Privacy Policy

This Privacy Policy describes how FortWatch.ai Technologies LLC ("FortWatch", "we", "us", or "our") collects, uses, and protects your information when you visit our website at fortwatch.ai, use our platform at app.fortwatch.ai, or interact with any of our services (collectively, the "Services").

We are committed to protecting your privacy and being transparent about how we handle your data. FortWatch.ai is a security platform — we take data protection seriously.

1. Information We Collect

2. How We Use Your Information

We use the information we collect to:

• Provide the Services — Run scans, generate reports, deliver alerts, and maintain your dashboard
• Process payments — Handle billing, invoicing, and subscription management
• Communicate with you — Send scan alerts, security notifications, account updates, and support responses
• Improve the Services — Analyze usage patterns to improve features, fix bugs, and optimize performance
• Ensure security — Detect and prevent fraud, abuse, and unauthorized access
• Comply with legal obligations — Meet applicable legal, regulatory, and compliance requirements

We do not sell your personal information. We do not use your data for advertising. We do not share scan results or security data with third parties.

3. Cookies and Tracking

We use cookies and similar technologies for:

• Essential cookies — Required for authentication, session management, and core platform functionality
• Analytics cookies — Help us understand how visitors use our website (via Google Analytics or similar services)
• Preference cookies — Remember your settings like theme preferences and dashboard layout

You can control cookie preferences through your browser settings. Disabling essential cookies may prevent the platform from functioning properly.

4. Third-Party Services

We use a limited number of trusted third-party services to operate the platform:

• Payment processing — Stripe processes payments on our behalf. Your payment details are handled directly by Stripe under their privacy policy.
• Email delivery — Transactional emails (alerts, confirmations) are sent through a third-party email service.
• Analytics — We use analytics services to understand website traffic and usage patterns.
• Infrastructure — Our platform runs on cloud infrastructure with industry-standard security controls.

We only share the minimum information necessary for these services to function. We do not share your scan results, security data, or asset information with any third party.

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS) and at rest
• Access controls and authentication for all internal systems
• Regular security assessments of our own infrastructure
• Secure coding practices and code review processes
• Incident response procedures for potential data breaches

While we take reasonable steps to protect your information, no method of transmission or storage is 100% secure. If you discover a security vulnerability in our Services, please report it to security@fortwatch.ai.

6. Data Retention

We retain your data as follows:

• Account data — Retained for as long as your account is active, plus 30 days after deletion to allow recovery
• Scan results — Retained according to your subscription plan's history limits. Historical scan data helps you track security improvements over time.
• Billing records — Retained for 7 years as required by applicable tax and accounting regulations
• Server logs — Automatically purged after 90 days

You may request deletion of your data at any time by contacting support@fortwatch.ai or through your account settings.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access — Request a copy of the personal data we hold about you
• Correction — Request correction of inaccurate or incomplete data
• Deletion — Request deletion of your personal data
• Portability — Request your data in a structured, machine-readable format
• Objection — Object to processing of your data for certain purposes
• Withdrawal of consent — Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at privacy@fortwatch.ai. We will respond within 30 days.

For GDPR-specific rights and information, please see our GDPR compliance page.

8. International Data Transfers

Our Services are hosted in the United States. If you access the Services from outside the United States, your information may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.

9. Children's Privacy

The Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@fortwatch.ai.

10. Do Not Track

Some browsers transmit "Do Not Track" signals. We currently do not respond to Do Not Track signals, as there is no industry-standard interpretation of these signals for online services. We will update this policy if a standard is established.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting a notice on our website or sending an email to your registered address. Your continued use of the Services after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us:

• Privacy inquiries: privacy@fortwatch.ai
• General support: support@fortwatch.ai
• Security issues: security@fortwatch.ai
• Website: fortwatch.ai/contact