Legal

Privacy Policy

Effective Date: February 28, 2026 · Last Updated: February 28, 2026

Hudson InfoSec ("Company," "we," "us," or "our") operates the hudsoninfosec.com website and the Ayewo and HSEC Sentinel platforms (collectively, the "Services"). This Privacy Policy describes how we collect, use, disclose, and protect information obtained from users of our Services.

By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our Services.

1. Information We Collect

1.1 Information You Provide

Account Information: Name, email address, company name, billing address, and payment details when you register or purchase a subscription.
Service Data: Security events, log data, scan results, vulnerability reports, network configurations, and any other data you submit to or generate through our platforms.
Communications: Messages, support tickets, feedback, and correspondence you send to us.
Contact Form Submissions: Name, email, and message content submitted through our website.

1.2 Information Collected Automatically

Usage Data: Pages visited, features used, session duration, and interaction patterns within our platforms.
Device and Connection Information: IP address, browser type, operating system, device identifiers, and referring URLs.
Cookies and Similar Technologies: We use cookies, local storage, and similar technologies to maintain sessions, remember preferences, and analyze usage. You may control cookie settings through your browser.

1.3 Information from Third Parties

We may receive information from payment processors, identity verification services, or business partners in connection with your use of our Services.

2. How We Use Your Information

We use all information collected through or submitted to our Services for the following purposes:

2.1 Service Delivery and Operations

Providing, maintaining, and improving the Ayewo and HSEC Sentinel platforms.
Processing transactions and managing your account.
Delivering scan results, security reports, and alerts.
Providing customer support and responding to inquiries.

2.2 Model Training and Product Improvement

You acknowledge and agree that all data entered into, processed by, or generated through our Services — including but not limited to security events, scan data, vulnerability reports, log data, network telemetry, and any other information submitted to our platforms — may be used by Hudson InfoSec to train, develop, improve, and refine machine learning models, artificial intelligence systems, and analytical tools. This use enables us to enhance threat detection, improve vulnerability assessment accuracy, develop new security capabilities, and advance the overall quality of our Services.

2.3 Internal Business Operations

We may use your information for:

Support staff operations: Enabling our support and engineering teams to diagnose issues, troubleshoot problems, and deliver effective customer assistance.
Analytics and research: Conducting internal analytics, security research, and product development.
Quality assurance: Monitoring and improving the performance, reliability, and security of our Services.
Business planning: Informing product strategy, capacity planning, and operational decisions.

2.4 Legal and Compliance

Complying with applicable laws, regulations, and legal processes.
Enforcing our Terms of Service and other agreements.
Protecting the rights, safety, and property of Hudson InfoSec, our users, and the public.

2.5 Communications

Sending transactional messages related to your account and Services.
Providing product updates, security advisories, and service announcements.
With your consent, sending marketing and promotional communications.

3. Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

Service Providers: With third-party vendors who perform services on our behalf (e.g., payment processing, cloud hosting, analytics), subject to confidentiality obligations.
Legal Requirements: When required by law, subpoena, court order, or governmental request.
Protection of Rights: When we believe disclosure is necessary to protect our rights, enforce our agreements, or ensure the safety of our users or the public.
Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, in which case your information may be transferred to the successor entity.
Aggregated or De-identified Data: We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you for any purpose, including industry research, benchmarking, and public reporting.

4. Data Retention

We retain your information for as long as your account is active or as needed to provide our Services. We may also retain information as necessary to comply with legal obligations, resolve disputes, enforce agreements, and support legitimate business operations including model training and product improvement.

When data is no longer required for any of the purposes described in this Privacy Policy, we will delete or de-identify it in accordance with our data retention procedures.

5. Data Security

We implement industry-standard technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, access controls, regular security assessments, and infrastructure monitoring.

However, no method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee its absolute security.

6. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of the personal information we hold about you.
Correction: Request correction of inaccurate or incomplete information.
Deletion: Request deletion of your personal information, subject to legal and contractual retention requirements.
Opt-Out of Marketing: Unsubscribe from promotional communications at any time using the link provided in our emails.
Data Portability: Request your data in a structured, machine-readable format where technically feasible.

To exercise any of these rights, contact us at privacy@hudsoninfosec.com. We will respond within 30 days of receiving your request.

Note: Exercising certain rights (such as deletion) may limit your ability to use our Services. Deletion requests do not apply to data that has already been incorporated into aggregated datasets, trained models, or de-identified analytical outputs.

7. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

8. Third-Party Links

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any information.

9. International Users

Our Services are operated from the United States. If you access our Services from outside the United States, your information will be transferred to and processed in the United States. By using our Services, you consent to this transfer and processing.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Your continued use of our Services after any changes constitutes acceptance of the revised Privacy Policy.

We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Hudson InfoSec

Hudson Valley, New York, U.S.A.

Email: privacy@hudsoninfosec.com

Website: hudsoninfosec.com