Privacy Policy

Last updated: 4/23/2025

1. Introduction

This Privacy Policy describes how Proventra ("we," "our," or "us") collects, uses, and shares your personal information when you use our prompt injection and jailbreak detection platform, website, API, and any other services we provide (collectively, the "Services").

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly to us, including:

  • Account information: When you register for an account, we collect your name, email address, and profile image (via GitHub OAuth).
  • Service usage: Text inputs you submit for analysis through our API.
  • Communications: Information you provide when you contact us.

2.2 Information We Collect Automatically

When you use our Services, we automatically collect certain information, including:

  • Usage data: We record API requests, usage metrics, and log data to monitor service performance and detect abuse.
  • Device information: IP address, browser type, operating system, and device identifiers.
  • Cookies and similar technologies: We use cookies and similar technologies to maintain your session and remember your preferences.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Process and fulfill your API requests
  • Monitor and analyze usage patterns and trends
  • Enforce our usage limits and prevent abuse
  • Protect against unauthorized access to our Services
  • Communicate with you about our Services, including sending technical notices, updates, and administrative messages

4. How We Share Your Information

We may share your information in the following circumstances:

  • With service providers who perform services on our behalf
  • To comply with legal obligations or in response to lawful requests
  • To protect our rights, property, or safety, or the rights, property, or safety of others
  • In connection with a business transaction, such as a merger or acquisition

We do not sell your personal information to third parties.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including to satisfy legal requirements. API request logs and the text inputs you submit for analysis are retained for 30 days, after which they may be anonymized or deleted.

6. OAuth and Third-Party Authentication

We use GitHub OAuth for authentication. When you log in with GitHub, we collect your GitHub profile information, including your name, email address, and profile image. We do not have access to your GitHub password. Your use of GitHub authentication is subject to GitHub's privacy policy and terms of service.

7. API Usage and Data Processing

When you use our API, we process and analyze the text inputs you submit to detect prompt injection and jailbreak attempts. This processing is performed using machine learning models and may involve storing your inputs temporarily to provide the service. You are responsible for ensuring that you have the appropriate rights to submit any text for analysis.

8. Security

We take reasonable measures to protect your personal information from unauthorized access, use, or disclosure. However, no method of transmission over the internet or electronic storage is 100% secure, so we cannot guarantee absolute security.

9. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, such as the right to access, correct, delete, or restrict processing of your personal information. To exercise these rights, please contact us using the information provided below.

10. International Transfers

We may transfer your personal information to countries other than the country in which you reside. We will take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

11. Children's Privacy

Our Services are not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated Privacy Policy on our website. Your continued use of our Services after such changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at team@proventra-ai.com.