Privacy Policy
How Vigilante collects, processes, and protects data across our cyber defense platforms, SIEM/SOAR/EDR solutions, and security operations.
Last Updated: May 1, 2026
1. Scope
This Privacy Policy explains how Vigilante by Scalewidth collects, uses, discloses, and protects personal and security data when you use our cyber defense platforms, threat intelligence services, SOC operations, and related security products.
2. Information We Collect
Vigilante collects security telemetry data including network logs, endpoint events, threat indicators, and authentication metadata necessary for threat detection and response. Client data processed through our platforms is encrypted and isolated per-tenant. We collect only data essential for security operations.
Personal information is limited to account administration data (name, email, organization) and SOC communication records. Vigilante does not sell security telemetry or threat intelligence data.
3. How We Use Data
Security telemetry is used exclusively for: threat detection and automated response, security incident investigation, threat intelligence enrichment, platform performance optimization, and compliance reporting. Aggregated, anonymized threat data contributes to our global threat intelligence mesh.
6. Data Retention
Security logs retained per regulatory requirements (typically 12 months for standard, up to 7 years for compliance customers). Threat intelligence retained indefinitely in anonymized form. Personal data retained for account duration plus 30 days.
7. Your Rights
GDPR rights include access, rectification, erasure, portability, restriction, and objection. CCPA rights include knowledge, deletion, and opt-out. Submit requests via our Data Request Portal.
8. Security Measures
Vigilante employs AES-256-GCM encryption at rest, TLS 1.3 in transit, hardware security modules for cryptographic keys, 24/7 SOC monitoring, quarterly penetration testing, and annual SOC 2 Type II audits.