Last updated: October 2025
Corveth Labs ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. As a cybersecurity intelligence company, we understand the critical importance of data protection and ethical AI principles. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with our services, website, and AI-powered security platforms.
We operate in accordance with applicable data protection laws, including but not limited to GDPR, CCPA, and PIPEDA. Our approach to privacy reflects our core values: ethical AI, transparency, and respect for individual autonomy.
We collect information necessary to provide our cybersecurity and AI services, respond to inquiries, and improve our platforms. This may include: contact information (name, email, phone, company), technical information (IP addresses, device identifiers, system configurations), security-related data (threat indicators, behavioral patterns for analysis), and communication records (emails, support tickets, meeting notes).
For our AI and behavioral monitoring services, we may collect anonymized behavioral data and system interaction patterns necessary for threat detection and security intelligence. We implement privacy-preserving techniques, including anonymization, pseudonymization, and zero-knowledge protocols, to minimize data exposure while maintaining security effectiveness.
We use collected information to: deliver and improve our cybersecurity and AI services, detect and prevent security threats, provide technical support and customer service, communicate about services, updates, and security alerts, comply with legal obligations and security requirements, and develop and enhance our AI models using anonymized, aggregated data.
Our AI systems use behavioral and threat intelligence data to learn patterns, predict threats, and improve security outcomes. All AI training and processing follows ethical principles: we never use personally identifiable information for model training without explicit consent, anonymize all training data, and maintain transparency about AI decision-making processes.
We do not sell your personal information. We may share information only in limited circumstances: with your explicit consent, to comply with legal obligations or court orders, with trusted service providers who assist our operations under strict confidentiality agreements, in case of business transfers (with notification), and for security incident response when necessary to protect systems and data.
When sharing anonymized threat intelligence or behavioral patterns for security research or industry collaboration, we ensure all data is fully anonymized and cannot be re-identified. We maintain strict data processing agreements with all third parties.
We employ industry-leading security measures to protect your information: encryption in transit and at rest, access controls and authentication mechanisms, regular security audits and vulnerability assessments, AI-driven threat monitoring and detection, secure development practices following OWASP guidelines, and incident response procedures.
Our security infrastructure includes our own Corveth Sentinel™ and Corveth Core™ platforms to monitor and protect our systems. Despite these measures, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Depending on your location, you may have rights including: access to your personal information, correction of inaccurate data, deletion of your information (subject to legal retention requirements), data portability, objection to processing, withdrawal of consent, and restriction of processing.
To exercise these rights, contact us at main@corvethlabs.com. We will respond within 30 days. For AI-related requests, we can provide information about how your data is used in our models and offer opt-out options where feasible, while maintaining service effectiveness.
We retain personal information only as long as necessary for service delivery, legal compliance, and legitimate business purposes. Security-related data may be retained longer for threat intelligence and incident analysis purposes. All retained data is subject to our security measures and access controls.
Upon termination of services or upon request (subject to legal requirements), we will delete or anonymize your personal information. Anonymized data used for AI training may be retained indefinitely as it no longer constitutes personal information.
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including standard contractual clauses, adequacy decisions, or other mechanisms recognized by applicable data protection laws.
Our infrastructure is designed with data sovereignty in mind, and we can configure data residency requirements based on your specific needs and regulatory obligations.
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.
We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. Material changes will be communicated through our website, email, or service notifications. Continued use of our services after changes constitutes acceptance of the updated policy.
Email: main@corvethlabs.com
Phone: +1 416-250-1716
Address: 192 Dunluce Rd NW, Edmonton, AB T5X 4P3, Canada