How we collect, use, and protect your information.
Last updated: January 15, 2025
We collect information you provide directly (name, email, company, role, phone, job title), information from your use of the Service (log data, usage analytics, feature interaction), and information from integrations you configure (security tool data, compliance scan results, system signals).
We use collected information to: provide, maintain, and improve the Service; generate evidence records and accountability reports; send you service-related communications; respond to support requests; and comply with legal obligations.
We do not sell your personal information. We may share data with: service providers who assist in operating the Service (under strict data processing agreements); legal authorities when required by law; and affiliated entities for the purposes described in this policy.
We implement industry-standard security measures including encryption in transit and at rest, access controls, regular security audits, and time-stamped, immutable audit trails for all evidence records.
EDD-i supports regional data residency requirements. Organizations requiring in-country data processing can deploy on dedicated infrastructure within their jurisdiction — critical for our engagements in jurisdictions including the USA, Chile, Ghana, Zambia, and Nigeria.
We retain Customer Data and evidence records for the duration of your subscription plus 90 days for export purposes. Account information is retained for 7 years for legal and compliance purposes.
Depending on your jurisdiction, you may have the right to: access your personal data; correct inaccurate data; request deletion; restrict processing; data portability; and withdraw consent. To exercise these rights, contact EDD-i@EDD-i.com.
We may update this policy periodically. We will notify you of material changes via email or through the Service.
For privacy inquiries: EDD-i@EDD-i.com. EDD-i Technologies Inc., Johns Creek, GA 30022. Phone: 404-706-4854.