Privacy

Privacy Policy

Last updated: November, 2025

1. Introduction

TigerGate ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security and compliance platform.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Company name and size
  • Account credentials (encrypted)
  • Billing information (processed by third-party payment providers)

2.2 Security Event Metadata

Our eBPF agent collects metadata about security events, including:

  • Process names and execution paths
  • File paths (not file contents)
  • Network connection metadata (IPs, ports, protocols)
  • User IDs and timestamps
  • System calls and kernel events

Important: TigerGate never collects application data, file contents, or personally identifiable information (PII) from your runtime environments.

2.3 Code Scanning Data

When you use our code scanning features, we collect:

  • Repository URLs and metadata
  • Vulnerability findings and security issues
  • Dependencies and package information
  • Code scanning results (not source code itself)

2.4 Usage Data

We automatically collect:

  • IP addresses and browser information
  • Pages visited and features used
  • Error logs and performance data
  • API usage statistics

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain our security services
  • Detect and respond to security threats
  • Generate compliance reports and evidence
  • Improve our platform and develop new features
  • Send you security alerts and product updates
  • Process billing and payments
  • Provide customer support
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

  • Compliance Partners: Vanta, Drata, Secureframe (only with your explicit consent)
  • Service Providers: Cloud hosting (AWS, GCP), payment processing (Stripe), analytics
  • Legal Requirements: When required by law or to protect our legal rights
  • Business Transfers: In connection with mergers or acquisitions

5. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption at rest (AES-256) and in transit (TLS 1.3)
  • Regular security audits and penetration testing
  • SOC 2 Type II certified infrastructure
  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • Automated vulnerability scanning

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Security event data is retained for:

  • Hot storage: 90 days (fast access for analysis)
  • Cold storage: Up to 7 years (compliance requirements)
  • You can request data deletion at any time via your account settings

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Withdrawal of Consent: Withdraw consent at any time

To exercise these rights, email us at [email protected].

8. Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your session and preferences
  • Analyze platform usage with analytics tools
  • Improve security and prevent fraud

You can control cookies through your browser settings.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for transfers outside the EEA.

10. Children's Privacy

TigerGate is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the platform. Your continued use of TigerGate after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, please contact:

Email: [email protected]

Data Protection Officer: [email protected]

Website: https://tigergate.io