Leaders

Devs

CI/CD

Zero Trust

Pricing

Blog

About

Sign-in

Leaders

Devs

CI/CD

Zero Trust

Pricing

Blog

About

Sign-in

Leaders

Devs

CI/CD

Zero Trust

Pricing

Blog

About

Sign-in

Leaders

Devs

CI/CD

Zero Trust

Pricing

Blog

About

Sign-in

Privacy Policy for EDAMAME Security

Version

1.0

Feb 10, 2025

By using the EDAMAME Security application (the “Service”), you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information Collection and Use

1.1 Trust Feature and Secured Cloud Access

  • Security Score Transmission:
    When you use the trust feature to certify your device’s security score or to access a secured cloud service, the application sends the computed “security score” to our cloud backend. This is done solely to verify that the score meets our requirements.

  • User Consent:
    Before transmitting the score, you will be informed about the details of the information being sent and will be prompted to agree or deny its transmission.

  • Data Usage Limitation:
    We do not store or use the security score for any purpose other than the verification process.

1.2 Connected Mode and Integrity Verification

  • Memory/Disk Fragments Export:
    In connected mode, the application exports fragments of encrypted memory or disk byte sequences. These fragments are inspected by EDAMAME’s Endpoint Digital Arbiter (EDA) decentralized service.

  • Purpose:
    The purpose of this inspection is to verify that the computed security score has not been tampered with.

  • Data Minimization:
    EDA receives only an aggregate result (a boolean value indicating “tampered” or “not tampered”) and does not collect any other information, including personally identifiable information (PII).

1.3 Email Security Check via HIBP API

  • Usage of HIBP API:
    The application uses the Have I Been Pwned (HIBP) API to check whether the email associated with your Apple ID appears in recent data leaks.

  • Data Handling:
    Your email address is sent to the HIBP API solely for this check. We do not store your email address or any information returned by the HIBP API.

1.4 Device Classification Feedback

  • Feedback Feature:
    You can inform us if you believe your device has been misclassified.

  • Data Anonymization:
    All information sent during this process is anonymized and guaranteed not to contain any PII.

1.5 User Feedback and Bug Reporting

  • Feedback Submission:
    The Service allows you to report bugs or provide comments.

  • Data Handling:
    Information submitted (which may include logs) is anonymized and is processed without including any PII.

1.6 AI-Driven Security Analysis

  • Service Description:
    The application includes an AI-driven security analysis for network devices and for breaches reported by HIBP.

  • Data Sharing:
    Information shared with EDAMAME and its third-party AI service provider is anonymized and contains no PII.

2. Usage Data

  • General Usage:
    The Service does not collect or store information about your usage unless you explicitly choose to connect to a secured cloud service.

  • Consent for Data Sharing:
    If you opt to connect, you will be asked for consent to share specific details about your security posture with the cloud service owner. This data sharing is strictly controlled to prevent privacy breaches.

  • Error Reporting with Sentry:
    To maintain the stability and effectiveness of our services, we use Sentry to monitor our systems and automatically report any errors.

    • Note: Error reports may include technical details necessary for troubleshooting; however, Sentry is configured not to collect any PII.

3. Cookies

  • The EDAMAME Security application does not use cookies or any similar technologies.

4. Service Providers

We do not employ third-party companies or individuals for any purpose related to the Service, except for the following:

  • HIBP API:
    Used to provide the Service’s digital identity functionality when explicitly configured by the user. Please review the HIBP Privacy Policy for details on their data practices.

  • OpenAI API:
    Used to provide the Service’s AI remediation functionality when explicitly configured by the user. The data sent to OpenAI is configured so that it cannot be used for model training and does not include any PII.

5. Compliance with Laws

  • EDAMAME Security complies with all applicable laws, including the General Data Protection Regulation (GDPR) in the European Union and relevant privacy laws in the United States.

6. Changes to This Privacy Policy

  • Policy Updates:
    We may update our Privacy Policy from time to time. Any changes will be posted on this page.

  • User Responsibility:
    You are advised to review this Privacy Policy periodically. Changes become effective immediately upon posting.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us:

By using the EDAMAME Security application (the “Service”), you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information Collection and Use

1.1 Trust Feature and Secured Cloud Access

  • Security Score Transmission:
    When you use the trust feature to certify your device’s security score or to access a secured cloud service, the application sends the computed “security score” to our cloud backend. This is done solely to verify that the score meets our requirements.

  • User Consent:
    Before transmitting the score, you will be informed about the details of the information being sent and will be prompted to agree or deny its transmission.

  • Data Usage Limitation:
    We do not store or use the security score for any purpose other than the verification process.

1.2 Connected Mode and Integrity Verification

  • Memory/Disk Fragments Export:
    In connected mode, the application exports fragments of encrypted memory or disk byte sequences. These fragments are inspected by EDAMAME’s Endpoint Digital Arbiter (EDA) decentralized service.

  • Purpose:
    The purpose of this inspection is to verify that the computed security score has not been tampered with.

  • Data Minimization:
    EDA receives only an aggregate result (a boolean value indicating “tampered” or “not tampered”) and does not collect any other information, including personally identifiable information (PII).

1.3 Email Security Check via HIBP API

  • Usage of HIBP API:
    The application uses the Have I Been Pwned (HIBP) API to check whether the email associated with your Apple ID appears in recent data leaks.

  • Data Handling:
    Your email address is sent to the HIBP API solely for this check. We do not store your email address or any information returned by the HIBP API.

1.4 Device Classification Feedback

  • Feedback Feature:
    You can inform us if you believe your device has been misclassified.

  • Data Anonymization:
    All information sent during this process is anonymized and guaranteed not to contain any PII.

1.5 User Feedback and Bug Reporting

  • Feedback Submission:
    The Service allows you to report bugs or provide comments.

  • Data Handling:
    Information submitted (which may include logs) is anonymized and is processed without including any PII.

1.6 AI-Driven Security Analysis

  • Service Description:
    The application includes an AI-driven security analysis for network devices and for breaches reported by HIBP.

  • Data Sharing:
    Information shared with EDAMAME and its third-party AI service provider is anonymized and contains no PII.

2. Usage Data

  • General Usage:
    The Service does not collect or store information about your usage unless you explicitly choose to connect to a secured cloud service.

  • Consent for Data Sharing:
    If you opt to connect, you will be asked for consent to share specific details about your security posture with the cloud service owner. This data sharing is strictly controlled to prevent privacy breaches.

  • Error Reporting with Sentry:
    To maintain the stability and effectiveness of our services, we use Sentry to monitor our systems and automatically report any errors.

    • Note: Error reports may include technical details necessary for troubleshooting; however, Sentry is configured not to collect any PII.

3. Cookies

  • The EDAMAME Security application does not use cookies or any similar technologies.

4. Service Providers

We do not employ third-party companies or individuals for any purpose related to the Service, except for the following:

  • HIBP API:
    Used to provide the Service’s digital identity functionality when explicitly configured by the user. Please review the HIBP Privacy Policy for details on their data practices.

  • OpenAI API:
    Used to provide the Service’s AI remediation functionality when explicitly configured by the user. The data sent to OpenAI is configured so that it cannot be used for model training and does not include any PII.

5. Compliance with Laws

  • EDAMAME Security complies with all applicable laws, including the General Data Protection Regulation (GDPR) in the European Union and relevant privacy laws in the United States.

6. Changes to This Privacy Policy

  • Policy Updates:
    We may update our Privacy Policy from time to time. Any changes will be posted on this page.

  • User Responsibility:
    You are advised to review this Privacy Policy periodically. Changes become effective immediately upon posting.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us: