CyberVault Privacy Policy

1. Introduction

CyberVault ("we," "our," or "us") operates the cybersecurity platforms, services, and websites offered by CyberVault Inc. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our services, visit our website, or interact with our solutions. By accessing or using our services, you agree to the terms of this policy.

Note: As a cybersecurity provider, we handle sensitive data with the highest industry standards. Our security measures comply with ISO 27001, SOC 2 Type II, and GDPR frameworks.

2. Information We Collect

We collect information to provide, improve, and secure our services. This includes:

Account Information: Name, email address, company name, job title, and contact details provided during registration or onboarding.
Technical & Usage Data: IP addresses, device identifiers, browser types, log files, API usage metrics, and interaction patterns within our platform.
Security Data: Threat telemetry, system logs, vulnerability scan results, and network traffic metadata necessary for threat detection and incident response.
Payment Information: Billing addresses and payment method details (processed securely by PCI-DSS compliant third-party processors).
Communications: Records of customer support tickets, emails, and feedback you voluntarily provide.

3. How We Use Your Information

We use collected data strictly for the following purposes:

Delivering, maintaining, and improving our cybersecurity platforms and services
Detecting, preventing, and responding to malicious activity, fraud, or security breaches
Generating compliance reports, threat intelligence dashboards, and security analytics
Processing transactions and managing billing
Providing customer support and responding to inquiries
Sending service updates, security advisories, and product announcements (with opt-out options where required)
Ensuring regulatory compliance and legal obligations

4. Information Sharing & Disclosure

We do not sell or rent your personal information. We may share data only in the following circumstances:

Service Providers: Trusted third-party vendors who assist with hosting, analytics, payment processing, or customer support (bound by strict data processing agreements).
Legal Requirements: When required by law, subpoena, or governmental request, or to protect the rights, property, or safety of CyberVault, our users, or others.
Business Transfers: In connection with a merger, acquisition, or sale of assets, where user data may be transferred as part of the transaction.
Security Incidents: When necessary to investigate, mitigate, or prevent active cyber threats affecting our infrastructure or clients.

5. Data Security

Protecting your data is central to our mission. We implement industry-leading security measures including:

End-to-end encryption (AES-256) for data at rest and in transit
Zero-trust architecture and multi-factor authentication (MFA) for all internal systems
Regular third-party penetration testing and vulnerability assessments
Continuous monitoring via our 24/7 Security Operations Center (SOC)
Strict access controls, role-based permissions, and audit logging

While we employ commercially reasonable safeguards, no system is 100% impervious. We encourage you to maintain strong password practices and promptly report any suspected breaches.

6. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access & Portability: Request a copy of your data in a machine-readable format
Correction: Update or rectify inaccurate information
Deletion: Request removal of your data (subject to legal retention requirements)
Opt-Out: Unsubscribe from marketing communications at any time
Restriction & Objection: Limit processing or object to certain data uses

To exercise these rights, contact our Data Protection Officer at privacy@cybervault.com. We will respond within 30 days as required by applicable law.

7. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce agreements. Log data and security telemetry may be retained for up to 365 days for threat analysis and forensic purposes, after which it is anonymized or securely destroyed.

8. International Data Transfers

CyberVault operates globally. Your data may be transferred to and processed in countries other than your own, including the United States. Where applicable, we rely on Standard Contractual Clauses (SCCs), adequacy decisions, or binding corporate rules to ensure cross-border transfers meet strict privacy standards.

9. Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If we discover that we have inadvertently collected such data, we will take immediate steps to delete it. Parents or guardians who believe their child has provided information should contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. Material changes will be communicated via email or prominent notice on our platform. The "Last Updated" date at the top of this page indicates when the most recent changes were made.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out:

Email privacy@cybervault.com

Mail CyberVault Inc., 100 Security Blvd, Suite 400, San Francisco, CA 94107, USA

Phone (800) 555-SECURE

DPO Portal Submit a Data Request