Legal

Privacy Policy

Qorvion AI is committed to protecting your privacy. This policy explains what data we collect, how we use it, and the choices you have.

Last updated: January 15, 2026

1. Introduction

Qorvion AI, Inc. ("Qorvion AI", "we", "us", or "our") operates an AI-powered cybersecurity platform. This Privacy Policy describes how we collect, use, store, disclose, and protect information about you when you visit our website, use our Services, or otherwise interact with us.

By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you are acting on behalf of an organization, this policy applies to personal data you provide about yourself and your organization's representatives.

2. Information We Collect

2.1 Account and Registration Information

When you create an account or purchase a subscription, we collect:

  • Full name and job title
  • Business email address and company name
  • Billing information (processed securely through our payment provider)
  • Account credentials (passwords are hashed and never stored in plain text)

2.2 Usage and Platform Data

When you use the Services, we may collect:

  • Log data: IP addresses, browser type, pages visited, and access times
  • Feature usage patterns and interaction events within the platform
  • API request metadata and response codes
  • Error reports and diagnostic information

2.3 Security Event Data (Client Data)

The Qorvion AI platform processes security-related data from your infrastructure, including logs, network events, email metadata, and access records. This Client Data is processed exclusively to deliver the Services to you and is governed by our Data Processing Agreement, which takes precedence over this Privacy Policy for such data.

2.4 Communications

When you contact us through our website, support channels, or by email, we retain records of your communication, including your name, email address, and the content of your messages.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Services
  • Process transactions and send billing-related communications
  • Respond to inquiries, support requests, and technical issues
  • Send transactional emails, security alerts, and product updates
  • Improve and develop new features based on usage patterns
  • Detect, prevent, and address fraud, abuse, and security threats
  • Comply with legal obligations and enforce our Terms of Service
  • Conduct research and analytics using anonymized, aggregated data

We do not sell your personal information to third parties and do not use Client Data for advertising purposes.

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our website to:

  • Keep you signed in to your account
  • Understand how visitors use our website (analytics)
  • Remember your preferences and settings
  • Measure the effectiveness of our marketing campaigns

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our website. We use industry-standard analytics tools and do not use cross-site tracking for advertising purposes.

5. Data Sharing and Disclosure

5.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our business, including cloud infrastructure providers, payment processors, email delivery services, and analytics tools. These providers are contractually required to protect your data and use it only for the purposes for which it was shared.

5.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or when we believe disclosure is necessary to protect our rights, prevent fraud, or ensure the safety of our users.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify affected users before personal data becomes subject to a different privacy policy.

6. Data Retention

We retain personal account information for as long as your account is active or as necessary to provide the Services. If you close your account, we will delete or anonymize your personal information within ninety (90) days, unless we are required to retain it for legal, compliance, or audit purposes.

Client Data (security event data from your infrastructure) is retained per the terms of your subscription agreement. Upon termination of your subscription, Client Data is retained for thirty (30) days and then permanently deleted.

7. Security

Qorvion AI implements robust technical and organizational security measures to protect your information, including:

  • End-to-end encryption for data in transit (TLS 1.3)
  • AES-256 encryption for data at rest
  • Role-based access controls and least-privilege principles
  • Regular third-party security audits and penetration testing
  • SOC 2 Type II compliance

While we maintain industry-leading security standards, no system is completely immune to security risks. We encourage you to use strong passwords, enable multi-factor authentication, and report any suspected security issues to security@qorvion.ai.

8. International Data Transfers

Qorvion AI operates globally. Your information may be processed in countries outside your country of residence, including the United States. We ensure that all cross-border transfers are conducted in compliance with applicable data protection laws, using Standard Contractual Clauses (SCCs), Binding Corporate Rules, or other legally approved transfer mechanisms where required.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal obligations)
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request that we restrict processing of your data in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdrawal of Consent: Withdraw consent at any time where processing is consent-based

To exercise any of these rights, contact us at privacy@qorvion.ai. We will respond to your request within thirty (30) days.

10. Children's Privacy

The Services are not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice on our website. The updated policy will be effective upon posting unless otherwise stated.

12. Contact Us

For privacy-related questions or to exercise your data rights, please contact:

Privacy Team — Qorvion AI, Inc.
privacy@qorvion.ai
548 Market Street, Suite 12800
San Francisco, CA 94104, USA

For EU/EEA residents, our Data Protection Officer can be reached at dpo@qorvion.ai.