LEGAL

Privacy Policy

Last updated: January 15, 2025

1. Introduction

AttackRadar Inc. ("AttackRadar," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website at attackradar.us and use our cyber threat intelligence and dark web monitoring services (collectively, the "Services").

By accessing or using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.

2. Information We Collect

2.1 Account Data

When you create an account, we collect your name, email address, company name, job title, and any other information you voluntarily provide during the registration process. If you sign in using a third-party authentication provider (such as Google), we receive basic profile information from that provider.

2.2 Usage Data

We automatically collect information about how you interact with our Services, including pages visited, features used, search queries, alert configurations, and interaction timestamps. This data helps us improve our platform and provide better threat intelligence insights.

2.3 Technical Data

We collect technical information including your IP address, browser type and version, operating system, device identifiers, referring URLs, and timezone settings. We use cookies and similar tracking technologies to collect this information.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our cyber threat intelligence and dark web monitoring services.
  • Security: To monitor for unauthorized access, detect and prevent fraud, and protect the security of our platform and our users.
  • Communication: To send you service-related notifications, security alerts, product updates, and respond to your inquiries.
  • Product Improvement: To analyze usage patterns, conduct research, and develop new features and capabilities.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

4. Data Sharing & Third Parties

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information only in the following limited circumstances:

  • Service Providers: We engage trusted third-party companies to perform functions on our behalf, such as cloud hosting (Cloudflare), authentication (Firebase/Google), analytics, and customer support. These providers are contractually bound to protect your data.
  • Legal Requirements: We may disclose information if required by law, court order, or governmental regulation, or if we believe such disclosure is necessary to protect our rights, prevent fraud, or ensure the safety of our users.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to the same privacy protections.

5. Data Security

We implement industry-leading security measures to protect your personal information, including:

  • Encryption in transit using TLS 1.3
  • Encryption at rest using AES-256
  • Strict access controls with role-based permissions
  • Multi-factor authentication for all internal systems
  • Regular penetration testing and vulnerability assessments
  • SOC 2 Type II certification

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our Services. Account data is retained for the duration of your subscription and for a reasonable period thereafter to fulfill our legal obligations, resolve disputes, and enforce our agreements. Threat intelligence data retention varies by plan (14 days to 1 year).

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure: Request deletion of your personal data under certain circumstances.
  • Right to Data Portability: Request a machine-readable copy of your data.
  • Right to Object: Object to the processing of your personal data for specific purposes.
  • Right to Restrict Processing: Request limitation of processing under certain conditions.

To exercise any of these rights, please contact us at privacy@attackradar.us. We will respond to your request within 30 days.

8. Cookies & Tracking Technologies

We use cookies and similar technologies (such as web beacons and pixels) to collect usage information, remember your preferences, and improve your experience. You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our Services.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission and compliance with applicable data protection frameworks.

10. Children's Privacy

Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. We will notify you of material changes by posting a prominent notice on our website or by sending you an email. Your continued use of our Services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:

  • Email: privacy@attackradar.us
  • General Support: support@attackradar.us
  • Address: AttackRadar Inc., Wilmington, Delaware, United States