Privacy Policy

Last updated: April 28, 2026

This Privacy Policy describes how ElevateGuard ("we", "us") collects, uses, and discloses information when you use the ElevateGuard service ("Service").

1. Information We Collect

We collect information you provide directly:

The agent installed on managed Windows machines collects the minimum information required to manage privilege elevation: machine hostname, logged-in username, requested application path/publisher/hash, and timestamps. The agent does not collect file contents, browsing history, keystrokes, or screen contents.

2. How We Use Information

3. Data Storage and Security

Customer data is stored in encrypted Amazon Web Services (AWS) infrastructure within the United States. Passwords are hashed; sessions are signed; data in transit is protected by TLS 1.2 or higher. Access to production data is limited to authorized personnel.

4. Data Sharing

We do not sell personal information. We share data only with sub-processors required to operate the Service (AWS for hosting, Stripe for billing) and only as required to deliver the Service or comply with applicable law.

5. Data Retention

We retain account and audit data for the life of your subscription plus a 90-day grace period after cancellation, after which data is deleted. You may request earlier deletion by contacting support.

6. Your Rights

Subject to applicable law, you may request access to, correction of, or deletion of your personal data. Contact privacy@elevateguard.tech.

7. Changes

We may update this Policy from time to time. Material changes will be communicated via email or in-app notice prior to taking effect.

8. Contact

Questions: privacy@elevateguard.tech