Privacy Policy

1. Introduction

Chronicler ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI audit trail platform and related services.

We understand that as a company focused on compliance and privacy-preserving technology, we must hold ourselves to the highest standards. We practice what we preach.

2. Information We Collect

2.1 Information You Provide

• Account information (name, email, company)
• Billing information (processed securely via Stripe)
• Support communications
• Feedback and survey responses

2.2 Audit Trail Data

When you use Chronicler to capture AI agent decisions, you control what data is sent to our platform. Our middleware supports:

• Configurable capture levels (minimal, standard, full)
• Automatic PII detection and optional redaction
• On-premise deployment for sensitive workloads

2.3 Usage Data

We collect anonymized usage analytics to improve our products, including feature usage, error rates, and performance metrics. We do not track individual user behavior.

3. How We Use Your Information

• To provide and maintain our services
• To process transactions and send related information
• To respond to inquiries and provide support
• To improve our products and develop new features
• To comply with legal obligations
• To detect, prevent, and address technical issues

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

• Service providers: Payment processors, cloud infrastructure, analytics
• Legal requirements: When required by law or to protect rights
• Business transfers: In connection with merger, acquisition, or sale

5. Data Security

We implement industry-standard security measures including:

• Encryption in transit (TLS 1.3) and at rest (AES-256)
• Regular security audits and penetration testing
• SOC 2 Type II certified infrastructure
• Role-based access controls
• Continuous monitoring and incident response

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Audit trail data is retained according to your plan: 7 days (Free), 30 days (Pro), or custom retention (Enterprise). You can request deletion at any time.

7. Your Rights

Depending on your location, you may have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Object to processing
• Data portability
• Withdraw consent

To exercise these rights, contact us at privacy@chronicleraudit.com.

8. International Transfers

We process data in the United States and European Union. For transfers outside the EEA, we use Standard Contractual Clauses and ensure adequate protections are in place.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.