing or advertising.


4. Your Privacy Choices

  • Review or Update Information
  • You may request access or updates by contacting us.
  • Opt‑Out of Marketing
  • You may unsubscribe using links in marketing emails or by contacting us directly.
  • Manage Online Tracking
  • You may adjust browser or device settings to limit cookies or tracking technologies.
  • Limitations
  • Some requests cannot be fulfilled where restricted by:
  • Law

Government contract requirements

Security or confidentiality obligations


5. Information Security

DarkStar Intelligence uses administrative, physical, and technical safeguards designed to protect personal information. Despite these measures, no security system is fully immune from risk.


6. Federal Security Requirements & NIST SP 800‑171 Compliance

For contracts involving Controlled Unclassified Information (CUI), Covered Defense Information (CDI), or other protected data, DarkStar Intelligence implements safeguards consistent with U.S. Government requirements.

Compliance Frameworks

DarkStar Intelligence maintains compliance with applicable federal security regulations, including:

NIST SP 800‑171: Protecting CUI in Nonfederal Systems

We maintain controls aligned with NIST 800‑171 requirements, including:

  • Access control and multifactor authentication
  • Encryption for data at rest and in transit
  • Incident detection, response, and reporting
  • Configuration and patch management
  • Audit logging and continuous monitoring
  • Personnel screening and security awareness
  • Regular risk assessments and security reviews

We maintain a System Security Plan (SSP) and Plan of Action & Milestones (POA\&M) as required.

DFARS 252.204‑7012 Safeguarding & Cyber Incident Reporting

When required under Department of Defense contracts, we:

  • Implement DFARS 252.204‑7012 controls
  • Report cyber incidents to DoD within required timeframes
  • Share forensic data with DoD Cyber Crime Center (DC3) when applicable
  • Use only FedRAMP‑authorized cloud systems for CUI

CMMC Alignment & Subcontractor Oversight

We maintain processes aligned with CMMC requirements, including:

  • SPRS score management
  • Documented cybersecurity policies
  • Vendor and subcontractor compliance verification

Subcontractors with access to CUI must also comply with NIST SP 800‑171 or relevant federal standards.


7. Children’s Privacy

Our Services are not intended for individuals under 18. 

If we learn we have collected information from a minor, we will delete it promptly.


8. Data Retention

We retain personal information only as long as necessary to:

  • Fulfill the purposes for which it was collected
  • Comply with legal or regulatory obligations
  • Support contract performance
  • Maintain security and prevent fraud

Retention periods vary based on data type and applicable requirements.


9. Cross‑Border Data Processing

DarkStar Intelligence is headquartered in the United States. Personal information is processed within the U.S. If international transfers occur, appropriate safeguards will be applied per applicable law.


10. Changes to This Policy

We may update this Privacy Policy periodically. Material updates will be posted to our website with a revised effective date.


11. Contact Us

If you have questions about this Privacy Policy or would like to exercise your privacy rights, you may contact us at:


DarkStar Intelligence
Email: HR@darkstarintel.com