BriarWatch

Privacy Policy

Last updated: January 4, 2026

1. Introduction

BriarWatchIT ("we," "our," or "us") operates the BriarWatch security scanning platform ("Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this privacy policy carefully. By using BriarWatch, you consent to the data practices described in this policy.

If you do not agree with the terms of this privacy policy, please do not access the Service.

2. Information We Collect

2.1 Account Information

When you register for BriarWatch, we collect:

  • Name and email address
  • Organization name and website
  • Password (stored in encrypted form)
  • Two-factor authentication settings

2.2 Scan Data

When you use our security scanning features, we collect and process:

  • Target domains, IP addresses, and URLs you authorize for scanning
  • Scan results including discovered vulnerabilities, open ports, and security findings
  • Asset inventory data (servers, services, technologies detected)
  • SSL/TLS certificate information
  • HTTP headers and response data from scanned targets

2.3 Usage Analytics

We collect privacy-focused analytics to improve our Service:

  • Pages visited and features used within BriarWatch
  • Session duration and interaction patterns
  • Device type, browser, and operating system
  • IP address and approximate geographic location

2.4 Audit Logs

For security and compliance purposes, we maintain detailed audit logs including:

  • Login attempts and authentication events
  • Configuration changes and administrative actions
  • Scan initiation and completion events
  • Data access and export activities

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the BriarWatch platform
  • Execute security scans on your authorized targets
  • Generate vulnerability reports and security assessments
  • Analyze scan results using artificial intelligence to provide insights
  • Send you service-related communications and alerts
  • Respond to your inquiries and provide customer support
  • Improve and optimize our Service
  • Detect, prevent, and address technical issues or security threats
  • Comply with legal obligations and enforce our terms

4. Data Storage and Security

4.1 Storage Location

Your data is stored on secure servers located in the United States, hosted on Amazon Web Services (AWS) infrastructure. We utilize AWS's SOC 2 Type II certified data centers with industry-leading physical and environmental security controls.

4.2 Security Measures

We implement comprehensive security measures to protect your data:

  • Encryption at rest using AES-256 encryption
  • Encryption in transit using TLS 1.2 or higher
  • Regular security assessments and penetration testing
  • Access controls and role-based permissions
  • Multi-factor authentication for user accounts
  • Automated vulnerability scanning of our own infrastructure
  • 24/7 monitoring and intrusion detection systems

4.3 Data Retention

We retain your data as follows:

  • Account information: Retained while your account is active and for 30 days after deletion
  • Scan data and reports: Retained for 2 years or as specified in your subscription agreement
  • Audit logs: Retained for 7 years for compliance purposes
  • Usage analytics: Retained for 2 years in anonymized form

5. Third-Party Services

We use the following third-party services to operate BriarWatch:

5.1 Amazon Web Services (AWS)

We use AWS for cloud infrastructure, including compute, storage, and database services. AWS is SOC 2 Type II certified and compliant with numerous security standards. AWS Privacy Policy

5.2 Anthropic (Claude AI)

We use Anthropic's Claude AI to analyze scan results and provide intelligent security insights. When processing your scan data with AI, we:

  • Only send anonymized or necessary scan data for analysis
  • Do not use your data to train AI models
  • Maintain contractual protections for data handling

Anthropic Privacy Policy

5.3 Email Services

We use third-party email services to send transactional emails such as password resets, scan completion notifications, and security alerts. These services only receive the minimum information necessary to deliver emails.

6. Your Rights and Choices

You have the following rights regarding your personal data:

6.1 Access

You may request a copy of the personal data we hold about you. You can access most of your data directly through your BriarWatch account dashboard.

6.2 Correction

You may update or correct your account information at any time through your account settings.

6.3 Deletion

You may request deletion of your account and associated data. Please note that we may retain certain information as required by law or for legitimate business purposes (such as audit logs for compliance).

6.4 Data Export

You may export your scan data, reports, and account information in standard formats (JSON, CSV, PDF) through the BriarWatch dashboard.

6.5 Opt-Out

You may opt out of non-essential communications by adjusting your notification preferences in your account settings. Note that you cannot opt out of essential service communications (such as security alerts or billing notices).

7. Cookies and Tracking

We use cookies and similar technologies to operate and improve BriarWatch:

7.1 Essential Cookies

Required for the Service to function, including session management, authentication, and security features. These cannot be disabled.

7.2 Analytics Cookies

Used to understand how users interact with BriarWatch. We use privacy-focused analytics that do not track users across websites or sell data to third parties.

7.3 Preference Cookies

Remember your settings and preferences, such as dashboard layout and notification settings.

8. Data Sharing

We do not sell your personal data. We may share your information only in the following circumstances:

  • With your consent: When you explicitly authorize sharing
  • Service providers: With third parties who assist in operating our Service (subject to confidentiality agreements)
  • Legal requirements: When required by law, subpoena, or legal process
  • Protection of rights: To protect BriarWatchIT's rights, property, or safety
  • Business transfers: In connection with a merger, acquisition, or sale of assets

9. Children's Privacy

BriarWatch is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. International Data Transfers

If you are accessing BriarWatch from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using our Service, you consent to such transfer and processing.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will also send an email notification to the address associated with your account.

Your continued use of BriarWatch after any changes indicates your acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:

BriarWatchIT - BriarWatch Team
Email: [email protected]

We will respond to your request within 30 days.

Back to Sign In | Terms of Service