Privacy Policy
Last Updated: October 19, 2025
1. Information We Collect
We collect the following information:
- Account Information: Email address, password (hashed)
- Usage Data: API calls, login times, IP addresses
- Threat Data: Threat detection results and metadata
- Integration Data: OAuth tokens (encrypted), API keys (encrypted)
2. How We Use Your Information
- Provide threat detection services
- Improve our AI models and detection accuracy
- Send security alerts and notifications
- Comply with legal obligations
3. Data Security
We implement industry-standard security measures:
- All data encrypted in transit (HTTPS/TLS 1.3)
- Sensitive data encrypted at rest (AES-256)
- OAuth tokens and API keys encrypted in database
- Complete audit trail of all data access
4. Data Retention
- We do NOT store raw logs from your integrations
- We store threat detection results and metadata
- You can delete your data at any time
- Data deleted within 30 days of account termination
5. Your Rights (GDPR & CCPA)
You have the right to:
- Access: Request a copy of your data
- Delete: Request deletion of your data
- Export: Download your data in machine-readable format
- Revoke: Revoke integration access at any time
- Object: Object to data processing
6. Data Sharing
We do NOT sell your data. We only share data with:
- Cloud infrastructure providers (AWS/Azure/GCP) for hosting
- Law enforcement when legally required
7. Cookies
We use essential cookies for:
- Session management (login)
- Security (CSRF protection)
8. International Data Transfers
Your data may be processed in the United States or European Union. We comply with GDPR for EU data.
9. Children's Privacy
Our service is not intended for users under 18 years old.
10. Changes to This Policy
We will notify you of any material changes via email.
11. Contact Us
For privacy questions or to exercise your rights:
Email: privacy@cybereye.ai