Privacy Policy

We collect information to provide, improve, and secure our cybersecurity products and services. The types of information we collect include:

a) Information You Provide

• Account Information: Name, email address, phone number, company name, job title, and country when you sign up for our products or request a demo.
• Payment Information: Billing address and payment details when you purchase our products or services. We do not store credit card numbers directly; payments are processed through secure third-party payment processors.
• Communications: Information you provide when you contact our support team, participate in surveys, or engage with us through any communication channel.
• Career Applications: Resume, cover letter, and other details submitted through our careers page.

b) Information Collected Automatically

• Device & Browser Data: IP address, browser type, operating system, device identifiers, and screen resolution.
• Usage Data: Pages visited, features used, time spent on our website or products, and referral URLs.
• Log Data: Server logs, error reports, and diagnostic data collected from our products (such as Garuda Agent, Garuda Scanner, ORCA, and other Appdirs products) to ensure security and improve performance.

c) Information from Third Parties

• Information from authentication providers if you sign in using third-party services (e.g., Google, Microsoft, LinkedIn).
• Information from our partners and resellers relevant to your service subscription.

• To provide, operate, and maintain our cybersecurity products and services.
• To process transactions and send related billing information.
• To communicate with you, including responding to inquiries and sending service updates.
• To improve and personalize your experience across our platform.
• To detect, prevent, and address security threats, fraud, and technical issues.
• To comply with legal obligations and enforce our terms of service.
• To send you marketing communications (with your consent), which you can opt out of at any time.
• To conduct research and analytics to enhance our products and services.

We do not sell your personal information. We may share your information only in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our business (e.g., cloud hosting, payment processing, analytics), bound by strict confidentiality agreements.
• Legal Requirements: When required by law, regulation, legal process, or government request.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
• With Your Consent: When you explicitly authorize us to share your information with a specific third party.

We use cookies and similar technologies to enhance your browsing experience, analyze website traffic, and understand user behavior. These include:

• Essential Cookies: Required for basic site functionality such as authentication and security.
• Analytics Cookies: Help us understand how visitors interact with our website so we can improve the experience.
• Preference Cookies: Remember your settings and preferences (e.g., theme, language) for a personalized experience.

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our website.

We take the security of your data seriously. As a cybersecurity company, we implement industry-leading administrative, technical, and physical safeguards to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest (AES-256).
• Regular security assessments, vulnerability scanning, and penetration testing.
• Role-based access controls and multi-factor authentication for internal systems.
• Continuous monitoring and incident response procedures.
• Compliance with industry standards and best practices.

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We encourage you to take steps to protect your account credentials and personal information.

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. When your data is no longer needed, we securely delete or anonymize it.

As we operate from India and may serve customers globally, your data may be transferred to and processed in countries outside your country of residence. We ensure that such transfers comply with applicable data protection laws and that adequate safeguards are in place to protect your information.

Depending on your location and applicable laws, you may have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data, subject to legal obligations.
• Right to Restrict Processing: Request that we limit how we use your data.
• Right to Data Portability: Request your data in a structured, machine-readable format.
• Right to Object: Object to the processing of your data for certain purposes, including direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Our website and products may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

Our products and services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete such information promptly.

We may update this privacy policy from time to time to reflect changes in our practices, technologies, or legal requirements. We will notify you of any material changes by posting the updated policy on this page with a revised "Last updated" date. We encourage you to review this policy periodically.

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us: