Privacy Policy

1. Scope of This Policy

This Policy applies to visitors to securegap.io, registered users of the SecureGap platform, trial, demo, and paid customers, and business contacts and partners. It covers personal data and organization-level data submitted to the Platform.

2. Information We Collect

3. Purpose of Data Processing

We process data to: provide and operate the SecureGap service; generate assessments, findings, and recommendations; improve product functionality and accuracy; communicate with users; ensure platform security and abuse prevention; and comply with legal obligations. We do not use your data for advertising profiling.

4. Legal Basis for Processing

Depending on jurisdiction, we process data under: contractual necessity (to deliver the Service), legitimate interest (security, analytics, improvement), consent (where required), and legal compliance.

5. AI & Automated Processing Disclosure

SecureGap uses AI models to analyze inputs, generate insights and recommendations, and map responses to security frameworks. Key points: AI outputs are advisory only; no automated decisions with legal or material effects are made; human oversight is always available; and training data is not reused to identify individual users.

6. Data Sharing & Third Parties

We may share limited data with: cloud infrastructure providers, database and hosting providers, analytics and monitoring services, and payment processors (billing data only). All third parties are bound by confidentiality obligations and industry-standard security practices. 🚫 We do NOT sell personal or customer data.

7. Data Retention

Customer data is retained for the duration of the account. Data may be retained post-termination for legal compliance, audit trails, and dispute resolution. Users may request deletion, subject to legal obligations.

8. Data Security

We implement reasonable safeguards, including: encryption in transit and at rest (where applicable), role-based access controls, secure cloud infrastructure, and monitoring and incident response procedures. However, no system is 100% secure.

9. Your Rights

Depending on jurisdiction, you may have the right to: access your data, correct inaccurate data, request deletion, withdraw consent, object to processing, and request data portability. Requests can be sent to privacy@securegap.io.

10. International Data Transfers

Data may be processed outside your country due to cloud infrastructure. We ensure appropriate contractual safeguards and compliance with applicable data protection laws.

11. Cookies & Tracking

We use essential cookies (authentication, session management) and limited analytics cookies. We do not use invasive tracking or third-party ad cookies.

12. Children's Privacy

SecureGap is not intended for individuals under 18. We do not knowingly collect children's data.

13. Changes to This Policy

We may update this Policy periodically. Material changes will be communicated via the Platform or email.

14. Contact & Grievance Officer

SecureGap Technologies (OPC) Private Limited

📧 Email: privacy@securegap.io

📍 Jurisdiction: India

For India-specific concerns under DPDP Act, contact our Grievance Officer at the same email.