Overview
This Privacy Policy describes how AkinSec, LLC (“AkinSec,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you visit our websites, create an account, or use our cloud platform, software, APIs, documentation, and related services (collectively, the “Services”).
This Policy supplements our Terms of Service, which govern use of the Services. Where an enterprise agreement applies to your organization, it may describe additional or different privacy commitments for workplace accounts.
Who this Policy applies to
This Policy applies to individuals who interact with AkinSec directly—such as visitors to our marketing site, trial users, and administrators who configure the Services for their organization (“Customer”).
It also applies to individuals Customer authorizes to access the Services (“Authorized Users”). If you use the Services through an employer or other organization, that organization’s policies may apply in addition to this Policy.
Personal information we collect
Depending on how you use the Services, we may collect:
- Account and contact data. Name, email address, organization name, role, authentication identifiers, preferences, support correspondence, and similar registration details.
- Customer Content. Information Customer or Authorized Users submit to the Services—such as alerts, investigation notes, integrations configuration, prompts (when AI features are used), attachments, exports, and other materials needed to operate security workflows.
- Usage and device data. Technical logs and telemetry such as IP address, approximate location derived from IP, browser type, device identifiers, timestamps, diagnostic events, feature interaction metadata, and security signals used to protect accounts (for example failed login attempts).
- Cookies and similar technologies. We use cookies and similar technologies on our websites and web applications for authentication, preferences, analytics, and security. You can control many cookies through browser settings; strictly necessary cookies may be required for core functionality.
We ask that you do not send special categories of sensitive personal information (where that concept applies) unless we have explicitly agreed in writing that the Services will process those categories for your use case.
How we use personal information
We use personal information to:
- Provide, operate, maintain, secure, debug, and improve the Services;
- Create and manage accounts; authenticate users; enforce policies and access controls;
- Communicate about the Services, including transactional notices, security alerts, and product updates;
- Analyze aggregated or de-identified usage to understand reliability and performance;
- Comply with law, respond to lawful requests, and protect rights, safety, and integrity;
- Evaluate optional alpha-stage programs, pilots, beta or limited-release offerings when offered, consistent with any supplemental notices presented in-product.
Legal bases (EEA, UK, and similar jurisdictions)
Where applicable privacy laws require a legal basis, we rely on one or more of the following: performance of a contract with you or Customer; legitimate interests that are not overridden by your rights (such as securing the Services and preventing abuse); consent where we expressly ask for it; or legal obligation. You may have rights to object or withdraw consent where consent is the basis—see Your rights and choices.
[SUPERVISORY_AUTHORITY_NOTE] — Counsel: add jurisdiction-specific supervisory authority or representative details if required.
AI features and bring-your-own keys
Some features may allow Customer to route prompts or context to third-party AI model providers using Customer-controlled credentials (“BYOK” or similar). Those providers process information under their own terms and privacy policies. AkinSec does not control third-party model providers and is not responsible for their practices.
We do not use Customer Content to train, fine-tune, or improve generalized AI models, nor permit third parties to do so, unless Customer has explicitly agreed in writing or through a clearly labeled in-product opt-in. Operational processing—such as delivering outputs Customer requests, troubleshooting, and securing the Services—remains permitted as described here and in our Terms.
How we share personal information
We share personal information with vendors and service providers who assist us—such as hosting, observability, email delivery, customer support tooling, security scanning, and authentication—subject to confidentiality and processing terms consistent with this Policy.
We may disclose information if we believe disclosure is required by law, regulation, legal process, or governmental request; to enforce our Terms or policies; to detect or prevent fraud, abuse, or security incidents; or to protect the rights, property, or safety of AkinSec, our users, or the public.
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction. We will provide notice where required by law.
Payment processing (Clerk)
Certain paid Services are billed through Clerk, Inc. and its affiliates (“Clerk”). When you pay through Clerk, Clerk may collect payment details and billing identifiers as described in Clerk’s privacy policy: Clerk Privacy Policy. AkinSec receives limited billing and subscription metadata needed to provision access—not full payment card numbers stored on Clerk’s systems per Clerk’s architecture.
International transfers
AkinSec may process personal information in the United States and other countries where we or our vendors operate. Those countries may have different data protection laws than your own. Where required, we implement appropriate safeguards such as standard contractual clauses or other lawful transfer mechanisms—counsel should confirm mechanisms for your customer base.
Retention
We retain personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary depending on the nature of the data and whether Customer holds a paid subscription. Where feasible we aggregate or de-identify information when retaining it for analytics.
After termination or deletion requests, copies may persist for a limited period in backups and disaster recovery systems before being overwritten.
Security
We implement technical and organizational measures designed to protect personal information against unauthorized access, loss, or alteration. No method of transmission or storage is completely secure; we encourage strong passwords, MFA where available, and prompt reporting of suspected compromise to [GENERAL_CONTACT_EMAIL].
Your rights and choices
Depending on your location, you may have rights to access, correct, delete, restrict, or port certain personal information, or to object to certain processing. You may also have the right to lodge a complaint with a supervisory authority.
To exercise privacy rights, contact [PRIVACY_REQUEST_EMAIL]. We may need to verify your request and may be unable to fulfill requests that adversely affect the rights of others or conflict with law.
Children
The Services are not directed to individuals under 16 (or the higher age required where you live). We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact [PRIVACY_REQUEST_EMAIL] and we will take appropriate steps.
Changes to this Policy
We may update this Privacy Policy from time to time. We will post the updated Policy on this page and revise the “Last updated” date when changes take effect. If changes are material, we will provide additional notice as required by law or as described in our Terms.
Contact
AkinSec, LLC
[PRINCIPAL_BUSINESS_ADDRESS]
General inquiries: [GENERAL_CONTACT_EMAIL]
Privacy requests: [PRIVACY_REQUEST_EMAIL]