ThreatPrevent
ThreatPrevent
Cyber Threat Intelligence
Privacy

Privacy Policy

Effective date: 31 May 2026

1. Introduction

This Privacy Policy explains how ThreatPrevent Limited ("ThreatPrevent", "we", "us", or "our") collects, uses, shares, stores, and protects personal data when you use our website, APIs, applications, integrations, demonstrations, billing flows, and related services.

We aim to handle personal data transparently and in accordance with applicable data protection laws, including UK GDPR, the Data Protection Act 2018, and where applicable EU GDPR.

2. Controller

ThreatPrevent Limited is the controller for personal data we collect and determine how to use. For some customer-provided data processed through API requests, our role may depend on the context and agreement with the customer.

Contact: hello@threatprevent.io

3. Personal Data We Collect

  • Account and contact information, including name, company, email address, and role.
  • Billing and subscription information, including plan, usage, invoices, Stripe customer identifiers, and payment status.
  • API and usage information, including API key identifiers, endpoint usage, timestamps, request metadata, response status, error logs, usage volume, and billing events.
  • Support information, including messages sent to us by email.
  • Technical information, including IP address, browser type, device information, logs, security events, and diagnostic data.
  • Scan inputs submitted to the Services, such as domains, email addresses, IP addresses, company names, or related workflow data that is sent to us.

4. Payment Information

Payments are processed by Stripe. ThreatPrevent does not store full payment card numbers, card security codes, or complete financial account details on our website or application. Stripe manages payment processing and payment information on our behalf.

We may receive limited billing information from Stripe, such as customer ID, subscription ID, payment status, invoice status, card brand and last four digits where provided by Stripe, and billing address where applicable.

5. How We Use Personal Data

  • To provide and operate the Services.
  • To create and manage customer accounts and API keys.
  • To process subscriptions, usage, billing, and overage charges.
  • To deliver risk scores, API responses, and intelligence outputs.
  • To provide support by email.
  • To monitor reliability, performance, errors, and security.
  • To detect, prevent, and investigate abuse, fraud, misuse, and unauthorised access.
  • To comply with legal, regulatory, tax, accounting, and security obligations.
  • To improve our Services and develop new features.

6. Lawful Basis

  • Contract: to provide the Services, manage subscriptions, issue API keys, and process customer requests.'
  • Legitimate interests: to secure the platform, prevent abuse, improve reliability, analyse usage, support customers, and protect our business and users.
  • Legal obligation: to meet tax, accounting, regulatory, security, or legal requirements.
  • Consent: where we ask for optional consent, such as certain non-essential cookies or marketing communications.

7. Usage Information

We collect usage information to provide a reliable, secure, high-quality service. Usage information helps us monitor availability, diagnose issues, protect against abuse, manage billing, and improve performance.

We do not sell your usage information. We do not provide customer usage information to third parties for their own independent marketing purposes.

8. Scan Data and Retention

ThreatPrevent is designed to minimise unnecessary retention of customer scan data. Scan inputs and outputs may be processed to deliver the requested service and may be retained where necessary for billing, auditing, troubleshooting, abuse prevention, security, legal compliance, or dispute resolution.

Retention periods may vary depending on the type of data, the purpose of processing, and legal or operational requirements. We aim to retain personal data only for as long as reasonably necessary.

9. Sharing Personal Data

  • Stripe for payment processing, billing, subscription management, and fraud prevention.
  • Hosting, infrastructure, security, analytics, monitoring, email, and support service providers.
  • Professional advisers, auditors, insurers, legal advisers, and accountants.
  • Public authorities, regulators, or law enforcement where legally required.
  • Successors or buyers in connection with a merger, acquisition, restructuring, or sale of assets.

10. International Transfers

Some service providers may process data outside the United Kingdom or European Economic Area. Where required, we use appropriate safeguards such as adequacy decisions, standard contractual clauses, data processing agreements, or other lawful transfer mechanisms.

11. Security

We use technical and organisational measures designed to protect personal data, including access controls, API key hashing, logging, monitoring, least-privilege access, and secure infrastructure practices. However, no system can be guaranteed to be completely secure.

12. Your Rights

Subject to legal conditions and exemptions, you may have rights to access, correct, delete, restrict, object to processing, request portability, or withdraw consent where processing is based on consent.

To exercise your rights, contact hello@threatprevent.io.

13. Complaints

You may contact us first if you have privacy concerns. You also have the right to complain to the UK Information Commissioner's Office or, where applicable, your local EU data protection authority.

14. Cookies and Similar Technologies

Our website may use cookies or similar technologies for essential site operation, analytics, security, and performance. Where legally required, we will request consent for non-essential cookies.

Our complete cookie policy can be found at threatprevent.io/cookies

15. Children

The Services are intended for professional business users and are not directed at children.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Updated versions will be published on our website.

17. Contact

If you have questions about this policy or our data handling, contact us at: privacy@threatprevent.io

ThreatPrevent Ltd

Email: hello@threatprevent.io

Website: threatprevent.io