Privacy Policy

This Privacy Policy explains how AiVRIC (“AiVRIC,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information in connection with our websites, products, and services, including the AiVRIC cloud-security platform (collectively, the “Services”).

We are committed to protecting your privacy and handling your data in a transparent and secure manner. By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are

AiVRIC is a security and compliance technology provider headquartered in Plantation, Florida (USA). We help organizations monitor security posture, manage compliance obligations, and automate remediation and reporting across cloud and hybrid environments.

2. Scope of this Policy

This Privacy Policy applies to:

• The AiVRIC marketing websites, including www.aivric.com and related pages;
• Customer accounts provisioned on the AiVRIC platform;
• Communications and interactions with our sales, support, and customer success teams;
• Any other online or offline interactions where this Privacy Policy is referenced or made available.

This Privacy Policy does not apply to third-party products or services that may integrate with AiVRIC, nor to data that our customers ingest into AiVRIC from their own environments where they act as the data controller.

3. Information We Collect

The information we collect depends on how you interact with AiVRIC and which Services you use. We may collect the following categories of information:

3.1 Information You Provide to Us

• Account and profile information, such as your name, job title, organization, business email address, phone number, password, and authentication details.
• Contact and communication information, including messages you send to us via forms, email, chat, or support tickets.
• Billing and payment information, such as billing contact details, subscription selections, and limited payment-related information (most payment details are processed directly by our payment service providers and not stored by AiVRIC).
• Feedback and survey responses that you provide about the Services.

3.2 Information Collected Automatically

When you visit our websites or use the Services, we may automatically collect:

• Usage data (e.g., pages viewed, features used, clicks, referring URLs, access times, and session duration).
• Device and technical data (e.g., IP address, browser type and version, operating system, device identifiers, and language settings).
• Log data generated by our systems for security, performance, and troubleshooting purposes.

3.3 Customer Environment & Security Telemetry

When you connect your cloud or on-premises environments to AiVRIC, we may collect configuration data, metadata, security alerts, vulnerability scan results, and other technical information necessary to provide the Services. This information often relates to systems and accounts controlled by your organization rather than to individual end users.

3.4 Information from Third Parties

We may receive information about you from third-party sources, such as business partners, conference and event providers, publicly available databases, and professional networking platforms, where permitted by applicable law.

4. How We Use Your Information

We use the information we collect for the following purposes:

• Providing and operating the Services, including account creation, authentication, platform configuration, and feature delivery.
• Improving and developing the Services, by analyzing usage trends, troubleshooting issues, enhancing user experience, and developing new capabilities.
• Security and fraud prevention, including monitoring, detecting, and preventing unauthorized access, abuse, and malicious activity.
• Customer support and communications, such as responding to inquiries, resolving issues, and sending important service notifications.
• Legal and compliance obligations, including enforcing contracts, complying with regulatory requirements, and responding to lawful requests from public authorities.
• Marketing and business development, such as sending information about AiVRIC features, events, promotions, and thought-leadership content, where permitted by applicable law and your communication preferences.

5. Legal Bases for Processing (EEA/UK Only)

If you are located in the European Economic Area (EEA) or the United Kingdom (UK), our processing of your personal data is supported by the following legal bases:

• Performance of a contract – where processing is necessary to provide the Services you have requested or to fulfill our contractual obligations.
• Legitimate interests – for example, to secure our Services, improve functionality, prevent abuse, or market similar products to existing customers, provided these interests are not overridden by your rights and interests.
• Consent – where we rely on your consent, such as for certain types of marketing communications or cookies. You may withdraw your consent at any time.
• Legal obligation – where processing is necessary to comply with laws or regulatory requirements.

6. Cookies and Similar Technologies

We use cookies and similar technologies (such as web beacons and local storage) to provide and improve the Services, remember your preferences, and analyze how our websites are used.

