Privacy Policy
Last Updated: March 1, 2026
1. Information We Collect
We collect information necessary to perform PCI DSS audits, including user account details (email, name) and compliance evidence uploaded to our secure servers. This data is essential for providing our compliance management services.
2. How We Use Information
Data is used strictly for the purpose of compliance assessment, audit logging, and generating compliance reports. We do not share data with third parties unless required by law or with your explicit consent.
3. Data Security
All evidence is stored in secure, private directories restricted by strict access control lists (ACLs). We employ industry-standard encryption for data in transit (TLS 1.3) and at rest (AES-256). Our infrastructure is hosted on AWS with enterprise-grade security.
4. AI Processing
Our platform uses AWS Bedrock for AI-powered document analysis. Your documents are processed securely and are not used to train AI models. Analysis results are stored within your organization's secure environment.
5. Your Rights
You have the right to access, correct, or delete your personal data. Contact your organization administrator or our support team to exercise these rights.