BMK CyberSecurity, s.r.o. Privacy Policy

1. Introduction

Welcome to Algiz ("we," "us," or "our"), a product of BMK Cybersecurity. We are committed to protecting the privacy of our customers ("you," "your," "organization"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our data security and cataloging services (the "Service").

This policy applies to the information we process as a data controller (e.g., information you provide when creating an account) and the data we process on your behalf as a data processor when you use our Service to scan and manage your organization's data.

By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect several different types of information for various purposes to provide and improve our Service to you.

a. Information You Provide to Us

Account and Registration Information: When you create an account, we collect information such as your name, your company's name, email address, phone number, and password.

Payment Information: To process payments, we work with third-party payment processors. We do not store full credit card numbers, but we may collect transaction details and billing information.

Communications: If you contact us directly for support or other inquiries, we may receive additional information about you, such as the contents of your message and any attachments you may provide.

b. Information We Collect Automatically

Usage Data: We automatically collect information about how you interact with our Service. This may include your IP address, browser type, operating system, pages viewed, features used, and the dates and times of your visits.

Log Data: Our servers automatically record information ("Log Data") created by your use of the Service. Log Data may include information such as your IP address, device information, and the date and time of requests.

Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our Service and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

c. Information We Process on Your Behalf (as a Data Processor)

Customer Data: Our core service involves integrating with your third-party cloud storage providers (e.g., Google Drive, Amazon S3). When you connect these services to Algiz, you grant us permission to scan and analyze the content, metadata, and files stored within them ("Customer Data"). This may include sensitive information and personal data belonging to your customers, employees, or other individuals.

Data Catalog Information: Our Service generates a data catalog based on the Customer Data we scan. This catalog includes information about the types of data you hold and how it is shared.

We process Customer Data solely to provide the Service to you and in accordance with your instructions. You remain the data controller of your Customer Data.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To Provide and Maintain the Service: To operate our platform, authenticate users, process transactions, and provide core functionalities like continuous scanning, data cataloging, alerting, and custom detection.
• To Improve and Personalize the Service: To understand how our users interact with the Service, develop new features, and enhance user experience.
• For Security and Compliance: To monitor for security threats, prevent fraud, enforce our terms of service, and comply with legal obligations.
• To Communicate With You: To provide customer support, send administrative information (such as security alerts or updates to our policies), and respond to your inquiries.
• For Marketing Purposes: To send you information about new features, promotions, and events, where permitted by law. You will have the option to opt out of marketing communications at any time.

4. How We Share and Disclose Information

We do not sell your personal information or your Customer Data. We may share information under the following limited circumstances:

• Service Providers (Sub-processors): We may share information with third-party vendors and service providers who perform services on our behalf, such as cloud hosting, payment processing, and analytics. These providers are contractually obligated to protect your data and are restricted from using it for any other purpose.
• Legal Compliance and Protection: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, prevent fraud, or protect the personal safety of users or the public.
• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.
• With Your Consent: We may share your information with third parties when we have your explicit consent to do so. For example, configuring an alert to be sent to a third-party service like Slack.

5. Data Security

We implement and maintain reasonable administrative, technical, and physical security measures to protect the information we process from unauthorized access, destruction, use, modification, or disclosure. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

6. Data Retention

We will retain your personal information for as long as is necessary for the purposes set out in this Privacy Policy, or as needed to provide you with the Service. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Customer Data that we process on your behalf is retained according to the terms of our agreement with you. Upon termination of your account, we will delete your Customer Data in accordance with the procedures outlined in our terms of service.

7. Your Data Protection Rights

Depending on your location, you may have certain rights regarding your personal information, including:

• The right to access, update, or delete the information we have on you.
• The right of rectification.
• The right to object to processing.
• The right of restriction.
• The right to data portability.
• The right to withdraw consent.

To exercise any of these rights, please contact us using the contact details provided below.

8. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

9. Children's Privacy

Our Service is not intended for use by anyone under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us: