Privacy Policy

Last updated: January 2025

1. Introduction

Privum Lda ("we", "us", "our") operates SRExpert, a Kubernetes monitoring and SRE platform. This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and applicable Portuguese data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

Privum Lda
R. Daciano Baptista Marques, 245
4400-617 Vila Nova de Gaia, Portugal
Email: [email protected]

3. Information We Collect

We collect the following types of information:

Account Information: Name, email address, company name, and contact details when you register for an account.
Billing Information: Payment details processed securely through our payment providers (we do not store full credit card numbers).
Cluster Data: Kubernetes cluster information, metrics, logs, and configuration data that you choose to connect to our platform.
Usage Data: Information about how you use the Platform, including features accessed, actions taken, and performance metrics.
Technical Data: IP address, browser type, device information, and cookies for platform functionality and security.

4. How We Use Your Information

We use your personal data to:

Provide, maintain, and improve our services
Process transactions and send related information
Send technical notices, updates, and security alerts
Respond to your comments, questions, and support requests
Monitor and analyze usage patterns to improve user experience
Detect, prevent, and address technical issues and security threats
Comply with legal obligations

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

Contract Performance: Processing necessary to provide our services to you.
Legitimate Interests: Processing for our legitimate business interests, such as improving our services and ensuring security.
Consent: Where you have given explicit consent for specific processing activities.
Legal Obligation: Processing required to comply with applicable laws.

6. Data Sharing and Transfers

We may share your data with:

Service Providers: Third-party vendors who assist in providing our services (hosting, payment processing, analytics).
AI Providers: When you use AI features, queries may be processed by third-party AI providers (OpenAI, Anthropic, Google, etc.) according to their respective privacy policies.
Legal Requirements: When required by law or to protect our rights and safety.

For international data transfers outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses.

7. Data Retention

We retain your personal data for as long as necessary to provide our services and fulfill the purposes described in this policy. Account data is retained while your account is active. After account deletion, we may retain certain data for up to 30 days for backup purposes and as required by law.

8. Your Rights (GDPR)

Under GDPR, you have the right to:

Access: Request a copy of your personal data
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your personal data
Restriction: Request limitation of processing
Data Portability: Receive your data in a portable format
Objection: Object to certain processing activities
Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encryption of data in transit and at rest
Regular security assessments and penetration testing
Access controls and authentication mechanisms
Employee training on data protection
Incident response procedures

10. Cookies

We use essential cookies for platform functionality and optional analytics cookies to understand usage patterns. You can manage cookie preferences through your browser settings. Essential cookies cannot be disabled as they are necessary for the platform to function.

11. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes via email or through the Platform. The "Last updated" date at the top indicates when this policy was last revised.

13. Contact Us

For questions about this Privacy Policy or to exercise your data protection rights, please contact us at:

Privum Lda
R. Daciano Baptista Marques, 245
4400-617 Vila Nova de Gaia, Portugal
Email: [email protected]

You also have the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD) if you believe your data protection rights have been violated.

Last updated: January 2025

1. Introduction

2. Data Controller

The data controller responsible for your personal data is:

Privum Lda
R. Daciano Baptista Marques, 245
4400-617 Vila Nova de Gaia, Portugal
Email: [email protected]

3. Information We Collect

We collect the following types of information:

Account Information: Name, email address, company name, and contact details when you register for an account.
Billing Information: Payment details processed securely through our payment providers (we do not store full credit card numbers).
Cluster Data: Kubernetes cluster information, metrics, logs, and configuration data that you choose to connect to our platform.
Usage Data: Information about how you use the Platform, including features accessed, actions taken, and performance metrics.
Technical Data: IP address, browser type, device information, and cookies for platform functionality and security.

4. How We Use Your Information

We use your personal data to:

Provide, maintain, and improve our services
Process transactions and send related information
Send technical notices, updates, and security alerts
Respond to your comments, questions, and support requests
Monitor and analyze usage patterns to improve user experience
Detect, prevent, and address technical issues and security threats
Comply with legal obligations

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

Contract Performance: Processing necessary to provide our services to you.
Legitimate Interests: Processing for our legitimate business interests, such as improving our services and ensuring security.
Consent: Where you have given explicit consent for specific processing activities.
Legal Obligation: Processing required to comply with applicable laws.

6. Data Sharing and Transfers

We may share your data with:

Service Providers: Third-party vendors who assist in providing our services (hosting, payment processing, analytics).
AI Providers: When you use AI features, queries may be processed by third-party AI providers (OpenAI, Anthropic, Google, etc.) according to their respective privacy policies.
Legal Requirements: When required by law or to protect our rights and safety.

For international data transfers outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses.

7. Data Retention

8. Your Rights (GDPR)

Under GDPR, you have the right to:

Access: Request a copy of your personal data
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your personal data
Restriction: Request limitation of processing
Data Portability: Receive your data in a portable format
Objection: Object to certain processing activities
Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encryption of data in transit and at rest
Regular security assessments and penetration testing
Access controls and authentication mechanisms
Employee training on data protection
Incident response procedures

10. Cookies

11. Children's Privacy

12. Changes to This Policy

13. Contact Us

For questions about this Privacy Policy or to exercise your data protection rights, please contact us at:

Privum Lda
R. Daciano Baptista Marques, 245
4400-617 Vila Nova de Gaia, Portugal
Email: [email protected]

You also have the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD) if you believe your data protection rights have been violated.

1. Introduction

2. Data Controller

3. Information We Collect

4. How We Use Your Information

5. Legal Basis for Processing (GDPR)

6. Data Sharing and Transfers

7. Data Retention

8. Your Rights (GDPR)

9. Data Security

10. Cookies

11. Children's Privacy

12. Changes to This Policy

13. Contact Us

Quick Links

Contact

Privacy Policy

1. Introduction

2. Data Controller

3. Information We Collect

4. How We Use Your Information

5. Legal Basis for Processing (GDPR)

6. Data Sharing and Transfers

7. Data Retention

8. Your Rights (GDPR)

9. Data Security

10. Cookies

11. Children's Privacy

12. Changes to This Policy

13. Contact Us

Quick Links

Contact