Privacy Policy

Name: Digital Rights Defender
Author: Digital Rights Defender

Last updated: February 9, 2026

1. Introduction

Digital Rights Defender Inc. (“we”, “us”, “our”) operates the DRD platform. This Privacy Policy describes how we collect, use, and protect your personal information when you use our Service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and organization details. Authentication is handled by Clerk, a third-party identity provider.

Agent and Event Data

We collect data about registered AI agents, their events, policy evaluations, enforcement actions, and reputation scores. This data is essential to providing the governance service.

Usage Data

We collect anonymized usage data including page views, API call patterns, and feature usage to improve the Service.

3. How We Use Your Information

Provide, maintain, and improve the Service
Compute agent reputation scores and trust badges
Process enforcement actions and approval workflows
Send service notifications and security alerts
Generate aggregated, anonymized analytics
Comply with legal obligations

4. Data Storage and Security

Your data is stored in encrypted databases hosted on Neon (PostgreSQL). All data is encrypted in transit (TLS 1.3) and at rest. Event logs use hash-chained integrity verification to detect tampering. API keys are stored as SHA-256 hashes.

5. Data Retention

Event data is retained based on your plan: 7 days (Free), 90 days (Pro), or unlimited (Enterprise). Account data is retained for the duration of your account plus 30 days after deletion. You may request data export or deletion at any time.

6. Third-Party Services

We use the following third-party services:

Clerk — Authentication and identity management
Neon — Database hosting (PostgreSQL)
Sentry — Error monitoring
Vercel / Railway — Application hosting

Each provider has their own privacy policy and data processing agreements.

7. Your Rights

You have the right to:

Access your personal data
Correct inaccurate data
Request deletion of your data
Export your data in a portable format
Withdraw consent for optional data processing
Lodge a complaint with a supervisory authority

8. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification.

10. Contact

For privacy-related inquiries, contact us at our contact page or email privacy@drd.io.