ThreatSafe Privacy Policy
1. Scope of this Privacy Policy
This Privacy Policy explains how ThreatSafe ("ThreatSafe", "we", "us", or "our") collects, uses, stores, and protects personal information obtained through threatsafe.ai, our products, services, consultations, events, and other interactions with our organization.
Separate agreements govern the use of ThreatSafe subscription services, including Auditious, ChainFlow, CeroLabs, and related offerings. This Privacy Policy does not apply where ThreatSafe processes information solely on behalf of customers as a data processor, nor does it apply to third-party services integrated with our platform.
2. Information We Collect
Account Information
When customers create accounts, subscribe to services, or grant access to employees, we may collect contact information, business information, billing details, account preferences, and authentication credentials necessary to provide our services.
Website Submissions
We collect information you voluntarily provide through forms, consultation requests, newsletter subscriptions, event registrations, surveys, and communications submitted through our website or social media channels.
Payment Information
For paid services, billing and payment information may be collected directly by ThreatSafe or through authorized payment processing partners.
Communications
We retain communications exchanged with our teams, including emails, support requests, meeting bookings, and customer service interactions.
Automatically Collected Information
We automatically collect technical information such as IP addresses, browser details, device identifiers, pages viewed, session activity, referral sources, and usage analytics to improve platform performance and security.
Cookies and Tracking Technologies
ThreatSafe uses cookies, analytics tools, and similar technologies to enhance user experience, remember preferences, understand website usage patterns, and improve our services.
3. How We Use Personal Information
ThreatSafe uses personal information to operate, maintain, secure, and improve its products and services. We also use information to process transactions, communicate with users, respond to support requests, schedule consultations, deliver service updates, provide marketing communications where permitted, and comply with legal and regulatory obligations.
Information may additionally be used to monitor platform performance, detect fraud, investigate security incidents, prevent unauthorized access, and support compliance initiatives such as DPDP, GDPR, SOC 2, MiCA, and SEBI CSCRF requirements.
4. Legal Basis for Processing
Depending on your location and applicable law, ThreatSafe may process personal information based on one or more legal grounds:
- Consent provided by the individual.
- Performance of a contract or requested service.
- Compliance with legal and regulatory obligations.
- Legitimate business interests, including security, fraud prevention, product improvement, and operational effectiveness.
5. How We Share Information
ThreatSafe does not sell personal information. We may share information only when necessary to operate our business, comply with legal requirements, or protect our users and services.
- Trusted service providers supporting infrastructure, analytics, communication, and payment processing.
- Independent auditors and compliance partners involved in certification and assessment activities.
- Regulatory authorities, law enforcement agencies, or courts when legally required.
- Successor entities involved in mergers, acquisitions, restructurings, or asset transfers.
6. Data Retention
Personal information is retained only for as long as necessary to fulfill the purposes described in this Privacy Policy, satisfy contractual obligations, resolve disputes, enforce agreements, and comply with applicable legal requirements.
When information is no longer required, it is securely deleted, anonymized, or otherwise disposed of according to our internal retention procedures.
7. Your Rights and Choices
Subject to applicable laws, individuals may have rights relating to their personal information, including:
- Access to personal information.
- Correction of inaccurate information.
- Deletion of personal data.
- Data portability.
- Objection to certain processing activities.
- Withdrawal of previously provided consent.
Requests regarding privacy rights can be submitted using the contact information provided below.
8. Data Security
ThreatSafe maintains administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, misuse, disclosure, alteration, or destruction.
Security measures include encryption, access controls, monitoring systems, vulnerability management practices, and periodic security assessments aligned with industry standards.
While we take reasonable precautions to protect information, no system can guarantee absolute security.
9. International Data Transfers
ThreatSafe serves customers globally. Personal information may be transferred to and processed in countries outside your country of residence. Where required, appropriate safeguards are implemented to ensure lawful and secure international data transfers.
10. Children's Privacy
ThreatSafe services are intended for business and professional use and are not directed toward individuals under 18 years of age. We do not knowingly collect personal information from minors.
11. Third-Party Links
Our website may contain links to external websites and services. ThreatSafe is not responsible for the privacy practices, content, or security of third-party websites, and users should review their privacy policies independently.
12. Changes to this Privacy Policy
We may update this Privacy Policy periodically to reflect operational, legal, or regulatory changes. Updated versions will be posted on this page with a revised effective date.
Continued use of ThreatSafe services after any update constitutes acceptance of the revised Privacy Policy.
13. Contact Us
If you have questions regarding this Privacy Policy or our data handling practices, please contact our Privacy Team.