Privacy Policy

Azure Guard ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our security platform and services.

By accessing or using Azure Guard, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the service.

To provide our security monitoring services, we collect several types of information:

• Metadata: We collect sign-in logs, audit logs, and security metadata from your Microsoft Entra ID (Azure AD) tenant.
• User Information: We may collect basic user profile information (names, emails) to identify accounts that require mitigation actions.
• Technical Data: IP addresses, browser types, and device identifiers involved in security events.

The information we collect is used exclusively for the following purposes:

• Detecting and preventing identity-based security threats.
• Automating mitigation actions (e.g., revoking sessions, resetting passwords).
• Providing security analytics and reporting via your dashboard.
• Improving the accuracy of our threat detection algorithms.

We do not sell your data to third parties.

Your data is stored securely in Microsoft Azure data centers. We implement industry-standard security measures, including encryption at rest and in transit (TLS 1.2+).

We retain security logs for a period of 90 days, after which they are automatically deleted unless otherwise required by law or specific plan configurations.

Azure Guard is designed to help organizations meet compliance requirements such as GDPR, HIPAA, and SOC2 by providing robust auditing and protection for identity infrastructure.