Privacy Policy

Personal Information You Provide

We collect information you provide directly to us when you:

• Create an Account: Email address, password, and profile information
• Subscribe to Services: Payment information, billing address, and subscription preferences
• Contact Support: Name, email address, and communication content
• Participate in Surveys: Feedback, opinions, and demographic information

Information Collected Automatically

When you use our Services, we automatically collect certain information:

• Device Information: Device type, operating system, unique device identifiers, and mobile network information
• Usage Data: App usage patterns, feature interactions, and performance metrics
• Log Information: IP addresses, access times, and error logs (anonymized for VPN usage)
• Location Data: Approximate location based on IP address (not precise GPS location)

Security Monitoring Data

To provide our security services, we collect:

• Identity Monitoring: Encrypted hashes of personal identifiers for dark web monitoring
• Password Analysis: Encrypted password strength metrics (passwords are never stored in plain text)
• Threat Detection: Malware signatures and security event logs
• Web Protection: URLs accessed for malicious site detection (anonymized and encrypted)

We use the information we collect for the following purposes:

Service Provision

• Provide, maintain, and improve our security services
• Process payments and manage subscriptions
• Monitor for security threats and protect against malicious activity
• Provide identity monitoring and breach notifications
• Deliver VPN services and maintain connection quality

Communication

• Send service-related notifications and security alerts
• Respond to your inquiries and provide customer support
• Send marketing communications (with your consent)
• Provide updates about new features and security threats

Analytics and Improvement

• Analyze usage patterns to improve our services
• Conduct research and development for new security features
• Generate anonymized statistics and reports
• Optimize app performance and user experience

Legal and Compliance

• Comply with legal obligations and regulatory requirements
• Protect our rights and prevent fraud or abuse
• Respond to lawful requests from authorities
• Enforce our Terms of Use and other agreements

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

Service Providers

We work with trusted third-party service providers who assist us in operating our business:

• Payment Processors: To process subscription payments securely
• Cloud Infrastructure: To host our services and store encrypted data
• Analytics Providers: To analyze app usage and improve performance
• Customer Support: To provide technical assistance and support

These service providers are contractually bound to protect your information and use it only for the specified purposes.

Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal processes, court orders, or government requests
• Protect our rights, property, or safety, or that of our users
• Investigate potential violations of our Terms of Use
• Prevent fraud, security breaches, or other illegal activities

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections outlined in this policy.

Aggregated Data

We may share anonymized, aggregated statistical information that does not identify individual users for research, marketing, or business purposes.

We implement comprehensive security measures to protect your personal information:

Encryption

• Data in Transit: All data transmissions use TLS 1.3 encryption
• Data at Rest: Stored data is encrypted using AES-256 encryption
• VPN Traffic: All VPN connections use military-grade encryption protocols
• Password Protection: Passwords are hashed using bcrypt with salt

Access Controls

• Multi-factor authentication for all administrative access
• Role-based access controls limiting data access to authorized personnel
• Regular access reviews and privilege audits
• Secure development practices and code reviews

Infrastructure Security

• SOC 2 Type II compliant cloud infrastructure
• Regular security assessments and penetration testing
• Intrusion detection and monitoring systems
• Automated backup and disaster recovery procedures

Privacy by Design

• Data minimization - we collect only necessary information
• Purpose limitation - data is used only for stated purposes
• Storage limitation - data is retained only as long as necessary
• Regular privacy impact assessments

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

Account Information

• Active Accounts: Retained while your account is active and for up to 90 days after cancellation
• Billing Information: Retained for 7 years for tax and accounting purposes
• Support Communications: Retained for 3 years for quality assurance and training

Security Data

• Threat Detection Logs: Retained for 1 year for security analysis
• VPN Connection Logs: No connection logs are retained (zero-log policy)
• Identity Monitoring Data: Retained while monitoring is active plus 30 days
• Usage Analytics: Anonymized data retained for 2 years

Legal Requirements

In some cases, we may be required to retain information for longer periods to comply with legal obligations, resolve disputes, or enforce our agreements. When legally required retention periods expire, we securely delete or anonymize the information.

Data Deletion

You can request deletion of your personal information at any time by contacting our support team. We will process deletion requests within 30 days, subject to legal retention requirements.

You have several rights regarding your personal information, depending on your location:

Universal Rights

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request a machine-readable copy of your data
• Objection: Object to certain processing of your information

Marketing Communications

• Opt-out of marketing emails using the unsubscribe link
• Adjust notification preferences in your account settings
• Contact support to modify communication preferences

Account Controls

• Update your profile information and preferences
• Enable or disable specific security features
• Download your data through the app settings
• Delete your account and associated data

Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in Section 13. We will respond to your request within 30 days and may require identity verification to protect your privacy.

