TechOwl
SHIELD  SSO
 Back to sign in

Privacy Policy

Last updated May 4, 2026

This Privacy Policy explains how TechOwl Shield collects, uses, and protects information when you use our platform.

1. What we collect

  • Account data — name, email, password hash, organization membership, role assignments.
  • Authentication telemetry — IP address, user-agent, sign-in timestamps, 2FA challenge results, trusted-device identifiers.
  • Audit events — every privileged action is hash-chained for tamper detection (event type, actor, subject, IP, timestamp).
  • Usage telemetry — feature usage counts and error rates. We do not collect the contents of your security data for analytics.

2. How we use it

We use this information to operate the Services, secure your account, comply with legal obligations, and improve the product. We do not sell personal data.

3. Sub-processors

We use a small set of vetted sub-processors for hosting (AWS), email delivery, error monitoring, and breach-list checks (Have I Been Pwned). Current list and SOC 2 reports available on request — email security@techowlshield.com.

4. Data retention

  • Audit events — 365 days.
  • Authentication logs — 90 days.
  • Customer Data — while your subscription is active, plus 30 days post-termination.
  • Backups — encrypted, retained 35 days, then permanently deleted.

5. Your rights

If you're in the EEA, UK, or California, you have rights to access, rectify, delete, or export your personal data. Email privacy@techowlshield.com with your request and we'll respond within 30 days.

6. Security

We require MFA for all accounts. Passwords are bcrypt-hashed and run through zxcvbn + the Have I Been Pwned breach list before being accepted. All traffic is TLS 1.2+ encrypted; data at rest is AES-256 encrypted. We undergo annual SOC 2 Type II audits.

7. International transfers

If your data is transferred between jurisdictions (e.g., EU → US), we rely on Standard Contractual Clauses and supplementary measures as required by GDPR Chapter V.

8. Cookies

We use a small set of strictly-necessary cookies for session, CSRF, and trust-this-browser. See our Cookie Policy for the full breakdown.

9. Changes

Material changes are communicated via the in-product We've updated our Terms banner. The current version is shown in the header of this page.

Contact

Privacy questions: privacy@techowlshield.com. Security disclosures: security@techowlshield.com.

© 2026 TechOwl Shield
Terms Privacy Cookies

Sample policy text — version 2.4. Not legal advice. Email legal@techowlshield.com for the binding agreement.