Privacy policy

Last updated: March 22, 2024

Introduction

When you use our services, we’re collecting your personal data to support those services. Data privacy is important to us at Abstract Security. This Privacy Policy details our use of personal data and your privacy rights and choices available to you. Abstract Security is a Data Controller that is responsible for determining the purpose and means of personal data processing.

How we use personal data

Your data is collected to help us:

  • Provide support and troubleshooting when using our services.

Personal data we may collect

Abstract Security may collect one or more of the following types of data as a requirement for using our services:

  1. Name
  2. Contact information
  3. IP address

In addition to the data above which may be requested or required when using our services, additional unsolicited data may be processed that is not reviewed by Abstract Security as part of the services provided. We will apply the same security and privacy protections as the solicited data above, which may not recognize any additional privacy risks of this data.

When we share your personal data

Your personal data may be shared with third parties under one or more of the following scenarios:

  • With the sub processors included in this policy, subject to the agreed terms of service and with a basis of processing in line with this policy

Your Rights

Your privacy rights are outlined below. For further details of these rights or to make a request from us related to these rights, please see the Privacy Requests and Contacts section below and contact us accordingly.

The right to be informed. You have the right to be informed about the collection and use of your personal data, when the data is obtained by us.

The right to access and amend your data. You can access your personal data directly when using our services. You can ask us to explain the means of collection, what data is being processed by us, and anyone that we share it with.

The right to rectify your data. You can amend your personal data directly when using our services

The right to data erasure. You can request we erase your data within 30 days. We will notify you if that cannot be completed or any implications of doing so for using our services.

The right to transfer your data. You can have your data transferred from one system to another safely and securely.

The right to restrict your data processing. You can request we restrict or supress your personal data to limit its use.

The right to opt-in for sensitive data processing. For any highly sensitive personal data we may collect, we require your explicit consent to opt-in to us processing that data.

The right to opt-in by a parent or guardian: We do not collect data from minors. You are required to be over the age of 16 in order to use our services.

The right not to be subject to fully automated decisions: We do not apply automated processing activities that profile you or make fully automated decisions using your personal data.

These rights are subject to the clauses of the relevant privacy regulations, legal requirements, public interest, and where the above rights may conflict with your use of our services. For any privacy concerns or to request further details of your rights, please see the Privacy Requests and Contacts section below.

Sub-processors and locations

Sub-Processor Purpose Location
AWS Hosted Services Provider USA
Microsoft Corporation Hosted Services Provider USA
FrontEgg Ltd Authentication and authorization checks USA
Twilio Inc (SendGrid) Transactional email delivery USA

Privacy Requests and Contacts

For further information about our Privacy Policy or practices, or to raise any privacy requests or complaints in relation to your data, please contact us using the following methods:

Email: privacy@abstract.security

welcome to the future

Next gen siem is not a siem
We’re on a mission to help tie security back to business value. Use Abstract and transcend your next-gen SIEM.
Read Our Why