Platform Threat Intelligence Integrations Pricing Contact Sign In Request Demo
Legal

Privacy Policy

Last updated: June 7, 2026

1. Introduction

ArmoPot ("we," "us," or "our") operates the armopot.com website and the ArmoPot threat intelligence platform (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Service.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, job title, and phone number when you create an account or request a demo.
  • Billing Information: Payment processing is handled by Paddle.com Market Limited ("Paddle"), our Merchant of Record. We do not store credit card numbers, bank account details, or other payment card data on our servers. Paddle collects and processes this information directly.
  • Communications: Information you provide when contacting us via email, contact forms, or support requests.
  • API Usage: API keys, query parameters, and integration configurations when using our REST API or TAXII endpoints.

2.2 Information Collected Automatically

  • Log Data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of visit, and time spent on pages.
  • Cookies: We use essential cookies for session management and optional analytics cookies. Paddle.js may set cookies for fraud prevention and checkout functionality.
  • Device Information: Hardware model, operating system version, unique device identifiers, and network information.

2.3 Threat Intelligence Data

ArmoPot collects data from attacks directed at our globally distributed honeypot sensors. This data includes attacker IP addresses, attack payloads, credentials attempted, tools used, and behavioral patterns. This data is collected from attackers interacting with our honeypot infrastructure — not from our customers or legitimate users.

3. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Process transactions and manage subscriptions (via Paddle)
  • Send service-related communications, security alerts, and product updates
  • Respond to inquiries, support requests, and demo requests
  • Monitor and analyze usage patterns to improve user experience
  • Detect, prevent, and address fraud, abuse, and technical issues
  • Comply with legal obligations and enforce our Terms of Service

4. Payment Processing & Paddle

All purchases and subscriptions are processed by Paddle.com Market Limited (for customers outside the US) or Paddle.com Inc (for US customers), acting as our Merchant of Record. Paddle handles:

  • Payment collection and processing
  • Sales tax and VAT calculation and remittance
  • Invoicing and receipts
  • Chargebacks and payment disputes
  • PCI DSS compliance for payment data

When you make a purchase, you provide payment information directly to Paddle. We receive confirmation of the transaction, subscription status, and customer identifiers — but never your full payment card details. Please review Paddle's Privacy Policy for details on how they handle payment data.

5. Data Sharing & Disclosure

We do not sell your personal information. We may share information with:

  • Paddle: As our Merchant of Record, Paddle receives your email, name, billing address, and IP address to process payments.
  • Service Providers: Trusted third parties who assist in operating our Service (hosting, email delivery, analytics) under strict data processing agreements.
  • Legal Requirements: When required by law, subpoena, court order, or to protect our rights, property, or safety.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with prior notice to affected users.

6. Data Security

We implement industry-standard security measures including:

  • TLS 1.3 encryption for all data in transit
  • Encryption at rest for stored data
  • Role-based access controls and audit logging
  • Regular security assessments and penetration testing
  • Multi-factor authentication for administrative access

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. After account termination:

  • Account data is deleted within 30 days of account closure
  • Billing records are retained for 7 years to comply with tax and accounting obligations
  • Aggregated, anonymized data may be retained indefinitely for analytics
  • Threat intelligence data (attacker IPs, hashes, TTPs) is retained as part of our intelligence database

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate personal data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing of your personal data for marketing purposes
  • Restriction: Request restriction of processing under certain circumstances

To exercise these rights, contact us at privacy@armologic.com. We will respond within 30 days.

9. Cookies

We use the following types of cookies:

  • Essential Cookies: Required for the Service to function (session management, authentication)
  • Functional Cookies: Remember your preferences (theme, language)
  • Analytics Cookies: Help us understand how visitors interact with the website
  • Third-Party Cookies: Paddle.js may set cookies for payment fraud prevention

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where required under GDPR.

11. Children's Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related inquiries:

  • Email: privacy@armologic.com
  • Address: Armologic Ltd., 86-90 Paul Street, London, EC2A 4NE, United Kingdom

For payment-related inquiries, please contact Paddle Support directly.