Logo

Privacy Policy

This Privacy Policy explains how we collect, use, and protect personal data in accordance with the General Data Protection Regulation (GDPR / AVG).

Who We Are

SpectInsight is a security platform operated by Paladintel. Paladintel is a cybersecurity company that develops technology to monitor infrastructure, detect threats, and improve organizational security posture.

Paladintel acts as the data controller for personal data processed through SpectInsight.

Data Controller

Paladintel is responsible for the processing of personal data in connection with SpectInsight.

For privacy-related inquiries, contact:
privacy@spectinsight.com

Data We Collect

  • • Account information (such as name and email address)
  • • Authentication data (login sessions and encrypted credentials)
  • • Technical data (IP address, browser, and device information)
  • • Usage data (actions performed within the platform)

How We Use Data

  • • Provide and maintain our services
  • • Authenticate users and secure accounts
  • • Detect, prevent, and investigate abuse or fraud
  • • Improve system performance, reliability, and security

Legal Basis for Processing

  • • Performance of a contract
  • • Legitimate interest (to ensure security, prevent fraud, and maintain system integrity)
  • • Legal obligations where applicable

Security & Audit Logging

We log user activity, including login events, IP addresses, and actions performed within the platform. Logging is used strictly for security, monitoring, fraud prevention, and maintaining system integrity.

Audit logs are protected, access-controlled, and cannot be modified.

Data Retention

  • • Account data is retained while your account is active
  • • Account data is deleted upon account termination unless legally required
  • • Audit logs are retained for up to 90 days unless required longer

Data Sharing

We do not sell personal data. Data may be shared with trusted service providers strictly for delivering our services.

We do not use your data for advertising or sell personal data to third parties.

These providers may include infrastructure hosting, authentication services, and database providers (such as MongoDB Atlas), which process data on our behalf under strict security and confidentiality obligations.

All third-party providers are carefully selected and required to meet appropriate security and data protection standards.

International Data Transfers

Where data is transferred outside the European Economic Area (EEA), appropriate safeguards such as Standard Contractual Clauses (SCCs) are applied.

Your Rights (GDPR)

  • • Right of access
  • • Right to rectification
  • • Right to erasure
  • • Right to restrict processing
  • • Right to data portability
  • • Right to object

You can exercise your rights by contacting privacy@spectinsight.com. We will respond in accordance with applicable laws.

Supervisory Authority

You have the right to file a complaint with your local data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens.

Children's Data

Our services are not intended for individuals under the age of 18, and we do not knowingly collect personal data from children.

Cookies

We only use essential cookies required for authentication and security. No tracking or marketing cookies are used without explicit consent.

Data Security

We implement technical and organizational measures to protect data against unauthorized access, loss, misuse, or alteration.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected on this page and the "Last updated" date will be revised.

Privacy Contact

For privacy-related questions or requests:

privacy@spectinsight.com

Last updated: March 23, 2026 (v1.0.1)