Privacy Policy

Effective date: 1 September 2025

DevSecure Ltd ("DevSecure", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your personal information when you use our website and services.

1. Who We Are

DevSecure is an innovative cybersecurity company based in London, United Kingdom. We build the DevSecure Platform — a comprehensive all-in-one application security SaaS platform designed for developers, including SAST, DAST, SCA, IaC security, secrets detection, malware analysis, and vulnerability management.

Data Controller: DevSecure Ltd
Registered Address: London, United Kingdom
Contact: help@devsecure.io

2. What We Collect

We collect only the information you voluntarily provide:

Email address — when you join our waitlist or create an account
Name and organisation — when you request a demo or enterprise quote
Usage data — anonymised platform interaction data to improve our services

3. How We Use Your Data

To send you launch updates and product announcements (with your consent)
To provide and improve the DevSecure Platform
To respond to support requests and inquiries
To comply with legal obligations

4. Storage & Security

Your data is stored securely in Cloudflare KV and Google Cloud Platform (BigQuery), both of which maintain industry-standard security certifications (SOC 2, ISO 27001). All data in transit is encrypted using TLS 1.3. Access to production data is restricted to authorised personnel only.

5. Data Retention

We retain your personal data only as long as necessary:

Waitlist emails: until 6 months after the platform launch (11 July 2026), then permanently deleted
Account data: for the duration of your account plus 90 days after closure
Usage analytics: anonymised and retained for service improvement

6. Your Rights

Under UK data protection law, you have the right to:

Access the personal data we hold about you
Rectify inaccurate data
Erase your data ("right to be forgotten")
Restrict processing of your data
Port your data to another service
Object to processing for direct marketing

To exercise any of these rights, email help@devsecure.io. We will respond within 30 days.

7. Data Sharing

We do not sell, trade, or share your personal data with third parties for their marketing purposes. We may share data with trusted sub-processors solely for service delivery (e.g., Cloudflare for hosting, Google Cloud for analytics), all of whom are contractually bound to protect your data.

8. Cookies

Our website uses only essential cookies required for operation. We do not use tracking cookies or third-party analytics cookies.

9. International Transfers

Your data is stored on servers within the European Economic Area (EEA) and the United Kingdom. Where data is transferred outside these regions, we ensure appropriate safeguards are in place through Standard Contractual Clauses.

10. Security Incident Response

In the unlikely event of a data breach affecting your personal data, we will notify you within 72 hours as required by UK GDPR, including the nature of the breach and steps taken to mitigate it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or a notice on our website.

DevSecure Ltd
London, United Kingdom
help@devsecure.io

← Back to the site