We use cookies and similar tracking technologies to enhance your experience and improve our services:

Types of Cookies

• Essential Cookies: Required for basic app functionality and security
• Performance Cookies: Help us understand how users interact with our app
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Provide insights into usage patterns and performance

Third-Party Tracking

We may use third-party analytics services that employ cookies and similar technologies:

• Google Analytics: For app usage analysis (anonymized data only)
• Crash Reporting: To identify and fix technical issues
• Performance Monitoring: To optimize app speed and reliability

Managing Cookies

• Adjust cookie preferences in your device settings
• Disable analytics tracking in the app privacy settings
• Use browser settings to control web-based cookies
• Contact support for assistance with privacy controls

Our app may integrate with or link to third-party services. This Privacy Policy does not apply to third-party services, and we encourage you to review their privacy policies:

Payment Processors

• Apple App Store: For iOS subscription processing
• Google Play Store: For Android subscription processing
• Stripe: For direct payment processing and billing

Security Databases

• Threat Intelligence Feeds: For malware and phishing detection
• Breach Databases: For identity monitoring services
• Reputation Services: For website safety verification

Cloud Infrastructure

• Amazon Web Services: For secure cloud hosting and storage
• Content Delivery Networks: For fast and reliable app delivery
• Backup Services: For data protection and disaster recovery

We carefully vet all third-party services and require them to maintain appropriate security and privacy standards through contractual agreements.

Securio operates globally, and your information may be transferred to and processed in countries other than your own:

Data Processing Locations

• Primary Processing: United States (where our company is based)
• VPN Infrastructure: Multiple countries for optimal performance
• Backup Storage: Geographically distributed for redundancy
• Support Services: Various locations for 24/7 availability

Transfer Safeguards

When transferring personal information internationally, we implement appropriate safeguards:

• Standard Contractual Clauses: EU-approved data transfer agreements
• Adequacy Decisions: Transfers to countries with adequate protection
• Encryption: All transferred data is encrypted in transit and at rest
• Access Controls: Strict limitations on who can access transferred data

Regional Compliance

• GDPR: Full compliance for European Union users
• CCPA: California Consumer Privacy Act compliance
• PIPEDA: Personal Information Protection for Canadian users
• Local Laws: Compliance with applicable local privacy regulations

Protecting children's privacy is important to us. Our Services are not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13.

Age Restrictions

• Users must be at least 13 years old to create an account
• Users between 13-17 must have parental consent
• We may request age verification during registration
• Accounts found to belong to children under 13 will be terminated

Parental Rights

If you are a parent or guardian and believe your child has provided us with personal information:

• Contact us immediately to request account deletion
• We will delete the child's information within 30 days
• We will not use the child's information for any purpose
• We may require verification of your parental status

Educational Use

If our Services are used in an educational setting with children under 18:

• Schools must obtain appropriate parental consent
• We will only collect information necessary for educational purposes
• Parents retain the right to review and delete their child's information
• We comply with FERPA and other educational privacy laws

If you are a California resident, you have additional privacy rights under the California Consumer Privacy Act (CCPA):

Your CCPA Rights

• Right to Know: Request information about personal information collected, used, or shared
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: Equal service regardless of privacy choices

Categories of Information

In the past 12 months, we have collected the following categories of personal information:

• Identifiers: Email addresses, account usernames, device IDs
• Commercial Information: Subscription details, payment history
• Internet Activity: App usage, interaction data, log files
• Geolocation Data: Approximate location based on IP address

Business Purposes

We use personal information for these business purposes:

• Providing and maintaining our security services
• Processing payments and managing accounts
• Customer support and communication
• Security monitoring and threat detection
• Analytics and service improvement

Exercising CCPA Rights

To exercise your CCPA rights, contact us at privacy@securioapp.com or call +1 502-317 8556. We will verify your identity and process your request within 45 days.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

Notification of Changes

• Material Changes: We will notify you at least 30 days before changes take effect
• Notification Methods: Email, in-app notifications, or website announcements
• Continued Use: Using our Services after changes constitutes acceptance
• Objection Rights: You may delete your account if you disagree with changes

Version History

We maintain a record of significant privacy policy changes:

• Current version effective January 1, 2025
• Previous versions available upon request
• Change summaries provided with each update
• Legal basis documented for each modification

Regular Reviews

We conduct regular reviews of our privacy practices to ensure:

• Compliance with evolving privacy laws
• Alignment with industry best practices
• Effectiveness of our security measures
• Accuracy of our policy statements

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Response Times

• General Inquiries: 48 hours during business days
• Privacy Rights Requests: 30 days maximum
• Data Breach Reports: Immediate acknowledgment, full response within 72 hours
• CCPA Requests: 45 days maximum (may extend to 90 days for complex requests)

Regulatory Contacts

You also have the right to contact relevant data protection authorities:

• EU Users: Your local Data Protection Authority
• UK Users: Information Commissioner's Office (ICO)
• California Users: California Attorney General's Office
• Other Jurisdictions: Your local privacy regulator