DefenScope
    HomeFeaturesProductsPricingBlogContact

    DEFENSCOPE PRIVACY POLICY

    Last updated: January 30, 2026

    This Privacy Policy explains how Defenscope LLC ("DefenScope", "we", "us", "our") collects, uses, discloses, and protects personal information in connection with the DefenScope website and our cloud security posture management platform, including the web application, dashboards, APIs, integrations, reports, and any endpoint agent or collector software we make available (collectively, the "Service").

    This Privacy Policy applies when we act as a data controller for personal information. When we process personal data on behalf of a business customer as part of delivering the Service, we act as a service provider or processor, and the customer is the controller. In those cases, the customer's instructions and applicable data processing terms govern.

    If you do not agree with this Privacy Policy, do not use the Service.

    1. COMPANY DETAILS AND CONTACT

    Defenscope LLC is a Wyoming limited liability company.

    Registered office address: 30 N Gould St, Ste R, Sheridan, WY 82801, USA.

    Privacy contact: privacy@defenscope.io General contact: info@defenscope.io Support: support@defenscope.io

    2. SCOPE AND ROLES

    2.1 When we are a controller.

    We are a controller for:

  1. account registration and user profile information;
  2. communications with you (support, sales, security, and administrative notices);
  3. marketing and product updates (subject to your choices);
  4. website analytics and cookies (where applicable);
  5. billing metadata we receive from our payment partners.

    6. 2.2 When we are a processor.

    For most Customer Data collected through the Service (endpoint and cloud posture telemetry and findings), we process personal data as a processor on behalf of the customer. The customer is responsible for providing notices and obtaining any required consents from employees, contractors, and other data subjects.

    3. INFORMATION WE COLLECT

    We collect information in three categories: (A) information you provide, (B) information collected automatically, and (C) information we receive from third parties.

    3.1 Information you provide.

  6. Account and identity information: name, business email, role, organization name, and authentication information.
  7. Support and communications: content of messages, tickets, and files you submit to us.
  8. Configuration information: settings you enter into the Service, including integration configuration.

    9. 3.2 Information collected automatically.

  9. Website and app usage: log data, event data, device and browser information, pages viewed, timestamps, and approximate location derived from IP address.
  10. Security and reliability: audit logs, authentication events, and anomaly signals used to protect accounts and prevent abuse.
  11. Cookies and similar technologies: we may use cookies and local storage to enable sign-in, maintain sessions, remember preferences, and measure usage.

    12. 3.3 Information we receive from customers and third parties.

  12. Customer Data: endpoint telemetry, asset inventory, installed software inventory, misconfiguration and vulnerability findings, and related metadata that customers choose to collect and send to the Service.
  13. Cloud providers: metadata and posture signals retrieved from connected cloud accounts (for example, configuration state and control results).
  14. Integrations: information provided by customer-enabled integrations (for example, ticket identifiers, status updates, SIEM forwarding confirmations).
  15. Payments: billing and transaction metadata from Paddle (and related payment networks) necessary to administer subscriptions and prevent fraud.

    16. 3.4 Types of personal data that may appear in Customer Data.

    Depending on customer configuration, Customer Data may include identifiers and metadata such as endpoint hostnames, device identifiers, IP addresses, user or account names on endpoints, email-like identifiers, directory paths, group or OU identifiers, and timestamps. Customers control what is collected and transmitted.

    4. HOW WE USE INFORMATION

    We use information for the following purposes:

    4.1 Provide and operate the Service.

  16. create and manage accounts;
  17. authenticate users and enforce access controls;
  18. process configuration and run posture assessments;
  19. generate dashboards, reports, exports, and API responses;
  20. enable integrations and data routing configured by customers.

    21. 4.2 Secure the Service.

  21. detect and prevent fraud, abuse, and unauthorized access;
  22. investigate security incidents and enforce acceptable use;
  23. maintain audit logs and reliability monitoring.

    24. 4.3 Support and communications.

  24. respond to support requests;
  25. send administrative messages (service notices, security alerts, policy updates);
  26. provide onboarding and product guidance.

    27. 4.4 Improve and develop the Service.

  27. analyze usage patterns and performance;
  28. debug, test, and improve features;
  29. develop new capabilities, including analytics and automation.

    30. 4.5 Billing and account administration.

  30. manage subscriptions and invoices;
  31. resolve payment issues and disputes;
  32. comply with tax, accounting, and legal obligations.

    33. 4.6 Marketing.

  33. send product updates, events, and offers where permitted by law and subject to your opt-out choices.

    34. 5. LEGAL BASES FOR PROCESSING

    Where required by applicable law, we rely on the following legal bases:

  34. Contract: to provide the Service and perform our agreement with the customer.
  35. Legitimate interests: to secure and improve the Service, prevent abuse, and operate our business.
  36. Consent: for certain marketing communications and certain cookies where required.
  37. Legal obligations: to comply with laws, regulations, and lawful requests.

