Privacy Policy

What We Collect

• Account data: names, company emails, titles, and roles
• Company data: organization name, industry, and engagement metadata
• Scope data: domains, approved scope, and consent records
• Assessment artifacts: findings, evidence, timestamps, and assessment metadata
• Operational logs: service health and error telemetry (non-sensitive)
• Abuse prevention signals: IP address and user agent (hashed)

What We Do Not Collect

• No customer passwords or authentication tokens
• No internal system access or privileged credentials
• No PII beyond what you submit in the form

How We Use Data

• Deliver external assurance reports and evidence artifacts
• Validate scope and consent for authorized assessment
• Support external assurance, evidence review, platform evaluation, drift detection, and validation
• Provide follow-up communication and support
• Prevent abuse and ensure platform integrity

Retention

Demo request data may be used to respond to the request, schedule a walkthrough, evaluate fit, provision trial access where applicable, support onboarding, and meet legal or contractual obligations. Platform artifacts and reports are retained based on customer policy and contractual requirements. You can request deletion at any time.

Sharing

We do not sell or share your data with third parties. We may use service providers (such as email delivery) strictly to fulfill your request.

Security

We use encryption in transit, access controls, and least-privilege practices to protect data. Evidence and artifacts are stored with restricted access and are scoped per customer.

Your Rights

You can request deletion or correction of your data. Contact us at privacy@fusionstek.com.