Privacy Commitment
How we handle data
We collect the minimum data needed to deliver service quality, maintain security, and meet legal obligations. We do not sell data or use it for unrelated advertising.
Data we process
- Operational signals: alarms, logs, device health, and operator actions from your environments.
- Account data: user identity, roles, contact details for administrators and operators.
- Support context: tickets, chat or email threads, and diagnostics you choose to share.
How we use it
- Operate and improve CRaaS features, detection quality, and analyst workflows.
- Secure the platform, including fraud prevention, incident response, and auditing.
- Comply with contracts and applicable law, including safeguarding requests.
What we avoid
- No selling or renting of customer data.
- No training of unrelated AI models using your identifiable data.
- No sharing with subprocessors without contractual safeguards and purpose limitation.
Retention & deletion
We retain operational data only for the period needed to provide service, meet audit requirements, and fulfill legal obligations. Upon contract end or request, we delete or de-identify data unless retention is legally required.
Location & transfers
Data may be processed in the regions where we operate control rooms and cloud infrastructure. Cross-border transfers follow contractual safeguards (such as SCCs) and security controls equivalent to production standards.
Your controls
We support access, correction, export, and deletion requests in line with applicable data protection laws. Privacy inquiries: [email protected].
Terms of Service
How we work together
These principles summarize the commercial terms that accompany our service agreements. They do not replace signed contracts.
Scope of service
CRaaS provides monitoring, verification, correlation, and incident facilitation. Exact playbooks, SLAs, and coverage hours are defined in your order forms or statements of work.
Customer responsibilities
You provide accurate system access, maintain lawful data collection, and ensure your users follow acceptable use. You remain the controller/owner of your source systems and content.
Security & incidents
We maintain administrative, technical, and physical safeguards aligned to industry standards. If we detect a security incident impacting your data, we notify you without undue delay and coordinate response.
Availability & maintenance
Planned maintenance windows are communicated in advance. We commit to commercially reasonable uptime targets and redundancy. Credits or remedies are described in the service schedule.
Data ownership
You retain all rights to your data. We receive only a limited, non-exclusive right to process it for delivering the services and improving platform reliability.
Acceptable use
Service may not be used to violate law, infringe others' rights, or attempt unauthorized access to systems. We may suspend accounts to protect the platform or comply with legal requirements.
Legal & Governance
Accountability you can rely on
These summaries highlight common legal positions. Definitive obligations are contained in mutually executed agreements.
Compliance posture
We align controls to recognized frameworks and conduct regular security reviews. Data protection addenda, SCCs, and confidentiality agreements are available upon request.
Liability & indemnity
Each party is responsible for its own negligence and willful misconduct. Liability caps, exclusions, and mutual indemnities are defined in the master service agreement.
Records & audit
We maintain operational logs and audit trails for service delivery. Customer or third-party assessments can be supported subject to reasonable notice and confidentiality protections.
Business continuity
Disaster recovery and continuity plans are tested periodically. Critical services run in redundant environments to sustain monitoring and escalation during regional disruptions.
Government requests
We scrutinize and narrow governmental or law-enforcement requests, requiring lawful process and notifying customers where allowed.
Next steps
Need a signed agreement or DPA?
Reach our legal and privacy team for tailored terms, data processing addenda, or security artifacts.