Privacy Policy

At 01Security, we recognize that the integration of artificial intelligence into cybersecurity infrastructure requires a new paradigm of privacy and data governance. This Privacy Policy outlines our uncompromising commitment to protecting your digital assets while delivering the next generation of autonomous defense. We believe that privacy and security are not mutually exclusive but are foundational pillars of a trustworthy digital ecosystem.

1. The 01Security Privacy Philosophy

Our platform is built on the principle of Privacy by Design. In the age of agentic AI, this means that every autonomous agent we deploy is engineered with inherent data boundaries. Unlike traditional security models that rely on broad data harvesting, 01Security agents are designed to reason locally whenever possible, minimizing the transmission of sensitive telemetry to the centralized cloud.

2. Data Collection and Purpose

We collect and process data strictly for the purpose of identifying, analyzing, and neutralizing cybersecurity threats. The categories of information we handle include:

• Agent Telemetry: Meta-data related to system calls, network flows, and file integrity checks processed by our autonomous agents. This data is used to build a profile of "normal" behavior and detect anomalies.
• Infrastructure Context: Information about your cloud or on-premise environment (e.g., OS versions, service configurations) necessary for the agents to understand their operational context.
• Identity Information: Professional contact details for account management, security alerts, and administrative correspondence.

3. AI Governance and Algorithmic Transparency

We believe in "Explainable AI" (XAI). In a cybersecurity context, understanding why an agent took a specific action is critical for governance. 01Security provides:

• Audit Trails: Every autonomous decision made by an agent is documented in a cryptographic log, allowing for retrospective analysis and verification.
• Model Isolation: We do not pool customer data to train global models in a way that could lead to the leakage of proprietary logic or sensitive infrastructure patterns. Your environment's intelligence stays within your environment.
• Biais Mitigation: Our agents are regularly tested for algorithmic bias to ensure that security decisions are based solely on technical risk indicators and not on unintended data patterns.

4. Data Minimization and Retention

We adhere to strict data minimization principles. We do not collect information that is not essential for the protection of your systems. Retention periods are governed by the following criteria:

Active threat data is retained for the duration of the investigation and for a subsequent period required for forensic reporting. Historical telemetry is aggregated and de-identified after 90 days unless custom retention policies are specified by the customer via the 01Security Governance Dashboard.

5. Sharing and Disclosure

01Security does not sell your data. We only share information with third parties under the following circumstances:

• Service Providers: Cloud infrastructure partners who host our secure control plane (subject to strict confidentiality agreements).
• Legal Compliance: When required by law, we will disclose information only after rigorous legal review and provided we are not legally prohibited from notifying you.
• Threat Intelligence Sharing: With your explicit consent, de-identified threat indicators may be shared with the broader security community to help immunize other organizations against similar attacks.

6. International Data Transfers

Data may be processed in various jurisdictions where our secure nodes are located. We utilize Standard Contractual Clauses (SCCs) and adhere to the highest international standards for cross-border data protection, ensuring that your privacy is respected regardless of where the processing occurs.

7. Your Rights and Controls

Under regulations such as GDPR and CCPA, you have significant rights regarding your data. At 01Security, we extend these rights to all our users globally:

• Access and Portability: Request a copy of the data we hold about your organization's security posture.
• Correction and Deletion: Update or remove information that is no longer necessary for security operations.
• Governance Controls: Use our API or Dashboard to define exactly what telemetry agents are allowed to process and communicate.

8. Updates to this Policy

As AI technology evolves, so will our privacy practices. We will notify you of any material changes via the 01Security platform or email. We encourage you to review this policy periodically to stay informed about how we are protecting your data.

9. Contact Our Data Protection Office

If you have questions about our data governance or privacy practices, please contact our dedicated DPO at [email protected].