πŸ”Privacy & Compliance

ProtectAI explains exactly what data is collected, why it's needed, and how it's kept secure. No personal data is stored unless absolutely required. Compliance with global privacy laws is baked into the system design.

1. Data Encryption All data is encrypted using industry standards:

  • At rest: AES-256 encryption for all logs, threat reports, and metadata stored in databases or cloud storage.

  • In transit: TLS 1.3 encryption for API traffic, web interfaces, and external service communication.

Access to encrypted data is restricted by IAM roles with audit trails.

2. No Sensitive User Data Logged ProtectAI avoids collecting or logging the following by design:

  • Wallet seed phrases, private keys, or authentication credentials

  • User-entered data from frontends or browser extensions

  • Personally identifiable information (PII)

Transaction monitoring is done using hashed addresses and anonymized metadata.

3. GDPR & CCPA Handling ProtectAI is designed to align with GDPR and CCPA requirements:

  • Right to be forgotten: Users can request full deletion of any associated data.

  • Right to access: Users can request a record of stored metadata tied to their activity.

  • Data portability: Available in JSON or CSV export formats.

  • Consent tracking: All logs from user actions that require consent are tagged with consent status.

A designated privacy officer oversees all data handling policies.

4. IP Anonymization Client IPs are stripped or masked before being stored in logs:

  • Full IP addresses are never stored.

  • Logs use truncated or zeroed IPs (e.g., 192.168.0.0) to support analytics without violating privacy.

  • Geolocation is done in-session and discarded immediately after use.

5. Data Retention and Deletion Flow ProtectAI keeps logs only as long as needed:

  • Threat event logs: 90 days

  • Performance metrics: 30 days

  • User metadata: Up to 1 year unless removed earlier

Deletion can be triggered by the system (automatic expiration), by user request, or by admin review. All deletions are permanent and verified with checksum clearance.

PreviousThreat Intelligence EngineNextRedundancy, Failover, and Backup

Last updated