Privacy Policy

Effective Date: April 7, 2026
Last Updated: April 7, 2026

AiRysk Inc. (“Company,” “we,” “us,” or “our”) is committed to protecting the privacy of our customers, their employees, and visitors to our website. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our products and services (collectively, the “Services”), including the AiRysk browser extension, the AiRysk endpoint agent, and the AiRysk cloud platform.

By using our Services, you acknowledge that you accept the practices and policies outlined in this Privacy Policy.

1. What This Policy Covers

This Privacy Policy covers our treatment of information that we collect or process when you:

  • Visit our website at https://airysk.com
  • Use the AiRysk cloud platform (web portal)
  • Have the AiRysk browser extension installed on your device (deployed by your employer's IT department)
  • Have the AiRysk endpoint agent installed on your device (deployed by your employer's IT department)

This Policy does not apply to the practices of companies we do not own or control, or to individuals we do not employ or manage.

Important: The AiRysk browser extension and endpoint agent are enterprise products deployed and configured by your employer's IT department. If you are an employee whose organization uses AiRysk, your employer is the data controller for information collected through these products. Please consult your employer's privacy policy for details on how your organization handles employee monitoring data.

2. Information We Collect

2a. Information You Provide to Us

When you register for an account or interact with our Services, we may collect:

  • Name and email address
  • Company name and job title
  • Account credentials (username, password)
  • Billing and payment information (processed by third-party payment processors)
  • Communications you send to us (support requests, feedback)

2b. Information Collected by Enterprise Products

When deployed by your employer, the AiRysk browser extension and endpoint agent collect:

  • HTTP request and response data from approved web applications (as configured by your employer's IT department)
  • User identity information from web application sessions (email, display name)
  • File metadata (name, size, type) when files are uploaded to monitored applications
  • Device information (hostname, operating system, browser version)
  • Timestamps and session identifiers

What we do NOT collect:

  • We do not collect data from websites or applications outside the scope configured by your employer
  • We do not collect passwords, authentication tokens, or financial credentials (these are redacted before transmission)
  • We do not collect browsing history or activity on non-monitored sites
  • We do not access personal email, messaging, or social media unless explicitly configured by your employer

2c. Information Collected Automatically

When you visit our website or use the cloud platform, we may automatically collect:

  • IP address and approximate geolocation
  • Browser type, device type, and operating system
  • Pages visited and features used
  • Referring URLs and search terms
  • Cookies and similar tracking technologies (see Section 8)

3. How We Use Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Detect and prevent data loss, security threats, and policy violations on behalf of our enterprise customers
  • Process and enforce data protection policies configured by our enterprise customers
  • Generate security alerts, reports, and analytics for authorized administrators
  • Communicate with you about your account, support requests, and service updates
  • Ensure the security and integrity of our platform
  • Comply with legal obligations

We do NOT use information collected through enterprise deployments for:

  • Advertising or marketing purposes
  • Profiling individual employees outside the scope of their employer's security policies
  • Any purpose unrelated to the security and compliance services contracted by the enterprise customer

4. We Do Not Sell Your Information

We do not sell, rent, or trade your personal information or any data collected through our Services to any third party, for any purpose, under any circumstances.

This applies to all categories of information we collect, including data collected through the browser extension, the agent, the cloud platform, and our website.

5. How We Share Information

We may share information only in the following limited circumstances:

With Your Employer (Enterprise Customers): Data collected by the AiRysk extension and agent is processed and made available to your employer's authorized administrators through the AiRysk cloud platform. Your employer controls the data collection scope, retention policies, and access permissions.

Service Providers: We use third-party service providers to help operate our Services (e.g., cloud hosting, payment processing). These providers are contractually obligated to use your information only to perform services on our behalf and are bound by confidentiality obligations.

Legal Requirements: We may disclose information if required to do so by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website of any change in ownership or uses of your personal information.

With Your Consent: We may share your information for any other purpose with your explicit consent.

6. Data Security

We take the security of your information seriously and implement appropriate technical and organizational measures to protect it, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication requirements
  • Regular security assessments
  • Employee training on data protection practices
  • Incident response procedures

While we strive to protect your information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain information collected through our Services for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Enterprise monitoring data: Retained according to the retention policy configured by your employer. Enterprise customers can configure data retention periods through the AiRysk platform.
  • Account information: Retained for as long as your account is active or as needed to provide you with Services. You may request deletion of your account at any time.
  • Website analytics: Retained for up to 12 months.

When data is no longer needed, it is securely deleted or anonymized.

8. Cookies, Tracking Technologies, and Advertising

Our website and cloud platform use cookies and similar technologies for the following purposes:

Essential Cookies: Required for the operation of our Services, including session management, authentication, and security. These cannot be disabled.

Functional Cookies: Remember your preferences (e.g., theme settings, language) to provide a personalized experience.

Analytics Cookies: Help us understand how our Services are used, which pages are most popular, and how visitors navigate our website. We may use third-party analytics providers (e.g., Google Analytics) for this purpose.

Advertising and Marketing Cookies: We may use cookies and similar technologies to deliver relevant advertisements to you on third-party platforms, measure the effectiveness of our advertising campaigns, and understand how you interact with our marketing content. You can opt out of personalized advertising through your browser settings, the Digital Advertising Alliance (https://optout.aboutads.info), or the Network Advertising Initiative (https://optout.networkadvertising.org).

Your Cookie Choices: You may configure your browser to refuse all or certain cookies, or to alert you when cookies are being set. If you disable cookies, some features of our Services may not function properly.

Important: Advertising cookies are used on our website only. The AiRysk browser extension and endpoint agent do NOT place cookies on any website, do NOT track browsing activity for advertising purposes, and do NOT share any collected enterprise data with advertising networks.

We will never sell data collected through the AiRysk extension or agent to advertisers or any other third party.

9. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate personal information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your information in a portable format
  • Objection: Object to certain processing of your personal information
  • Restriction: Request restriction of processing in certain circumstances

For California Residents (CCPA/CPRA): You have the right to know what personal information we collect, the right to request deletion, the right to opt out of the sale of personal information (note: we do not sell personal information), and the right to non-discrimination for exercising your privacy rights. To exercise these rights, contact us at support@airysk.com.

For employees of enterprise customers: Requests related to data collected through the AiRysk extension and agent should be directed to your employer, as they are the data controller for that information. We will assist your employer in responding to valid data subject requests.

To exercise any of these rights, please contact us at support@airysk.com.

10. Children's Privacy

Our Services are not directed to individuals under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under the applicable age, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at support@airysk.com.

11. AI and Machine Learning

AiRysk uses proprietary technologies to detect sensitive data and security threats. We want to be transparent about how data is used in this context:

  • Data collected through enterprise deployments is used solely to provide security and compliance services to the respective enterprise customer
  • We do not use one customer's data to train models that serve other customers
  • Detection capabilities are developed using industry-standard datasets and internal research, not customer data
  • Enterprise customers retain ownership and control of their data at all times

12. International Data Transfers

Our Services are hosted and operated in the United States. If you are located outside the United States, please be aware that information you provide to us or that is collected through our Services may be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website with a new “Last Updated” date and, where appropriate, by sending you an email notification. Your continued use of the Services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

AiRysk Inc.
Email: support@airysk.com
Website: https://airysk.com

This Privacy Policy was last updated on April 7, 2026.