Privacy Policy

Effective Date: 07 February 2024

Introduction

At Secgra.io, we prioritize your privacy and the security of your data above all. Our suite of services, including asset management, security, AI-generated compliance, and cost optimization, is designed with your data protection at the forefront. This Privacy Policy explains our practices regarding the collection, use, and safeguarding of your personal information, emphasizing our browser extension's client-side operation to ensure maximum privacy and data security.

Information Collection

Secgra.io collects only the personal information necessary to provide and enhance our services. This includes:

  • Personal identifiers such as names and email addresses.

  • Operational data related to asset management, including information on users, devices, agents, and subscriptions.

  • Data generated from your interaction with our services for security and compliance purposes, like risk scores and configuration settings. Our browser extension is designed to monitor for failures and report them at the client side. It only forwards data if a failure is detected, ensuring that no data is sent out unnecessarily. This approach guarantees that only relevant security or compliance failures trigger data transmission, protecting against the transmission of sensitive information.

Purpose of Data Collection

We use your data to:

  • Deliver and maintain our SaaS offerings efficiently.

  • Conduct thorough security assessments and compliance checks.

  • Improve our services through detailed internal analytics.

Data Usage and Marketing

Your personal data will never be sold or used for marketing purposes by Secgra.io. We strictly use the information collected to enhance your experience with our services, adhering to the highest standards of privacy and data protection.

Security Measures

Our commitment to data security is reflected in the measures we employ, including:

  • Encrypting sensitive data within secure vaults.

  • Utilizing data sharding in our multi-tenant architecture.

  • Regularly updating our security protocols to prevent unauthorized access and data breaches.

  • Ensuring our browser extension operates on a fail-safe principle, prioritizing client-side data handling and minimizing data exposure.

Data Management and User Rights

You have several rights regarding your data, including:

  • Access: Request information about the data we hold on you.

  • Correction: Have inaccuracies in your data rectified.

  • Deletion: Request the removal of your data, which will also end our service provision to you. Note that this is irreversible.

  • Objection: Object to certain data processing practices, considering our operational needs.

  • Portability: We strive to facilitate data portability to the extent possible within our system's complexity, offering assistance with data dumps when feasible. For assistance with these rights, please contact us at privacy@secgra.com.

Policy Updates

We will communicate any changes to this policy through our company blog, encouraging you to review it regularly for updates.

Data Sharing

In alignment with our privacy commitment:

  • We do not share your personal data with third parties.

  • Our architectural design ensures the isolation and security of your data.

For any inquiries or concerns about our privacy practices, please reach out at privacy@secgra.com.