Privacy Policy

1. Who This Applies To

This Privacy Policy applies to Adyton users, administrators, customer contacts, and visitors to Adyton authentication or legal pages. If you use Adyton through an organization, that organization may also control how your account and workspace information is used.

2. Information We Collect

Depending on how Adyton is configured, we may collect or process:

• account identifiers such as name, email address, role, organization, and client assignment;
• authentication and security data such as session records, MFA status, login events, IP-derived request metadata, and audit logs;
• client onboarding details such as company name, contact details, service address, billing address, and website;
• workspace metadata such as service type, provider state, assignment status, job status, correlation IDs, and evidence events;
• support and operations records such as diagnostic summaries, remediation notes, and administrator actions.

3. How We Use Information

We use information to authenticate users, provide workspace services, enforce role and client scope, maintain audit evidence, operate support workflows, troubleshoot issues, secure the platform, meet contractual obligations, and comply with legal requirements.

4. Sharing

We may share information with the customer organization that administers your account, service providers that help us operate Adyton, deployed workspace providers configured for your environment, professional advisors, or authorities when legally required. We do not sell personal information or share it for cross-context behavioral advertising.

5. Cookies And Essential Storage

Adyton uses essential cookies and related browser mechanisms for session authentication, CSRF protection, MFA challenges, and security. The platform is not designed to use advertising cookies.

6. Retention

We retain information for as long as needed to provide Adyton, maintain audit and security records, comply with legal or contractual obligations, resolve disputes, and enforce agreements. Retention periods may vary by customer configuration, evidence policy, and deployment environment.

7. Security

Adyton is designed around access control, auditability, secret redaction, and operational evidence. No system is perfectly secure, but we use administrative, technical, and organizational safeguards appropriate to the information processed and the deployment model.

8. Your Choices And Rights

Depending on where you live and how your organization uses Adyton, you may have rights to access, correct, delete, restrict, or receive information about certain personal information. Some requests may need to be handled by the customer organization that administers your account.

9. International Processing

Adyton may be operated from the United States or other locations used by Archon Labs, customers, or service providers. Where required, cross-border processing should be governed by appropriate contractual, technical, and organizational measures.

10. Changes

We may update this Privacy Policy as Adyton evolves. Material changes to data practices should be communicated through the platform, customer administrator channels, or the applicable agreement.

11. Contact

Privacy questions or requests can be sent to privacy@archon-labs.io.