Privacy Policy

Effective Date: Jul 11, 2025
Vigile ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By accessing or using our Service, you signify your acceptance of this Privacy Policy. If you do not agree with the terms of this policy, please do not use the Service.

• "Personal Information" means any information that identifies or can be used to identify an individual, such as name, email address, and IP address.
• "Service" refers to the Vigile platform, including its website, applications, APIs, and all related services that provide access to Breach Intelligence Data.
• "Usage Data" means data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit, IP address, or browser type).
• "User" or "you" refers to the individual or entity that registers for and uses our Service.

We collect information that is necessary to provide, maintain, and improve our Service. This includes:
• Information You Provide to Us: When you register for an account, we collect Personal Information such as your full name, email address, and company name. We also collect the domain names you provide for verification.
• Information We Collect Automatically (Usage Data): When you access the Service, we may automatically collect certain information, including your IP address, browser type, operating system, access times, and pages you have viewed directly before and after accessing the Service.

We only collect and process your Personal Information where we have a lawful basis to do so under applicable law. Our lawful bases include:
• Consent: Where you have given us explicit consent to process your information for a specific purpose.
• Contractual Necessity: Where processing is necessary for the performance of a contract with you (i.e., to provide the Service you have subscribed to).
• Legitimate Interests: Where processing is necessary for our legitimate interests, such as for security purposes, fraud prevention, and service improvement, provided these interests do not override your fundamental rights and freedoms.

We use the information we collect for various purposes, including:
• To provide, operate, and maintain our Service.
• To manage your account, verify domain ownership, and provide customer support.
• To communicate with you, including sending technical notices, updates, security alerts, and administrative messages.
• To monitor and analyze trends, usage, and activities in connection with our Service for improvement.
• To detect, investigate, and prevent fraudulent transactions and other illegal activities, and to protect the rights and property of Vigile and others.
• To comply with legal and regulatory obligations.

The breach intelligence and malware log data displayed on our platform are obtained from credible third-party aggregators and open-source intelligence repositories. We do not independently generate or validate the integrity or completeness of these external datasets. Our role is strictly limited to aggregating, organizing, and displaying this data to verified users for internal cybersecurity analysis.

We do not sell your Personal Information. We may share your information in the following limited circumstances:
• With Service Providers: We may share your information with third-party vendors and service providers who perform services for us (e.g., hosting, payment processing, email delivery) under strict confidentiality agreements.
• For Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
• To Comply with Laws: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.
• To Protect Our Rights: We may disclose information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, or illegal activities.

We implement industry-standard administrative, technical, and physical security measures to protect your Personal Information. This includes encryption, access controls, and regular security monitoring. However, please be aware that no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. You are responsible for securing your account credentials.

Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

We retain your Personal Information only for as long as is necessary to provide the Service to you and to fulfill the purposes outlined in this policy. We will also retain information as required to comply with our legal obligations, resolve disputes, and enforce our agreements. Once no longer needed, data will be securely deleted or anonymized.

Depending on your location, you may have the following rights regarding your Personal Information:
• The right to access – You have the right to request copies of your personal data.
• The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
To exercise these rights, please contact us at the email address provided below.

Our Service is not intended for use by anyone under the age of 18. We do not knowingly collect personally identifiable information from children under 18. If you become aware that a child has provided us with Personal Information, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the 'Effective Date' at the top. We may also notify you via email or a prominent notice on our Service. You are advised to review this Privacy Policy periodically for any changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us at: [email protected]