    38. When we process Customer Data as a processor, the customer is responsible for identifying the appropriate legal bases for its processing.

    6. AI FEATURES

    The Service may provide AI-assisted features such as summarization of findings, remediation guidance, ticket drafts, and reporting narratives.

  38. AI outputs may be inaccurate or incomplete. Customers must validate outputs before acting.
  39. We may process Customer Data to provide AI functionality where enabled by the customer.
  40. We do not intentionally use Customer Data to train generalized public models without customer authorization.

    41. 7. HOW WE SHARE INFORMATION

    We do not sell personal information. We share information only as described below:

    7.1 Service providers and subprocessors.

    We use vendors to provide hosting, monitoring, analytics, customer support tooling, and infrastructure services. These vendors process information under contractual confidentiality and security obligations.

    7.2 Payment processing.

    Payments are processed through Paddle, which may act as merchant of record for certain transactions. Paddle and its payment partners process payment information under their own privacy practices and legal obligations. We receive limited billing metadata (for example, subscription status, transaction identifiers, and tax-related fields) to administer the account.

    7.3 Customer-enabled integrations.

    When a customer enables an integration, the Service will share Customer Data and Output with the third-party service as configured by the customer.

    7.4 Legal and safety.

    We may disclose information if required by law, subpoena, or court order, or if we believe disclosure is necessary to protect the rights, safety, and security of DefenScope, our customers, users, or the public.

    7.5 Business transfers.

    If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be disclosed as part of that transaction subject to appropriate safeguards.

    8. INTERNATIONAL DATA TRANSFERS

    The Service may be hosted in the United States and other locations where our service providers operate. If you access the Service from outside the United States, your information may be transferred and processed in jurisdictions that may have different data protection laws.

    Where required, we use appropriate safeguards for international transfers (for example, contractual protections and standard transfer mechanisms).

    9. DATA RETENTION

    We retain personal information for as long as necessary for the purposes described in this Privacy Policy, including to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, and maintain security.

  41. Account information is retained while the account is active and for a reasonable period thereafter.
  42. Security logs may be retained for longer periods where necessary for security and compliance.
  43. Customer Data retention is governed by our agreements with customers and applicable data processing terms.

    44. 10. SECURITY

    We maintain reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. These measures include access controls, encryption in transit, encryption at rest where appropriate, and monitoring for suspicious activity.

    No method of transmission or storage is completely secure. You are responsible for maintaining the confidentiality of your credentials and for using strong authentication.

    11. YOUR RIGHTS AND CHOICES

    11.1 Account information.

    You can access and update certain account information through the Service or by contacting us.

    11.2 Marketing.

    You can opt out of marketing emails by using the unsubscribe link in those emails or by contacting us. Administrative messages are not marketing and may continue.

    11.3 Cookies.

    You can control cookies through your browser settings. Disabling certain cookies may limit Service functionality.

    11.4 Data subject requests.

  44. If you are an end user whose data is processed through a business customer account, direct your request to the customer, as the customer controls Customer Data.
  45. If you are a customer administrator or a direct user of the Service, you may contact us to request access, correction, deletion, or other rights that apply under applicable law.

    46. We may need to verify your identity and may deny requests where permitted by law (for example, when necessary to comply with legal obligations or protect security).

    12. CHILDREN

    The Service is not directed to children and is intended for business and professional use. We do not knowingly collect personal information from children under 13.

    13. THIRD-PARTY LINKS

    The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of third parties. Review their policies before providing information.

    14. CHANGES TO THIS PRIVACY POLICY

    We may update this Privacy Policy from time to time. If changes materially affect your rights, we will provide reasonable notice, for example by posting within the Service or by email. The "Last updated" date reflects the effective date.

    15. CONTACT

    If you have questions about this Privacy Policy or our privacy practices, contact:

    Defenscope LLC 30 N Gould St, Ste R, Sheridan, WY 82801, USA Email: privacy@defenscope.io

    DefenScope

    Unified security posture for endpoints and cloud.

    Transforming security posture across cloud and endpoints with continuous attack surface scanning, risk-based remediation, and audit-ready reporting.

    Navigation

    • Overview
    • Platform
    • Integrations
    • Pricing
    • Contact
    • Blog

    Contact

    • info@defenscope.ioGeneral inquiries
    • sales@defenscope.ioSales and partnerships
    • support@defenscope.ioTechnical support
    • security@defenscope.ioSecurity issues

    Security & Compliance

    Aligned with ISO 27001 controls
    SOC 2 controls aligned
    GDPR-ready data handling

    © 2026 DefenScope. All rights reserved.

    Privacy PolicyTerms of Service