Privacy Policy

Last Updated: November 2025

AIBound (“AIBound,” “we,” “our,” or “us”) is committed to protecting your privacy and maintaining the trust of our customers, partners, and website visitors. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you interact with our website, platform, services, and communications.

If you have questions about this policy or your personal data, you may contact us at privacy@aibound.com.

1. Scope of This Policy

This Privacy Policy applies to:

  • The AIBound website (aibound.com and subdomains)
  • The AIBound platform and products
  • Support, sales, and customer success interactions
  • Marketing communications, webinars, events, and related activities

This policy does not apply to third-party websites or services that AIBound does not control.

2. Information We Collect

A. Information You Provide to Us

We collect information you voluntarily provide, including:

  • Contact details: name, email address, phone number, company name
  • Account information: username, role, authentication details
  • Communication data: support requests, messages, surveys, and feedback
  • Business and security context: environment size, number of models, assets, or systems to evaluate
  • Billing information (for paid customers)

We do not intentionally collect sensitive personal information unless you explicitly provide it to us for contractual or compliance reasons.

B. Information Collected Automatically

When you visit our website or use our platform, we automatically collect:

  • Usage data: pages viewed, time on site, links clicked, feature usage patterns
  • Device & browser data: IP address, operating system, device identifiers
  • Cookies & tracking technologies: analytics cookies, session cookies, preference cookies

You can manage cookie preferences through your browser or our cookie banner, where available.

C. Customer Data Processed in the AIBound Platform

As part of providing our AI security platform, we may process:

  • Metadata about AI models, agents, non-human identities (NHIs), training pipelines, and configurations
  • Cloud and SaaS metadata: resource identifiers, service names, permissions, IAM roles
  • Security signals: posture findings, privilege insights, configuration issues, lineage information
  • Business context used for risk scoring, environment mapping, and asset inventory

AIBound is not a data broker and does not sell or share customer data for advertising purposes. We process only the data necessary to deliver our platform’s functionality and follow strict access, retention, and encryption controls.

3. How We Use Your Information

Provide and Improve Our Services

  • Operate, maintain, and enhance the AIBound platform
  • Analyze security patterns, toxic combinations, and AI ecosystem risks
  • Deliver dashboards, alerts, and insights tailored to your environment

Support and Communication

  • Respond to support requests and technical issues
  • Send onboarding guidance, system updates, and educational content

Security and Compliance

  • Detect, prevent, and investigate potential security incidents
  • Maintain logs for auditing, monitoring, and legal purposes
  • Comply with applicable laws, contracts, and regulatory frameworks

Marketing and Sales (Opt-In)

  • Share product announcements, newsletters, and event invitations
  • Personalize website or ad experiences where permitted by law

You may opt out of marketing communications at any time by using the unsubscribe link in our emails or contacting us directly.

4. How We Share Information

AIBound does not sell your data.

We may share information only with:

1. Trusted Service Providers

Who assist us with:

  • Cloud hosting and infrastructure
  • Analytics and product usage insights
  • Customer support and ticketing tools
  • Email delivery and communications
  • CRM and billing systems

All providers are bound by contractual confidentiality and data-processing agreements.

2. Enterprise Customers (Internal Visibility)

If your organization uses AIBound, visibility into collected metadata is provided to authorized users within your company for security and operational purposes.

3. Legal or Regulatory Requirements

We may disclose information when required to do so by law, subpoena, court order, or governmental request, or when we believe in good faith that disclosure is reasonably necessary to protect our rights, users, or the public.

4. Mergers or Corporate Transactions

If AIBound is involved in a merger, acquisition, financing, or sale of all or a portion of our assets, information may be transferred as part of that transaction, subject to appropriate confidentiality protections.

5. International Data Transfers

AIBound may process data in the United States and other countries where we or our service providers operate. When transferring data internationally, we use appropriate safeguards such as Standard Contractual Clauses and other GDPR-compliant mechanisms.

6. Data Retention

We retain data only as long as necessary to:

  • Provide and support the AIBound platform
  • Operate our business and maintain records
  • Comply with legal, regulatory, or contractual obligations

Enterprise customers may request deletion of platform data in accordance with their agreement with AIBound.

7. Data Security

We use industry-standard administrative, technical, and physical safeguards to protect information, including:

  • Encryption at rest and in transit where appropriate
  • Role-based access control and least-privilege principles
  • Network and application firewalls
  • Continuous monitoring and logging
  • Secure development and change management practices
  • Data minimization and segmentation

Despite these measures, no system can be completely secure. We encourage customers to implement complementary security controls in their own environments.

8. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal data, including the right to:

  • Access the personal data we hold about you
  • Request corrections or updates
  • Request deletion, subject to legal obligations
  • Object to or restrict certain processing
  • Request a copy of your data in a portable format
  • Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us at privacy@aibound.com. We may need to verify your identity before fulfilling your request.

9. Children’s Privacy

AIBound does not knowingly collect personal information from children under the age of 16. If we learn that we have inadvertently collected such information, we will take steps to delete it as soon as possible. If you believe a child has provided us with personal information, please contact us.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date at the top of this page. If we make material changes, we may also provide additional notice (such as by email or a prominent notice on our website).

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, or if you wish to exercise your data rights, please contact us at:

AIBound — Privacy Office
Email: privacy@aibound.com
Website: www.aibound.com