← Back to Home

Privacy Policy

Last updated: January 9, 2026

1. Introduction

Nerifect ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud governance platform and related services (collectively, the "Service").

Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide when using our Service, including:

  • Name and contact information (email address, phone number)
  • Company name and job title
  • Account credentials (username, password)
  • Billing and payment information
  • Communications with our support team

2.2 Technical Information

We automatically collect certain technical information when you use the Service:

  • IP address and device identifiers
  • Browser type and version
  • Operating system
  • Usage patterns and feature interactions
  • Log data and analytics

2.3 Repository and Code Data

To provide our governance services, we may access and process:

  • Source code and configuration files from connected repositories
  • Infrastructure as Code (IaC) configurations
  • CI/CD pipeline configurations
  • Cloud resource metadata

Important: We only access repository data that you explicitly authorize through our integration process. Your code remains your property, and we do not claim any ownership rights to your User Content.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our governance platform
  • Compliance Scanning: To analyze your code and infrastructure for compliance, security, and cost optimization
  • AI-Powered Analysis: To generate insights, recommendations, and auto-remediation suggestions
  • Communication: To send service updates, security alerts, and respond to inquiries
  • Analytics: To understand usage patterns and improve our Service
  • Legal Compliance: To comply with applicable laws and regulations

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

  • Service Providers: With third-party vendors who assist in providing our Service (e.g., cloud hosting, payment processing)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize sharing

We do not sell your personal information to third parties for marketing purposes.

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit (TLS/SSL) and at rest (AES-256)
  • Access controls and authentication mechanisms
  • Regular security audits and vulnerability assessments
  • Secure data centers with physical security measures
  • Employee training on data protection practices

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When data is no longer needed, we securely delete or anonymize it.

For repository and code data, we retain analysis results and scan history for the duration of your subscription. Upon account termination, we delete your data within 30 days, unless otherwise required by law.

7. Your Rights and Choices

7.1 Access and Portability

You have the right to request access to the personal information we hold about you and to receive a copy of your data in a portable format.

7.2 Correction and Deletion

You may request correction of inaccurate personal information or deletion of your data, subject to certain legal exceptions.

7.3 Objection and Restriction

You may object to certain processing activities or request restriction of processing in specific circumstances.

7.4 Withdrawal of Consent

Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of prior processing.

7.5 GDPR Rights (EU/EEA Residents)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.

7.6 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to opt-out of the sale of personal information.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We implement appropriate safeguards, such as Standard Contractual Clauses, to ensure adequate protection of your data during international transfers.

9. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information.

10. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@nerifect.com
Website: www.nerifect.com

For data protection inquiries specifically, you may also contact our Data Protection Officer at the email address above with the subject line "Data Protection Inquiry."