PavilionSecurity← Back to Home
Privacy Policy

Privacy Policy

How we collect, use, and protect your information when using our email security platform

Last updated: January 2025

Information We Collect

PavilionSecurity collects information necessary to provide our email security and compliance services. This includes account information, email metadata for security analysis, and usage data to improve our services.

Account Information

  • • Company name and contact details
  • • Administrator email addresses
  • • Billing and payment information
  • • Service configuration preferences

Service Data

  • • Email metadata (headers, sender, recipient)
  • • Security threat indicators
  • • Compliance violation patterns
  • • Service usage statistics

How We Use Your Information

We use the collected information exclusively to provide and improve our email security services, ensure compliance with regulations, and maintain the security of our platform.

Service Provision

  • Deliver email security and threat detection
  • Provide compliance monitoring and reporting
  • Generate security analytics and insights
  • Send security alerts and notifications

Service Improvement

  • Enhance threat detection algorithms
  • Improve platform performance and reliability
  • Develop new security features
  • Provide customer support and training

Data Protection & Security

We implement industry-standard security measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

Technical Safeguards

  • • End-to-end encryption for data in transit
  • • AES-256 encryption for data at rest
  • • Multi-factor authentication for access
  • • Regular security audits and penetration testing
  • • Intrusion detection and prevention systems
  • • Secure data centers with 24/7 monitoring

Organizational Measures

  • • Employee background checks and training
  • • Access controls and role-based permissions
  • • Incident response and disaster recovery plans
  • • Regular security awareness training
  • • Vendor security assessments
  • • Compliance with industry standards

Data Sharing & Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information only in limited circumstances as described below.

Service Providers

We may share data with trusted third-party service providers who assist in operating our platform, such as cloud hosting providers, payment processors, and customer support tools. These providers are contractually bound to protect your data and use it only for specified purposes.

Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, property, or safety, or that of our users or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction, subject to the same privacy protections.

Your Rights & Choices

Depending on your location, you may have certain rights regarding your personal information. We are committed to honoring these rights and providing you with control over your data.

Access & Control

  • • Access your personal information
  • • Correct inaccurate or incomplete data
  • • Request deletion of your data
  • • Export your data in portable format
  • • Opt-out of marketing communications
  • • Control cookie preferences

Data Processing

  • • Restrict processing of your data
  • • Object to certain processing activities
  • • Withdraw consent where applicable
  • • Lodge complaints with authorities
  • • Request data portability
  • • Appeal automated decisions

To exercise these rights: Contact us at privacy@pavilionsecurity.ai. We will respond to your request within 30 days.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data during international transfers.

Transfer Safeguards

  • • Standard Contractual Clauses (SCCs) for EU transfers
  • • Adequacy decisions where applicable
  • • Binding corporate rules for internal transfers
  • • Additional technical and organizational measures

Data Localization

We offer data localization options for customers with specific geographic requirements. Contact us to discuss your data residency needs.

Data Retention

We retain your information only as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements.

Retention Periods

  • Account data: Duration of service + 7 years
  • Security logs: 2 years for threat analysis
  • Compliance records: 7 years for audit purposes
  • Billing information: 7 years for tax compliance
  • Support communications: 3 years
  • Marketing data: Until opt-out

Deletion Process

  • • Secure deletion using industry standards
  • • Verification of complete data removal
  • • Documentation of deletion activities
  • • Notification to affected users
  • • Backup data cleanup procedures
  • • Third-party data removal requests

Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage patterns, and provide personalized services.

Essential Cookies

  • • Authentication and session management
  • • Security and fraud prevention
  • • Service functionality and performance
  • • User preferences and settings

Analytics & Improvement

  • • Usage analytics and performance monitoring
  • • Service improvement and optimization
  • • Error tracking and debugging
  • • User experience enhancement

Cookie Management: You can control cookie preferences through your browser settings or our cookie consent banner. Note that disabling certain cookies may affect service functionality.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

If you believe we have collected information from a child under 16: Please contact us immediately at privacy@pavilionsecurity.ai. We will promptly investigate and remove any such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

Notification Process

  • • Email notification to registered users
  • • Prominent notice on our website
  • • Updated "Last updated" date
  • • 30-day advance notice for material changes

Continued use: Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us.

Response Times

  • • Privacy inquiries: 30 days
  • • Data access requests: 30 days
  • • Deletion requests: 45 days
  • • Urgent security issues: 24 hours
  • • General support: 2-3 business days

Data Protection Officer: For EU residents, you may also contact our Data Protection Officer at dpo@pavilionsecurity.ai.

This Privacy Policy is effective as of January 2025 and applies to all users of PavilionSecurity services.

Terms of ServiceSchedule DemoHome