Data Protection

Understanding how we protect your data and comply with global data protection regulations.

GDPR Compliant

Last updated: December 3, 2025

Security Measures

Enterprise-grade security protecting your data

Encryption at Rest

Active

AES-256 encryption for all stored data

Encryption in Transit

Active

TLS 1.3 for all data transmission

Multi-Tenant Isolation

Active

Logical separation of tenant data

Access Controls

Active

Role-based access with least privilege

Audit Logging

Active

Comprehensive activity tracking

Regular Backups

Active

Encrypted backups with geo-redundancy

Your Rights Under GDPR

Data Subject Rights

You have the following rights regarding your personal data under the General Data Protection Regulation.

Right to Access

Request a copy of all personal data we hold about you and your organization.

Right to Rectification

Request correction of any inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data under certain circumstances.

Right to Restriction

Request limitation of processing of your personal data.

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing of your personal data for specific purposes.

To exercise any of these rights, please contact our Data Protection Officer.

Contact DPO

Data Processing Overview

Categories of data we process and their purposes

Category	Examples	Purpose	Retention	Legal Basis
Identity Data	Name, email address, job title, organization	Account management and authentication	Duration of account + 30 days	Contract performance
Device Data	Device ID, OS version, compliance status, security settings	Security posture calculation and monitoring	90 days (configurable)	Legitimate interest
Security Incidents	Threat alerts, vulnerability reports, incident details	Threat detection and response	90 days (configurable up to 2 years)	Legitimate interest
Usage Analytics	Feature usage, dashboard interactions (anonymized)	Service improvement	12 months	Legitimate interest

Compliance Frameworks

Industry standards and regulations we adhere to

GDPR

General Data Protection Regulation

EU data protection and privacy regulation

Compliant

ISO 27001

Information Security Management

International security standard

Aligned

SOC 2

Service Organization Control 2

Trust service criteria compliance

In Progress

Data Processing Agreement

For organizations requiring a formal Data Processing Agreement (DPA), we provide GDPR-compliant documentation.

Request DPA

Questions About Data Protection?

Our Data Protection Officer is available to answer your questions and assist with data requests.

Contact DPO