Cookies may be:

• Essential – required for core functionality, such as secure login and session management.
• Analytical / performance – to understand usage patterns, page performance, and user flows.
• Functional – to remember preferences and enhance the user experience.
• Marketing – to track engagement with campaigns and measure effectiveness of advertising, where applicable.

You can manage cookie preferences through your browser settings or, where available, our cookie management tools. Disabling certain cookies may affect the functionality of the Services.

7. How We Share Your Information

We do not sell personal information. We may share information in the following circumstances:

• Service providers and subprocessors who perform services on our behalf, such as hosting, infrastructure, analytics, customer support, email delivery, and payment processing. These providers are bound by contractual obligations to safeguard personal data.
• Business partners with whom we jointly offer products, services, or events, where appropriate and consistent with your choices.
• Within our corporate group, to support global operations and consistent delivery of the Services.
• Legal and regulatory disclosures when required to comply with applicable law, lawful requests, or to protect the rights, property, or safety of AiVRIC, our customers, or others.
• Business transfers in connection with a merger, acquisition, financing, or sale of all or a portion of our business. We will take reasonable steps to ensure the successor entity honors this Privacy Policy or provides equivalent protections.

We may share aggregated or de-identified information that does not reasonably identify any individual, for research, benchmarking, or statistical purposes.

8. International Data Transfers

AiVRIC is based in the United States and may process information in the U.S. and other countries that may have different data-protection laws than your country of residence. Where required, we implement appropriate safeguards, such as Standard Contractual Clauses or equivalent mechanisms, to protect personal data transferred from the EEA, UK, or other regions to the U.S. or other jurisdictions.

9. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, including providing the Services, complying with legal obligations, resolving disputes, and enforcing our agreements. Retention periods may vary depending on the type of data, contractual requirements, and applicable law. When information is no longer required, we will delete, anonymize, or securely store it in accordance with our data-retention policies.

10. Security

We implement technical and organizational measures designed to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures may include encryption, access controls, logging, network protections, and regular testing of security controls. However, no system can be guaranteed to be completely secure, and you are responsible for maintaining the confidentiality of any account credentials and for promptly notifying us of any suspected unauthorized use of your account.

11. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights in relation to your personal information, including:

• Right to access your personal information and obtain a copy.
• Right to request correction of inaccurate or incomplete data.
• Right to request deletion of your personal information, subject to legal and contractual restrictions.
• Right to object to or restrict certain processing activities.
• Right to withdraw consent where processing is based on consent.
• Right to data portability in certain circumstances.

To exercise these rights, please contact us using the details in the Contact Us section below. We may need to verify your identity before responding to your request.

If you are located in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority. We encourage you to contact us first so we can address your concerns.

12. Additional Information for California Residents

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (“CCPA”) or its successors, including:

• Right to know the categories of personal information we collect, use, disclose, and, if applicable, sell or share.
• Right to request access to specific pieces of personal information.
• Right to request deletion of personal information, subject to exceptions.
• Right to opt out of the sale or sharing of personal information (AiVRIC does not sell personal information as that term is defined under the CCPA).
• Right to not be discriminated against for exercising any of your CCPA rights.

You or your authorized agent can submit a request by contacting us at [email protected] or using the other methods described in the Contact Us section.

13. Third-Party Links and Services

The Services may include links to third-party websites, integrations, or services that are not operated by AiVRIC. This Privacy Policy does not apply to those third parties, and we are not responsible for their content, privacy practices, or services. We encourage you to review the privacy notices of any third-party services you use.

14. Children’s Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information from children. If you believe that a child has provided personal information to us, please contact us so we can take appropriate steps to remove the information.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will update the “Effective Date” at the top of this page and, where appropriate, provide additional notice (such as by email or in-product notification). We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

16. Contact Us

If you have any questions about this Privacy Policy, our data-handling practices, or would like to exercise your privacy rights, please contact us at:

• Email: [email protected]
• General Inquiries: [email protected]
• Mailing Address: AiVRIC, Plantation, FL 33342, United States