Privacy Policy

1. Data Collection Protocol

We collect minimal telemetry data required for system optimization and security monitoring. This includes IP addresses, browser types, and interaction metrics. We do not collect personally identifiable information (PII) unless explicitly provided by you through our contact forms or application portals.

• Log Data: Information automatically recorded by our servers when you access our systems.
• Device Information: Hardware model, operating system, and unique device identifiers.
• Usage Information: Pages visited, time spent, and navigation paths.

2. Storage & Encryption

All collected data is encrypted at rest using AES-256 and transmitted via TLS 1.3. We do not store plaintext credentials or sensitive personal information. Our database clusters are distributed across multiple availability zones to ensure high availability and data integrity.

Access to production databases is strictly limited to authorized personnel via zero-trust network access (ZTNA) and requires multi-factor authentication (MFA).

3. Third-Party Subprocessors

We utilize verified infrastructure providers for hosting and compute. No data is sold or shared with unauthorized third parties. Current subprocessors include:

• Amazon Web Services (AWS): Cloud infrastructure and data storage.
• Vercel: Edge computing and frontend hosting.
• Cloudflare: DNS, DDoS protection, and CDN services.

4. User Rights & Data Control

Under GDPR, CCPA, and other applicable privacy regulations, you have the right to access, modify, or request the deletion of your personal data. To initiate a data subject access request (DSAR), please contact our Data Protection Officer.

We will process all legitimate requests within 30 days of receipt.

5. Contact Information

For any inquiries regarding this Privacy Policy or our data handling practices, please contact our security team at help@decods.com.