Privacy Policy

1. Information We Collect

Website Visitor Information

We may collect limited personal identification information from you when you visit our website, sign up for our waitlist, or fill out our contact form:

• Name
• Email address
• Organization type

Customer Information

When you become a customer of ThreatScout's platform services, we may collect additional information necessary for providing services, billing, and support, including but not limited to:

• Company name and address
• Billing information
• Phone numbers
• User account details
• Contract and subscription information

Platform Usage Data

When you use the ThreatScout platform, we may collect certain information automatically, including:

• Log data (queries executed, features used, timestamps)
• Device information (IP address, browser type, operating system)
• Usage patterns and preferences

Security Data Processing

ThreatScout provides the infrastructure and tools for you to process your security-related data. As a platform provider, we do not monitor, access, or view your security data. Examples of security data that may be processed by you through our platform include:

• Logs and alerts from your connected security tools
• Your organization's threat intelligence data
• Incident response information managed by your team
• Query results and analytics output generated by your security staff

Data Privacy Commitment: ThreatScout personnel do not access, view, or monitor your security data at any time except in specific technical support scenarios with your explicit permission. Each enterprise client is provisioned with their own dedicated AWS infrastructure to ensure complete data isolation. This architecture ensures your security data remains under your exclusive control.

2. How We Use Your Information

We may use the information we collect from you for the following purposes:

• To provide, operate, and maintain our website and services
• To improve, personalize, and expand our website and services
• To understand and analyze how you use our website and services
• To develop new products, services, features, and functionality
• To communicate with you, including for customer service, updates, and marketing purposes
• To process transactions and send related information
• To generate anonymized and aggregated analytics and reports
• To detect, prevent, and address technical issues and security incidents
• For compliance with legal obligations

3. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

Our security practices include, but are not limited to:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest
• Regular security assessments and penetration testing
• Access controls and authentication requirements
• Monitoring for unauthorized access attempts
• Regular security patches and updates
• Employee security training and awareness

4. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

For platform usage data and security data, retention periods may vary based on:

• Contractual agreements with customers
• Regulatory and compliance requirements
• Security best practices
• Operational needs for threat analysis and incident response

5. Your Data Protection Rights

Depending on your location, you may have certain rights regarding your personal information, including:

• The right to access – You have the right to request copies of your personal data.
• The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability – You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

If you would like to exercise any of these rights, please contact us at [email protected].

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device.

We use the following types of cookies:

• Essential cookies – Necessary for the basic functionality of our website.
• Preference cookies – Allow us to remember your preferences and settings.
• Analytics cookies – Help us understand how visitors interact with our website.
• Marketing cookies – Used to track visitors across websites to enable targeted advertising.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website.

7. Third-Party Disclosure

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties except as described below:

• Service providers – Companies that assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
• Business transfers – In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
• Legal requirements – We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, judicial proceedings, court orders, or legal process.
• Protection of rights – We may disclose information to protect our rights, privacy, safety, or property, or that of our users or others.

8. International Data Transfers

Your information, including personal data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States and process it there.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

9. Enterprise Use Only

ThreatScout is an enterprise security platform designed exclusively for business and organizational use. Our Services are not available for personal consumer use or general public sign-up.

Access to ThreatScout is strictly controlled and limited to approved enterprise customers through our formal onboarding process. Each customer environment is provisioned with dedicated infrastructure after contract execution. By accessing or using ThreatScout, you represent and warrant that you are an authorized user within an approved enterprise organization that has entered into a service agreement with ThreatScout.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• By email: [email protected]
• By mail: ThreatScout, Inc.