Privacy Protected

Privacy Policy

We are committed to protecting your privacy and ensuring the security of your personal information. This policy explains how we collect, use, and protect your data.

Last Updated: March 15, 2024
SOC 2 Compliant
GDPR Ready

Our Privacy Commitment

At Fixure, privacy is not an afterthought—it's fundamental to our design. We built our platform with privacy by design principles, ensuring your data is protected at every step.

End-to-end encryption
Zero-knowledge architecture
Minimal data collection

1. Information We Collect

Account Information

When you create an account, we collect basic information necessary to provide our services:

  • Name and email address
  • Company name and role
  • Account credentials (securely hashed)
  • Profile preferences and settings

Security Data

To provide vulnerability management services, we process:

  • Vulnerability scan results and security findings
  • Asset inventory and system metadata
  • Configuration data from integrated security tools
  • Compliance and audit information

Usage Information

We automatically collect information about how you use our services:

  • Login times and feature usage patterns
  • Performance and error logs
  • API calls and integration activity
  • Browser type and device information

2. How We Use Your Information

We use your information solely to provide and improve our services:

Service Provision

  • Process and analyze vulnerability data
  • Generate reports and dashboards
  • Provide AI-powered deduplication
  • Enable integrations with your tools
  • Deliver compliance reporting

Service Improvement

  • Enhance AI model accuracy
  • Optimize platform performance
  • Develop new features and capabilities
  • Improve user experience
  • Ensure system security and reliability

What We Don't Do

We never sell your data to third parties, use it for advertising, or share it with unauthorized entities. Your security data remains confidential and is used only to provide the services you've requested.

3. Data Security and Protection

We implement industry-leading security measures to protect your data:

Technical Safeguards

  • AES-256 encryption for data at rest
  • TLS 1.3 for data in transit
  • End-to-end encryption for sensitive data
  • Regular security assessments and penetration testing
  • Zero-trust network architecture
  • Automated threat detection and response

Administrative Safeguards

  • Role-based access controls
  • Multi-factor authentication requirements
  • Regular security training for all employees
  • Background checks for personnel
  • Incident response procedures
  • Data breach notification protocols
SOC 2 Type II
Certified
GDPR
Compliant
ISO 27001
Aligned

4. Data Sharing and Third Parties

We have a strict policy regarding data sharing and only work with trusted partners who meet our security standards:

Service Providers

We may share limited data with service providers who help us operate our platform:

  • Cloud infrastructure providers (AWS, with strict data processing agreements)
  • Authentication services (for secure login functionality)
  • Monitoring and analytics tools (for performance optimization)
  • Customer support platforms (when you request assistance)

Legal Requirements

We may disclose information if required by law or to protect our rights:

  • In response to valid legal processes (subpoenas, court orders)
  • To investigate potential violations of our Terms of Service
  • To protect the security and integrity of our services
  • In connection with a business transaction (merger, acquisition)

Important Note

We will never sell, rent, or trade your personal information to third parties for marketing purposes. Your data is your data, and we're committed to keeping it that way.

5. Your Rights and Controls

You have significant control over your data and privacy. Here are your rights:

Access and Control

  • Access your personal information
  • Update or correct your data
  • Download your data (data portability)
  • Delete your account and data
  • Restrict data processing

Privacy Controls

  • Opt out of non-essential communications
  • Control data sharing preferences
  • Set retention periods for your data
  • Request data anonymization
  • File privacy complaints

To exercise any of these rights, please contact us at privacy@fixure.com or use the privacy controls in your account settings. We'll respond to your request within 30 days.

6. Data Retention

We retain your data only as long as necessary to provide our services and meet legal requirements:

Account InformationUntil account deletion
Security DataPer your retention settings
Usage Logs90 days
Support Tickets2 years
Backup Data90 days post-deletion

You can request earlier deletion of your data at any time. Some data may be retained longer if required by law or for legitimate business purposes (such as fraud prevention).

7. Contact Us

If you have questions about this Privacy Policy or our data practices, we're here to help:

Privacy Questions

privacy@fixure.com

Response time: Within 24 hours

Data Protection Officer

dpo@fixure.com

For formal privacy complaints and requests

Fixure, Inc.

123 Security Street, Suite 100

San Francisco, CA 94105

Phone: +1 (555) 123-4567

This privacy policy is effective as of March 15, 2024 and may be updated from time to time.