Privacy Policy

StructVector ("we", "our", or "us") is committed to protecting the privacy of your data. This policy explains how we handle the information you provide when using our API, website, and services.

1. Information We Collect

We collect information in two primary categories:

• Account Information: Information required to create your account, billing details, and contact preferences (e.g., email address, name, organization).
• Service Data (Input Data): The raw JSON events, logs, and payloads you send to our API for processing ("Events"). This includes the content you wish to embed, classify, or score.

2. How We Use Service Data (AI & Training)

This is the most critical part of our policy for your engineering team:

• Processing: We use your Service Data solely to provide the Service to you (generating embeddings, anomaly scores, and classifications).
• No General Training: We do not use your Service Data to train our general-purpose foundation models. Your data does not leak into the models used by other customers.
• Custom Models: If you are on an Enterprise plan with "Custom Model Training," we train a dedicated model adapter exclusively for your workspace using your provided data. This adapter is never shared with other customers.

3. Data Retention

We retain Service Data only as long as necessary to provide the features of your plan:

• Hobby Tier: Data is retained for 7 days to allow for debugging and short-term history.
• Production Tier: Data is retained for 1 year to support compliance auditing and long-term anomaly detection baselines.
• Enterprise Tier: Custom retention policies (including zero-retention / ephemeral processing) are available.

You may request the deletion of your data at any time by contacting support or using the API deletion endpoints.

4. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS 1.2+) and encryption at rest (AES-256). Our infrastructure is hosted on SOC 2 Type II compliant providers (AWS/GCP). Access to production data is restricted to authorized engineering personnel on a strict need-to-know basis for debugging purposes.

5. Third-Party Subprocessors

We use select third-party providers to help us deliver our Service (e.g., cloud hosting, payment processing). We ensure these providers act only on our instructions and maintain appropriate security standards. A current list of subprocessors is available upon request.

6. Your Rights

Depending on your location, you may have rights regarding your personal data, including the right to access, correct, or delete your information. To exercise these rights, please contact us at privacy@structvector.com.

7. Updates to this Policy

We may update this Privacy Policy from time to time. If we make material changes that affect your rights or how we handle Service Data, we will notify you via email or a prominent notice on the dashboard before the changes take effect.

8. Contact Us

If you have questions about this policy or our data practices, please contact our Data Protection Officer at privacy@structvector.com.