Privacy Policy

We use your information for the following purposes:

• To provide and maintain our security services
• To detect and prevent security threats
• To improve and personalize your experience
• To comply with legal obligations
• To analyze and enhance our security products
• To communicate with you about service updates

All data processing is conducted lawfully and in accordance with applicable data protection regulations.

We retain your personal data for up to one year from the last date of service usage. The retention period may be extended if:

• Required by regulatory obligations
• Necessary for ongoing security investigations
• Required for legitimate business purposes
• Preserved in Glacier vaults at your direction

You may request deletion of your data by contacting legal@sequenxa.com. We will process your request within 30 days, subject to legal and essential business retention requirements.

Product-Specific Retention

• Origin: Verification records retained for duration of service agreement plus 7 years for compliance purposes.
• Tundra: Behavioral baseline data retained for active session monitoring. Historical behavioral data archived after 2 years.
• Glacier: Evidence preserved indefinitely unless you request deletion. Blockchain notarization records (cryptographic hashes only) are immutable and cannot be deleted.
• Faultline: Monitoring and alert data retained for 2 years.

We implement robust security measures to protect your data:

• End-to-end encryption for data in transit
• AES-256 encryption for data at rest
• Advanced access control systems
• Regular security audits and assessments
• Employee training on data protection
• Physical and technical safeguards
• 24/7 security monitoring

Zero-Knowledge Architecture (Glacier)

Sequenxa Glacier employs zero-knowledge encryption. Your encryption keys are never stored on our servers. We cannot access the contents of your encrypted evidence. If you lose your encryption keys, we cannot recover your data.

Behavioral Data Protection (Tundra)

All behavioral data is hashed and anonymized. We store keystroke timing patterns only—never keystroke content. Behavioral baselines are encrypted with per-organization keys.

While we employ the highest security standards, no system is completely immune to security risks. We continually update our security measures to address emerging threats.

You have the following rights regarding your personal data:

• Right to access your personal data — Request a copy of all data we hold about you
• Right to correct inaccurate data — Update or correct any inaccurate information
• Right to request data deletion — Request erasure of your personal data
• Right to restrict processing — Limit how we process your data
• Right to data portability — Receive your data in a structured, machine-readable format
• Right to object to processing — Object to certain types of data processing

To exercise these rights, please contact us at legal@sequenxa.com. We will respond to your request within 30 days.

Glacier-Specific Rights

While Glacier provides immutable evidence preservation, you maintain full control:

• You can delete vaults and evidence at any time
• Blockchain records contain only cryptographic hashes, not file contents
• Deleted files cannot be reconstructed from blockchain records
• Data subject access requests are supported through platform controls

We work with trusted third-party service providers to deliver our services. These providers fall into the following categories:

• Enterprise authentication and single sign-on providers
• Identity verification and document validation services
• Cloud infrastructure and secure object storage providers
• Database and application hosting services
• Blockchain networks for cryptographic notarization
• Email and SMS communication services

All third-party providers are contractually obligated to protect your data and comply with applicable data protection laws. We conduct security assessments of our vendors and maintain data processing agreements with all providers who handle personal data.

Your data may be transferred to and processed in locations other than your own. We ensure appropriate safeguards are in place through:

• Standard Contractual Clauses
• Data processing agreements
• Privacy Shield certification (where applicable)
• Regional data storage options

All international transfers comply with applicable data protection laws and maintain the same level of security protection as domestic processing.

Data Residency (Glacier)

Sequenxa Glacier allows you to specify geographic storage locations during vault creation. We support data residency in multiple regions to meet your compliance requirements.

We use essential cookies and similar technologies to:

• Maintain your session and authentication state
• Remember your preferences and settings
• Analyze service usage and performance
• Enhance security through device recognition

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect service functionality.

Sequenxa services are designed for business use and are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a minor, please contact us immediately at legal@sequenxa.com.

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes through:

• Email notifications
• Website announcements
• In-app notifications

Your continued use of our services after such changes constitutes acceptance of the updated Privacy Policy.

For privacy-related inquiries or to exercise your data rights:

Email: legal@sequenxa.com

We aim to respond to all inquiries within 30 days.