Privacy Policy

1. Who we are. Vigil360, Inc. operates the Vigil360 AI governance platform.

2. What we collect. When you sign up: email, name, company information you provide. From your usage: audit events related to AI tool detection and policy enforcement within your tenant. We do not sell personal data.

3. How we use it. To deliver the service, prevent abuse, improve detection, and meet legal obligations.

4. Data residency. Customer data is stored in the region you select at signup (US, EU, UK on Enterprise). Defaults to US.

5. Subprocessors. Supabase (database, auth — US), Netlify (hosting — US). We maintain a current list on request.

6. Your rights. Access, correction, deletion, portability per GDPR, CCPA, AB-1008. Email privacy@vigil360.ai.

7. Security. SOC 2 Type II in progress (target Q3 2026). Encryption in transit and at rest. Customer-managed keys on Enterprise.

8. Contact. Privacy issues: privacy@vigil360.ai. Security disclosures: security@vigil360.ai.