AuthSecAuthSec
Sign Up

Privacy Policy

How AuthSec collects, uses, and protects your data

Effective date: Sep 1, 2025

1. Introduction

At AuthSec, data privacy is important to us. This AuthSec Privacy Policy ("Privacy Policy") details our privacy practices for the activities described in this Privacy Policy. Please take the time to read this Privacy Policy carefully in order to understand how we collect, share, and otherwise process information relating to individuals ("Personal Data"), and to learn about your rights and choices regarding our processing of your Personal Data.

If you are a California resident, please review the section of this Privacy policy for California Residents section. In this Privacy Policy, "AuthSec," "we," "our," and "us" each mean AuthSec, Inc. and the applicable AuthSec affiliate(s) involved in the processing activity.

2. AuthSec's Roles & Responsibilities

AuthSec is the controller of your Personal Data, as described in this Privacy Policy, unless otherwise stated. Please note that this Privacy Policy does not apply to the extent that we process Personal Data in the role of a processor (or a comparable role such as a "service provider" in certain jurisdictions) on behalf of our customers.

Each of our customers, not AuthSec, controls whether they provide you with an account or other access to the AuthSec identity cloud service through their subscription. Use of this content by AuthSec is governed by agreements between AuthSec and the Customer.

For detailed privacy information applicable to situations where an AuthSec customer who uses AuthSec's cloud products and services is the controller, please reach out to the respective customer directly. We are not responsible for the privacy or data security practices of our customers, which may differ from those set forth in this Privacy Policy.

3. Personal Data We Collect and Data Sources

Information You Provide to Us

Contact and Professional Data

We collect contact and/or professional data about you through communications and our websites. This typically includes your name, contact methods (telephone, email, mailing address), organization details, job title, and industry.

Administrator Data

When you sign up for an AuthSec account or service, we collect Administrator Data including your name, email, phone number, billing information, business contact information, credentials, and subscription configurations.

Consumer Products

If you use AuthSec Consumer Products, we may receive contact information, multi-factor authentication details, content you upload, and information regarding websites and applications you use for authentication.

Device Data, Usage Data, and Metadata

Like most websites and applications, AuthSec collects certain Personal Data when you access and use our services. This includes:

  • Ancillary Data: Application and device information for security and service improvement
  • Diagnostic Data: Performance data from on-premise software installations
  • Metadata & Cookies: Technical data about website performance and user behavior

4. How We Use Personal Data

Communication & Service Delivery

We use your Personal Data to send transactional communications, security alerts, administrative messages, and to respond to your questions. We provide tailored communications based on your activity and help you use our products effectively.

Marketing Our Products and Services

We use your data to send promotional communications that may interest you, including emails and display advertising on third-party platforms. These communications encourage engagement with our products and services, including information about new features, surveys, and events.

Legal Bases for Processing (UK/EEA)

If you are in the UK or EEA, we process your information only where we have a legal basis:

  • To operate and provide our services and protect their safety and security
  • For legitimate interests (research, development, marketing)
  • With your consent for a specific purpose
  • To comply with legal obligations

5. AuthSec's Security Posture & Measures

Security is a critical priority for AuthSec. We maintain a comprehensive, written information security program that contains industry-standard administrative, technical, and physical safeguards designed to prevent loss, theft, and unauthorized access to Personal Data.

Our Security Stack: OAuth 2.1, mTLS, SPIFFE, Zero-trust architecture

However, no security system is perfect. You are responsible for protecting your passwords and authentication factors, as well as maintaining the security of your devices.

6. Your Information Choices & Privacy Rights

Your Privacy Choices

You can decline cookies on our website and opt out of email marketing campaigns by clicking the unsubscribe link.

Your Privacy Rights

Depending on your jurisdiction, you may have the following rights:

  • Right to Access: Access your Personal Data held by us
  • Right to Rectification: Correct inaccurate Personal Data
  • Right to Erasure: Request deletion of your Personal Data
  • Right to Restrict Processing: Limit how we process your data
  • Right to Data Portability: Transfer your data when possible
  • Right to Object: Object to processing based on legitimate interests
  • Right to Opt Out of Sale: Opt out of sharing for targeted advertising
  • Right to Non-Discrimination: Exercise rights without discriminatory treatment

7. California Residents Privacy Rights

Under the California Consumer Privacy Act (CCPA), California residents have specific rights regarding their Personal Data:

  • Right to Know: What Personal Data we collect, use, disclose, and sell
  • Right to Delete: Request deletion of your Personal Data
  • Right to Opt-Out: Opt out of the sale or sharing of Personal Data
  • Right to Limit Use: Limit use and disclosure of Sensitive Personal Data
  • Right to Correct: Request correction of inaccurate Personal Data
  • Right to Non-Discrimination: No discriminatory treatment for exercising rights

You may opt out by clicking the "Your Privacy Choices" link at the bottom of our website or by using the Global Privacy Control (GPC) signal.

8. How to Contact AuthSec

If you have questions or concerns about our privacy policies and practices, please contact us:

AuthSec Inc

16668 Winchester Club Dr
Meadow Vista, CA 95722

Phone: 408-368-3404
Email: support@authsec.dev

9. Changes to This Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in our practices, technologies, and legal requirements. If we make updates, we will update the "effective date" at the top of this page. For materially significant updates, we may provide advance notice through a conspicuous website notice or by contacting you via email.