Privacy Policy

Last Updated: February 9, 2026

Secberus, Inc. ("Secberus," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Secberus AI Compliance Mapping API and related services (the "Service").

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly to us, including:

  • Account Information: Name, email address, company name, and password when you create an account.
  • Payment Information: Billing details processed securely through our payment processor, Paddle.com.
  • API Usage Data: Data you submit through our API for compliance mapping purposes.
  • Communications: Information you provide when you contact us for support or other inquiries.

1.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Log Data: IP address, browser type, operating system, referring URLs, and access times.
  • Usage Data: API call frequency, endpoints accessed, and response times.
  • Cookies: Session cookies to maintain your authenticated state.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send technical notices, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Monitor and analyze usage patterns and trends
  • Detect, investigate, and prevent fraudulent or unauthorized activity
  • Comply with legal obligations

3. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you the Service. API request data is retained for a limited period to support debugging and analytics. We will delete or anonymize your information upon request, subject to legal retention requirements.

4. Information Sharing

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who perform services on our behalf, such as payment processing (Paddle.com), cloud hosting (AWS), and email delivery.
  • Legal Requirements: When required by law, subpoena, or other legal process.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including encryption in transit and at rest, access controls, and regular security assessments. However, no method of transmission over the Internet is 100% secure.

6. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Object to or restrict certain processing activities
  • Data portability

To exercise these rights, please contact us.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in accordance with applicable law.

8. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us.