Privacy Policy

Last updated: March 6, 2026

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, company name, and password (encrypted).

Usage Data: We collect information about how you use OuterSec, including pages visited, features used, and actions taken.

Billing Information: Payment processing is handled by Stripe. We store your billing email and subscription status but never store credit card numbers.

Technical Data: We collect IP addresses, browser types, device information, and cookies for security and analytics.

2. How We Use Your Information

  • Provide and maintain the OuterSec service
  • Process payments and manage subscriptions
  • Send compliance alerts and reports
  • Improve our products and develop new features
  • Communicate with you about updates, security issues, or support
  • Detect and prevent fraud or security incidents
  • Comply with legal obligations

3. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

  • Service Providers: Stripe (payments), Resend (email), Supabase (database hosting)
  • Legal Requirements: If required by law, subpoena, or court order
  • Business Transfers: In the event of a merger, acquisition, or asset sale

4. Data Security

We implement industry-standard security measures:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Bcrypt password hashing with salt
  • Regular security audits and vulnerability scans
  • SOC 2 Type II compliance
  • Role-based access control (RBAC)

5. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in machine-readable format
  • Opt-out: Unsubscribe from marketing emails

To exercise these rights, contact us at privacy@outersec.com

6. Data Retention

We retain your data for as long as your account is active. After account deletion, we retain some information for legal and compliance purposes (tax records, audit logs) for up to 7 years.

7. Cookies and Tracking

We use cookies for:

  • Essential: Authentication, session management, security
  • Analytics: Understanding usage patterns (opt-out available)

8. International Data Transfers

Your data may be processed in the United States or other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.

9. Children's Privacy

OuterSec is not intended for users under 18. We do not knowingly collect information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or by posting a notice on our website.

11. Contact Us

If you have questions about this Privacy Policy, contact us: