Privacy Policy
Last Updated: October 24, 2025
At CyberVault, your privacy and data security are foundational to everything we do. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cybersecurity platform, visit our website, or engage with our services. We are committed to maintaining the highest standards of data protection in compliance with applicable laws including GDPR, CCPA, and industry security frameworks.
1. Information We Collect
We collect information to provide, improve, and secure our cybersecurity services. This includes:
1.1 Personal Information
Name, email address, phone number, company name, job title, and billing details provided during account registration, subscription, or support interactions.
1.2 Usage & Telemetry Data
Platform interaction logs, feature usage patterns, device identifiers, IP addresses, browser types, and security telemetry necessary to monitor threats and optimize performance.
1.3 Security & Compliance Data
Network traffic metadata, authentication logs, vulnerability scan results, and incident response artifacts collected with your explicit consent to protect your infrastructure.
1.4 Automatically Collected Data
Access logs, referrer URLs, time stamps, and geographic location data collected via standard web servers and analytics tools.
2. How We Use Your Information
Your data is processed strictly for the following purposes:
- Delivering, maintaining, and securing our cybersecurity platform and services
- Detecting, preventing, and responding to security threats and fraudulent activity
- Personalizing your dashboard experience and security recommendations
- Processing payments, managing subscriptions, and handling billing
- Providing customer support, account verification, and service communications
- Conducting security audits, compliance reporting, and threat intelligence research
- Improving our products, AI models, and threat detection algorithms (using anonymized/aggregated data)
3. Information Sharing & Disclosure
CyberVault does not sell, rent, or trade your personal information. We may share data only in the following circumstances:
- Service Providers: Trusted third parties bound by strict data processing agreements (DPA) who assist with hosting, payment processing, analytics, and customer support.
- Legal Compliance: When required by law, subpoena, court order, or governmental request to protect our rights, privacy, safety, or property.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, where we will notify you of any change in control or privacy practices.
- Security Incidents: We may share threat indicators and anonymized attack patterns with law enforcement and industry ISACs (Information Sharing and Analysis Centers) to protect the broader digital ecosystem.
4. Data Security & Protection
As a cybersecurity company, security is not just a feature—it's our core mission. We implement enterprise-grade safeguards including:
- End-to-end AES-256 encryption for data at rest and TLS 1.3 for data in transit
- Zero-trust architecture with multi-factor authentication (MFA) and role-based access controls (RBAC)
- Continuous monitoring by our 24/7 Security Operations Center (SOC)
- Regular third-party penetration testing, vulnerability assessments, and SOC 2 Type II / ISO 27001 audits
- Automated threat containment and incident response playbooks
Important: While we employ industry-leading security measures, no internet-based service can guarantee absolute security. We encourage you to use strong, unique passwords and enable MFA on all accounts.
5. Cookies & Tracking Technologies
We use cookies, web beacons, and similar technologies to:
- Authenticate sessions and maintain secure logins
- Remember your platform preferences and dashboard configurations
- Analyze traffic patterns and improve site performance
- Deliver relevant content and security alerts
You can manage cookie preferences through your browser settings. Disabling essential cookies may impact platform functionality and security features.
6. Your Rights & Choices
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Update or rectify inaccurate information
- Deletion: Request erasure of your data (subject to legal retention obligations)
- Portability: Receive your data in a structured, machine-readable format
- Restriction/Opt-Out: Limit processing or opt out of non-essential communications
- Appeal: Challenge decisions made through automated processing
To exercise these rights, contact our Data Protection Officer at privacy@cybervault.com. We will respond within 30 days as required by applicable law.
7. Children's Privacy
CyberVault services are designed for enterprise and professional use. We do not knowingly collect personal information from individuals under the age of 16. If we become aware of such data, we will take immediate steps to delete it. Parents or guardians who believe their child has provided data should contact us immediately.
8. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or industry standards. Material changes will be communicated via email, platform notification, or prominent website notice. Your continued use of our services after such changes constitutes acceptance of the updated policy.
9. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out:
Data Protection Officer
CyberVault Security Inc.
📞 (800) 555-SECURE
📍 100 Cyber Shield Drive, Suite 400, San Francisco, CA 94105