Privacy Policy

Last updated: November 29, 2025

1. Introduction

24zero Inc. ("24zero," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered endpoint security platform and related services (collectively, the "Services").

By accessing or using our Services, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Services.

2. Information We Collect

2.1 Information You Provide

  • Account information (name, email address, company name, job title)
  • Billing information (payment method, billing address)
  • Communications you send to us (support requests, feedback)
  • Profile information and preferences

2.2 Information Collected Automatically

  • Device telemetry and endpoint security data from enrolled devices
  • Security vulnerability and configuration data
  • Log data (IP address, browser type, pages visited, timestamps)
  • Usage analytics and platform interaction data
  • Cookies and similar tracking technologies

2.3 Security Assessment Data

Our AI Red Team feature collects security-related data from your enrolled endpoints, including but not limited to: system configurations, installed software, running processes, network configurations, and security vulnerabilities. This data is essential for providing our security assessment services.

3. How We Use Your Information

  • Provide, operate, and maintain our Services
  • Perform security assessments and vulnerability detection
  • Generate security reports and recommendations
  • Process transactions and send billing communications
  • Send technical notices, security alerts, and support messages
  • Respond to your comments, questions, and requests
  • Analyze usage patterns to improve our Services
  • Detect, prevent, and address fraud, abuse, and security issues
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: Third-party vendors who assist in operating our Services
  • Legal Requirements: When required by law, subpoena, or legal process
  • Protection: To protect the rights, property, or safety of 24zero, our users, or others
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • With Consent: When you have given explicit consent to share

5. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption at rest (AES-256) and in transit (TLS 1.3)
  • Regular security audits and penetration testing
  • Access controls and authentication requirements
  • Secure data centers with SOC 2 Type II compliance
  • Employee security training and background checks
  • Incident response and breach notification procedures

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Security findings and telemetry data are retained according to your subscription plan (7 days for Free, 30 days for Starter, 90 days for Pro).

Upon account termination, we will delete or anonymize your data within 30 days, except where retention is required for legal compliance or legitimate business purposes.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request transfer of your data to another provider
  • Restriction: Request restriction of processing
  • Objection: Object to certain types of processing
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@24zero.cloud.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, to protect your data during international transfers.

9. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we learn we have collected personal information from a child, we will delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

24zero Inc.

Email: privacy@24zero.cloud

Data Protection Officer: dpo@24zero.cloud

Back to home