Privacy Policy | Vulnaguard Sentinel

Vulnaguard, LLC ("Vulnaguard," "we," "us," or "our") operates Vulnaguard Sentinel (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.

1. Information We Collect

We collect information that you provide directly to us and information generated automatically when you use the Service.

Information You Provide

Account information: Name, email address, company name, job title, and password when you register for an account.
Payment information: Billing details processed securely through our payment processor (we do not store full card numbers).
Uploaded content: Vulnerability scan files, security reports, and related data you upload to the Service for analysis.
Communications: Messages you send us via email, support channels, or contact forms.
Demo requests: Information provided when requesting a product demonstration.

Automatically Collected Information

Usage data: Pages visited, features used, time spent, and actions taken within the Service.
Device information: IP address, browser type, operating system, and device identifiers.
Cookies and similar technologies: Session cookies, preference cookies, and analytics trackers described in our Cookie Policy below.

2. How We Use Your Information

We use the information we collect for the following purposes:

To provide, operate, and maintain the Service
To process vulnerability scan data and generate compliance reports on your behalf
To create and manage your account
To process transactions and send related billing communications
To respond to your comments, questions, and support requests
To send you technical notices, updates, security alerts, and administrative messages
To send marketing communications (where permitted by law and with your consent where required)
To analyze usage patterns and improve the Service
To detect, prevent, and address fraud, abuse, and security incidents
To comply with legal obligations

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

Service providers: Third-party vendors who assist in operating our Service (cloud infrastructure, payment processing, analytics, customer support) under strict confidentiality agreements.
Business transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users.
Legal requirements: When required by law, regulation, or valid legal process (e.g., court orders or subpoenas).
Safety: To protect the rights, property, or safety of Vulnaguard, our users, or the public.
With your consent: For any other purpose with your explicit consent.

4. Data Security

We implement industry-standard technical and organizational security measures to protect your information, including:

Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
Role-based access controls limiting employee access to customer data
Regular security assessments and penetration testing
Secure software development lifecycle practices

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Uploaded vulnerability scan data is retained for the duration of your subscription and deleted within 90 days of account closure, unless a longer retention period is required by law or requested by you. You may request deletion of your data at any time by contacting us at privacy@vulnaguard.com.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

Access: Request a copy of the personal information we hold about you.
Correction: Request correction of inaccurate or incomplete information.
Deletion: Request deletion of your personal information, subject to certain exceptions.
Portability: Request a machine-readable copy of your personal data.
Opt-out of marketing: Unsubscribe from marketing emails at any time using the link in each email or by contacting us.
Cookie preferences: Manage cookie settings through your browser or our cookie preference center.

To exercise any of these rights, contact us at privacy@vulnaguard.com. We will respond within 30 days.

7. Cookies

We use cookies and similar tracking technologies to enhance your experience. Essential cookies are required for the Service to function. Analytics cookies (such as those from Vercel Analytics) help us understand how users interact with the Service. You can control non-essential cookies through your browser settings, though disabling certain cookies may affect Service functionality.

8. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party sites you visit.

9. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately at privacy@vulnaguard.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email (if you have an account) or by posting a prominent notice on the Service at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Vulnaguard, LLC

Privacy Inquiries

privacy@vulnaguard.com