This Privacy Policy explains how ThreatLight Inc. ("ThreatLight", "we", "our") collects, uses, and protects information when you use our website and services.

Information we collect

  • Website usage data (pages visited, device/browser information) via Google Analytics only after you accept analytics cookies.
  • Contact and incident forms: the information you submit (e.g., name, company, email, phone, message, incident details). We email these submissions to our team and may send an operational notification to Slack.
  • privacy.sections.information_we_collect.items.auth
  • Essential cookies for site operation and your privacy preferences. Optional analytics cookies are used only with consent.

How we use information

  • Provide and improve our website and services, respond to inquiries, and deliver incident response and advisory services.
  • Maintain security, prevent abuse, and diagnose issues.
  • Understand website performance and usage with aggregated analytics (consent-based).

Legal bases (EEA/UK)

We process personal data based on: (i) contract (to provide requested services), (ii) legitimate interests (to secure and improve our services), and (iii) consent (for analytics cookies and, where applicable, certain communications). You can withdraw consent at any time via Privacy Settings.

Sharing and processors

We do not sell personal information. We share data with trusted processors to operate our services, including: Google (Analytics), SMTP2GO (outbound email), and Slack (team notifications). These providers process data on our behalf under appropriate safeguards.

Data retention

We retain information only as long as necessary for the purposes described or as required by law. Analytics cookies expire per their respective lifetimes; consent preferences are stored for up to one year.

International transfers

We may process and store information in the United States and other countries. Where required, we implement appropriate safeguards for cross-border transfers.

Your rights

Subject to your location, you may have rights to access, correct, delete, or restrict processing of your personal data, and to object or withdraw consent. To exercise rights, contact [email protected].

Security

We apply technical and organizational measures to protect information. No method of transmission or storage is 100% secure, but we continuously work to improve our controls.

Children

Our services are not directed to children under 13. We do not knowingly collect personal information from children.

Contact us

If you have questions about this policy or our privacy practices, contact: [email protected]