Privacy Policy
Last updated: January 2025
1. Introduction
Control Zero (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
2. Information We Collect
Information You Provide
- Account information (email, name)
- API keys and secrets (encrypted)
- Configuration data (policies, environments)
Information Collected Automatically
- Usage data (API calls, request metadata)
- Log data (IP addresses, timestamps)
- Device information (browser type, OS)
3. How We Use Your Information
- To provide and maintain our services
- To process your requests and transactions
- To send you technical notices and support messages
- To detect, prevent, and address technical issues
- To improve our services
4. Data Security
We implement industry-standard security measures including:
- AES-256-GCM encryption for secrets at rest
- TLS 1.3 for data in transit
- Regular security audits and penetration testing
- Access controls and authentication
5. Data Retention
We retain your data for as long as your account is active or as needed to provide services. Audit logs are retained for 1 year by default. You can request data deletion at any time.
6. Your Rights
- Access your personal data
- Correct inaccurate data
- Delete your data
- Export your data
- Opt-out of marketing communications
7. Contact Us
If you have questions about this Privacy Policy, please contact us at: privacy@controlzero.dev