Privacy Policy

1. Introduction

Panops ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our intelligence platform and related services. Please read this policy carefully. By using the Service, you consent to the practices described herein.

2. Information We Collect

Account Information: When you register, we collect your name, email address, organization name (if provided), and intended use description.

Usage Data: We automatically collect information about how you interact with the Service, including queries performed, features used, timestamps, and session duration.

Technical Data: We collect IP addresses, browser type, operating system, device information, and referring URLs for security and analytics purposes.

Payment Information: Payment processing is handled by third-party processors. We do not store full credit card numbers or financial account details on our servers.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process transactions and send related information
• Send administrative notifications, security alerts, and support messages
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues and security threats
• Enforce our Terms of Service and Acceptable Use Policy
• Comply with legal obligations and respond to lawful requests

4. Zero-Knowledge Architecture

Panops employs a zero-knowledge architecture for user investigations. Your search queries and investigation results are encrypted end-to-end. Our infrastructure operators cannot access the content of your queries or results. Investigation data is stored in encrypted form and can only be decrypted with your account credentials.

5. Data Retention

We retain your account information for as long as your account is active or as needed to provide the Service. Usage logs are retained for 90 days for security purposes. Audit trails required for compliance are retained for one year. You may request deletion of your account and associated data at any time, subject to legal retention requirements.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:

• Service Providers: With trusted third-party vendors who assist in operating the Service, subject to confidentiality agreements
• Legal Requirements: When required by law, subpoena, court order, or governmental regulation
• Safety: When necessary to protect the safety, rights, or property of Panops, our users, or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice

7. Data Security

We implement industry-standard security measures to protect your information, including encryption at rest and in transit (TLS 1.3), regular security audits, access controls, and intrusion detection systems. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate personal data
• Deletion: Request deletion of your personal data
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to processing of your personal data for certain purposes
• Restriction: Request restriction of processing of your personal data

To exercise any of these rights, contact us at privacy@panops.org.

9. Cookies and Tracking

We use essential cookies required for the Service to function, including session management and security tokens. We do not use third-party advertising cookies or cross-site tracking technologies. Analytics data is collected first-party only and is not shared with external analytics providers.

10. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your jurisdiction. We ensure appropriate safeguards are in place for international data transfers, including standard contractual clauses where applicable.

11. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child, we will take steps to delete that information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Material changes will be communicated via email or through the Service interface at least 30 days before taking effect.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at privacy@panops.org.