RemedSec AI

Privacy Policy

Privacy and careful handling are part of the product promise

RemedSec AI is built around trust, authorisation, and restraint. This page explains the kinds of information we collect and how we use and protect it.

RemedSec AI is built around trust, authorisation, and careful handling of client and assessment-related information. This policy explains the types of information we collect, how we use it, and the principles we follow to protect it.

Information we collect

  • Contact details you provide, such as name, work email address, and organisation name.
  • Information about owned or authorised assets submitted through the contact or scan request flow, including domains, URLs, and related notes.
  • Communications you send to us when requesting discovery, remediation support, or follow-up services.
  • Basic technical and usage information needed to operate, secure, and improve the website and service.

How we use information

  • To review scan or assessment requests and confirm ownership, authorisation, and scope.
  • To prepare, deliver, and follow up on exposure discovery, reporting, remediation planning, and related services.
  • To maintain records of authorisation and engagement history for trust, compliance, and operational purposes.
  • To improve the quality, safety, and usefulness of our workflows, reports, and service delivery.

Authorisation and assessment data

  • RemedSec AI is designed for owned or explicitly authorised assets only.
  • Information you submit about targets, scope, and approval may be retained as evidence that a request was legitimate and properly reviewed.
  • We aim to collect the minimum information needed to assess authorisation, explain findings, and support remediation discussions.

How we store and protect information

  • We use reasonable technical and organisational measures to protect personal information, organisation details, and assessment-related records.
  • Reports, notes, evidence, and authorisation records are intended to remain within approved private systems and channels.
  • Access to sensitive engagement material should be limited to personnel and systems involved in service delivery, support, and compliance oversight.

Disclosure

  • We do not sell personal information or client assessment data.
  • We may share information with service providers, contractors, or infrastructure partners who help us operate the platform or deliver approved services, subject to confidentiality and security controls.
  • We may disclose information where required by law, regulation, court order, or to protect legal rights and the safety of our systems and users.

Retention

  • We keep personal and engagement information for as long as reasonably necessary to provide services, maintain records, meet legal obligations, resolve disputes, and support legitimate business operations.
  • Assessment evidence and communication history may be retained longer where required for audit, authorisation, or compliance purposes.

Your choices

  • You can contact us to request access to, correction of, or deletion of personal information we hold about you, subject to legal, security, and operational constraints.
  • Where deletion is requested, some records may still need to be retained to document authorisation, comply with law, or protect legitimate business interests.

Contact

For privacy-related questions, correction requests, or data handling enquiries, please contact RemedSec AI through the request form or the relevant business contact channel used for your engagement.