Privacy Policy

Last updated: December 8, 2025

At Obsyk, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Kubernetes visibility and security platform.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name
  • Company name (optional)
  • Password (stored securely hashed)

Kubernetes Metadata

Our operator collects metadata about your Kubernetes resources, including:

  • Resource names, namespaces, and labels
  • Resource specifications (replicas, selectors, etc.)
  • RBAC configurations (roles, bindings)
  • Service and networking configurations
  • Pod status and container information

We do NOT collect:

  • Secret values or contents
  • Environment variable values
  • Application data or logs
  • Container images or source code

Usage Information

We automatically collect:

  • Browser type and version
  • IP address
  • Pages visited and features used
  • Time and date of visits
  • Referring website

2. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Improve and personalize your experience
  • Communicate with you about updates and support
  • Send marketing communications (with your consent)
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

3. Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Third-party vendors who assist in providing the Service. See our Subprocessors List.
  • Legal Requirements: When required by law, subpoena, or government request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • With Your Consent: When you explicitly authorize sharing.

4. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Kubernetes metadata is retained based on your subscription plan:

  • Free tier: 7 days
  • Pro tier: 90 days
  • Enterprise tier: Up to 1 year (configurable)

After account deletion, we may retain certain data as required by law or for legitimate business purposes (e.g., fraud prevention).

5. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Regular security audits and penetration testing
  • Access controls and authentication
  • Monitoring and logging
  • Incident response procedures

For more details, see our Security page.

6. Your Rights

For All Users

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data
  • Opt out of marketing communications

GDPR Rights (EU/EEA Users)

If you are in the EU/EEA, you additionally have the right to:

  • Data portability
  • Restrict processing
  • Object to processing
  • Lodge a complaint with a supervisory authority

CCPA Rights (California Residents)

If you are a California resident, you have the right to:

  • Know what personal information is collected
  • Know if personal information is sold or disclosed
  • Say no to the sale of personal information
  • Access your personal information
  • Request deletion of your personal information
  • Not be discriminated against for exercising your rights

7. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential cookies: Required for the Service to function
  • Analytics cookies: To understand how you use the Service
  • Preference cookies: To remember your settings

You can control cookies through your browser settings. Disabling certain cookies may affect functionality.

8. International Transfers

Your data may be transferred to and processed in the United States. We use Standard Contractual Clauses (SCCs) and other safeguards to protect data transferred outside the EU/EEA.

9. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through the Service. Your continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights, contact us at:

Email: [email protected]
Address: Obsyk, Inc.

For EU users, you may also contact our Data Protection Officer at [email protected].