Trusted

Enterprise

Demo

End-users

Pricing

Blog

About

Sign-in

Trusted

Enterprise

Demo

End-users

Pricing

Blog

About

Sign-in

Trusted

Enterprise

Demo

End-users

Pricing

Blog

About

Sign-in

Trusted

Enterprise

Demo

End-users

Pricing

Blog

About

Sign-in

Privacy Policy for EDAMAME Security

Version

1.0

Nov 25, 2023

EDAMAME Technologies ("us", "we", or "our") operates the EDAMAME Security application (the "Service").

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

Information Collection and Use

The EDAMAME Security application uses the Have I Been Pwned (HIBP) API to check if the email associated with the Apple ID of the user appears in recent data leaks listed within the HIBP database. To perform this check, we send the email address to the HIBP API, which returns information about whether the email address has been found in any data breaches. We do not store the email address or any information returned by the HIBP API.

When using the connected mode to access a "secured cloud," the application sends the integer value of the "security score" computed by the application to its cloud backend for the sake of granting or denying access to the "secured cloud" based on its minimum "security score" requirement. We do not store or use the security score for any other purpose.

In the connected mode, the application exports fragments of encrypted memory or disk byte sequences for inspection by the EDAMAME's Endpoint Digital Arbiter (EDA) decentralized service. The purpose of this inspection is to ensure that the computed "security score" has not been tampered with. EDA only knows an aggregate result of the inspection in the form of a boolean (tampered or not tampered) and has no way to collect other information, in particular, personally identifiable information (PII).

By using the Service, you agree to the collection and use of information in accordance with this policy.

Usage Data

The EDAMAME Security application does not collect or store any information about your usage unless you explicitly choose to connect to a secured cloud service. When you opt to connect, you will be asked to provide consent to share specific details about your security posture with the cloud service owner. This data sharing is strictly controlled to ensure that no privacy breaches occur.

To maintain the stability and effectiveness of our services, we use Sentry to monitor our systems and automatically report any errors. This process helps us promptly address and resolve issues, potentially involving the collection of data related to system crashes and errors. We ensure that all data collected through Sentry is handled responsibly, with robust measures in place to protect your privacy.

Cookies

The EDAMAME Security application does not use cookies or any similar technologies.

Service Providers

We do not employ third-party companies or individuals for any purpose related to the EDAMAME Security application, except for:

  • The usage of the HIBP API to provide the Service's Digital Identity functionality when explicitly configured by the user. Please review the HIBP Privacy Policy to understand their data collection and usage practices.

  • The usage of OpenAI API to provide the Service's AI remediation functionality when explicitly configured by the user. As per the configuration of the API, the data sent to OpenAI can't be used for training of their model and the information sent is guaranteed to not include any PII.

Compliance with Laws

EDAMAME Security complies with applicable laws, including the General Data Protection Regulation (GDPR) in the European Union and privacy laws in the United States.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: privacy@edamame.tech

EDAMAME Technologies ("us", "we", or "our") operates the EDAMAME Security application (the "Service").

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

Information Collection and Use

The EDAMAME Security application uses the Have I Been Pwned (HIBP) API to check if the email associated with the Apple ID of the user appears in recent data leaks listed within the HIBP database. To perform this check, we send the email address to the HIBP API, which returns information about whether the email address has been found in any data breaches. We do not store the email address or any information returned by the HIBP API.

When using the connected mode to access a "secured cloud," the application sends the integer value of the "security score" computed by the application to its cloud backend for the sake of granting or denying access to the "secured cloud" based on its minimum "security score" requirement. We do not store or use the security score for any other purpose.

In the connected mode, the application exports fragments of encrypted memory or disk byte sequences for inspection by the EDAMAME's Endpoint Digital Arbiter (EDA) decentralized service. The purpose of this inspection is to ensure that the computed "security score" has not been tampered with. EDA only knows an aggregate result of the inspection in the form of a boolean (tampered or not tampered) and has no way to collect other information, in particular, personally identifiable information (PII).

By using the Service, you agree to the collection and use of information in accordance with this policy.

Usage Data

The EDAMAME Security application does not collect or store any information about your usage unless you explicitly choose to connect to a secured cloud service. When you opt to connect, you will be asked to provide consent to share specific details about your security posture with the cloud service owner. This data sharing is strictly controlled to ensure that no privacy breaches occur.

To maintain the stability and effectiveness of our services, we use Sentry to monitor our systems and automatically report any errors. This process helps us promptly address and resolve issues, potentially involving the collection of data related to system crashes and errors. We ensure that all data collected through Sentry is handled responsibly, with robust measures in place to protect your privacy.

Cookies

The EDAMAME Security application does not use cookies or any similar technologies.

Service Providers

We do not employ third-party companies or individuals for any purpose related to the EDAMAME Security application, except for:

  • The usage of the HIBP API to provide the Service's Digital Identity functionality when explicitly configured by the user. Please review the HIBP Privacy Policy to understand their data collection and usage practices.

  • The usage of OpenAI API to provide the Service's AI remediation functionality when explicitly configured by the user. As per the configuration of the API, the data sent to OpenAI can't be used for training of their model and the information sent is guaranteed to not include any PII.

Compliance with Laws

EDAMAME Security complies with applicable laws, including the General Data Protection Regulation (GDPR) in the European Union and privacy laws in the United States.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: privacy@edamame.tech