Privacy Policy

Last updated: December 2024

1. Information We Collect

We collect only the information necessary to provide our authentication migration services:

  • Contact Information: Name, email, company details when you contact us
  • Authentication Data: Temporarily during migration processes only
  • Technical Information: System logs and monitoring data for service quality
  • Usage Data: How you interact with our platform for improvement purposes

2. How We Use Your Information

Your information is used exclusively for:

  • Providing authentication migration services
  • Communicating about your migration project
  • Ensuring security and service quality
  • Complying with legal obligations
  • Improving our services (anonymized data only)

3. Data Security

We implement enterprise-grade security measures to protect your data:

  • Encryption: AES-256 encryption for data at rest, TLS 1.3 for data in transit
  • Access Controls: Strict role-based access with multi-factor authentication
  • Monitoring: Continuous security monitoring and threat detection
  • Auditing: Complete audit trails for all data access and activities
  • Compliance: SOC 2 Type II, GDPR, and ISO 27001 certified

4. Data Retention

We believe in minimal data retention:

  • Authentication Data: Not stored permanently, deleted immediately after migration
  • Project Data: Retained for 90 days post-migration for support purposes
  • Contact Information: Retained while you remain a customer
  • Audit Logs: Retained for 7 years for compliance purposes

5. Data Sharing

We do not sell or share your personal data. Limited sharing occurs only when:

  • Required by law or legal process
  • Necessary for service delivery (with strict data processing agreements)
  • You provide explicit consent
  • To protect our rights or safety of others

6. Your Rights

You have the following rights regarding your data:

  • Access: Request copies of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Request transfer of your data
  • Objection: Object to processing of your data
  • Restriction: Request restriction of processing

7. International Transfers

If we transfer your data internationally, we ensure adequate protection through:

  • Standard Contractual Clauses approved by regulatory authorities
  • Adequacy decisions by relevant data protection authorities
  • Other legally approved transfer mechanisms

8. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes via email or through our platform. The "Last updated" date at the top indicates when the policy was last revised.

10. Contact Us

For any privacy-related questions or to exercise your rights:

Email: privacy@authrouter.com
Data Protection Officer: dpo@authrouter.com

Privacy at a Glance

We're committed to protecting your privacy with:

  • Minimal data collection
  • No permanent storage of auth data
  • Enterprise-grade security
  • Full transparency
  • Your data, your control

Compliance & Certifications

GDPR Compliant SOC 2 Type II ISO 27001 CCPA Compliant

Data Protection Officer

Have specific privacy questions? Our Data Protection Officer is available to help.

Contact DPO