Privacy Policy

1. Introduction

TitaniumVault ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our authentication and identity management services ("Service").

By using our Service, you consent to the data practices described in this policy. If you do not agree with the practices described in this Privacy Policy, please do not use our Service.

2. Information We Collect

Personal Information

We collect personal information that you voluntarily provide, including:

• Account Information: Email address, name, phone number, organization details
• Profile Data: Date of birth, address, country of residence
• Authentication Data: Passwords (encrypted), multi-factor authentication preferences
• Communication Data: Messages sent through our support channels
• Payment Information: Billing details processed through secure payment providers

Technical Information

We automatically collect certain technical information, including:

• Device Information: IP address, browser type, device identifiers
• Usage Data: Login times, feature usage, API calls, service interactions
• Security Information: Authentication attempts, security events, access logs
• Performance Data: Service response times, error logs, system performance metrics

Cookies and Tracking Technologies

We use cookies, session tokens, and similar technologies to maintain your authentication state, improve service performance, and enhance your user experience. You can manage cookie preferences through your browser settings.

3. How We Use Your Information

We use your personal information for the following purposes:

Service Provision

• Authenticate your identity and manage your account
• Provide single sign-on and multi-factor authentication services
• Process API requests and manage integrations
• Facilitate organization and user management features

Security and Fraud Prevention

• Monitor for suspicious activity and security threats
• Prevent unauthorized access and fraudulent activity
• Investigate security incidents and policy violations
• Maintain audit logs for compliance purposes

Service Improvement

• Analyze usage patterns to improve service performance
• Develop new features and functionality
• Conduct research and analytics
• Optimize user experience and interface design

Communication

• Send service-related notifications and updates
• Provide customer support and technical assistance
• Share security alerts and important announcements
• Send marketing communications (with your consent)

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

Service Providers

We may share information with trusted third-party service providers who assist us in operating our Service, such as:

• Cloud infrastructure and hosting providers
• Payment processing services
• Email and communication services
• Security and monitoring tools

Legal Requirements

We may disclose your information when required by law or in response to valid requests by public authorities, including:

• Compliance with legal obligations
• Protection of our rights and property
• Investigation of fraud or security issues
• Protection of user safety and public safety

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring organization. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

5. Data Security

We implement comprehensive security measures to protect your personal information:

• Encryption: Data is encrypted in transit using TLS and at rest using industry-standard encryption
• Access Controls: Strict access controls and authentication requirements for our systems
• Monitoring: Continuous monitoring for security threats and anomalous activity
• Compliance: Regular security audits and compliance assessments
• Incident Response: Established procedures for responding to security incidents

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information only as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy:

• Account Data: Retained while your account is active and for a reasonable period after closure
• Security Logs: Retained for up to 2 years for security monitoring and incident investigation
• Communication Records: Retained for up to 3 years for customer support purposes
• Payment Records: Retained as required by applicable financial regulations

When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.

7. International Data Transfers

Your personal information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

We ensure that such transfers are made in accordance with applicable data protection laws and implement appropriate safeguards, including:

• Standard contractual clauses approved by relevant authorities
• Adequacy decisions by data protection authorities
• Your explicit consent where required

8. Your Privacy Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

Access and Portability

• Request access to your personal information
• Receive a copy of your data in a structured, commonly used format
• Request transfer of your data to another service provider

Correction and Deletion

• Correct inaccurate or incomplete personal information
• Request deletion of your personal information (subject to legal obligations)
• Request restriction of processing in certain circumstances

Communication Preferences

• Opt out of marketing communications
• Object to processing for direct marketing purposes
• Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided in the Contact section below. We will respond to your request within the timeframe required by applicable law.

9. Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

10. Third-Party Services

Our Service may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.

When you use our Service to authenticate with third-party applications, we may share limited information as necessary to provide the authentication service, in accordance with OAuth and OpenID Connect protocols.

11. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

• The right to know what personal information is collected and how it is used
• The right to delete personal information (subject to certain exceptions)
• The right to opt-out of the sale of personal information (we do not sell personal information)
• The right to non-discrimination for exercising your privacy rights

12. GDPR Rights (European Users)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

• The right to access your personal data
• The right to rectification of inaccurate data
• The right to erasure ("right to be forgotten")
• The right to restrict processing
• The right to data portability
• The right to object to processing
• The right to withdraw consent
• The right to lodge a complaint with a supervisory authority

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

• Posting the updated Privacy Policy on our website
• Sending you an email notification
• Providing notice through our Service

Your continued use of our Service after the effective date of any changes constitutes acceptance of the updated Privacy Policy.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiries within 30 days or as required by applicable law.