Privacy Policy

1. Information We Collect

1.1 Information You Provide

When you create an account, contact us, or use our services, you may provide:

• Account information: name, email address, company name, job title
• Billing information: payment method details, billing address
• Communication data: messages, feedback, and support requests
• Profile information: preferences, settings, and configurations

1.2 Information We Collect Automatically

When you use our services, we automatically collect:

• Device information: browser type, operating system, device identifiers
• Usage data: features accessed, actions taken, timestamps
• Log data: IP addresses, access times, pages viewed
• Security data: authentication logs, threat detection events

1.3 Information from Third Parties

We may receive information from business partners, identity verification services, and publicly available sources to enhance our security services.

2. How We Use Your Information

We use your information to:

• Provide, maintain, and improve our security services
• Detect, prevent, and respond to security threats
• Process transactions and send related information
• Send technical notices, updates, and security alerts
• Respond to your comments, questions, and support requests
• Communicate about products, services, and events
• Monitor and analyze trends, usage, and activities
• Comply with legal obligations and enforce our terms

3. Data Security

We implement industry-leading security measures to protect your data:

• AES-256 encryption for data at rest
• TLS 1.3 encryption for data in transit
• Zero-knowledge architecture where applicable
• Regular security audits and penetration testing
• SOC 2 Type II certified infrastructure
• Multi-factor authentication requirements
• Strict access controls and monitoring

4. Data Sharing

We do not sell your personal information. We may share data with:

• Service providers who assist in our operations under strict confidentiality
• Professional advisors for legal, audit, and accounting purposes
• Law enforcement when required by valid legal process
• Business partners with your explicit consent
• Affiliates within the SindrX corporate family

5. Data Retention

We retain your information for as long as your account is active or as needed to provide services. We also retain data as necessary to comply with legal obligations, resolve disputes, and enforce agreements. Security logs are retained for a minimum of 12 months for threat analysis purposes.

6. Your Rights

Depending on your location, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Delete your personal information
• Export your data in a portable format
• Object to or restrict certain processing
• Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@sindrx.com.

7. International Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by relevant authorities, to protect your data during international transfers.

8. Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

9. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes by email or through our services. Your continued use after changes constitutes acceptance of the updated policy.