Privacy Policy

Welcome to Cerberius ("Cerberius," "we," "us," or "our"). We are committed to protecting your privacy and handling your personal information with transparency and respect. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, (https://www.cerberius.com), use our Application Programming Interfaces (APIs), or otherwise access our services (collectively, the "Services").

Please read this Privacy Policy carefully. By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Services.

This Privacy Policy is incorporated into and subject to our Terms of Service.

1. Information We Collect

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household ("Personal Information"). We strive to collect only the minimum Personal Information necessary to provide and improve our Services.

1.1. Information You Provide to Us

  • Account Information: When you register for an account, we collect your email address and, if provided, your name. You may also provide other optional information.
  • Authentication Data: We store authentication credentials in a secure (e.g., hashed) format.
  • Payment Information: If you subscribe to a paid plan, our third-party payment processor (e.g., Stripe) will collect your payment card information. We do not directly store your full payment card details, though we may have access to limited information like the last four digits of your card, card type, and expiration date for verification and billing management.
  • Communications: If you contact us directly (e.g., for support or inquiries), we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
  • Data Submitted to our APIs ("User Data"): When you use our APIs (e.g., for IP lookups, email validation, prompt classification), you submit data for processing. For example, for our IP lookup service, you provide an IP address. For email validation, you provide an email address. While we process this User Data as instructed by you to provide the Service, we treat any Personal Information within this User Data in accordance with this Privacy Policy and our Terms of Service. You are responsible for ensuring you have the necessary rights and consents to provide User Data containing Personal Information to our Services.

1.2. Information We Collect Automatically

  • Log and Usage Data: We automatically collect certain information when you access and use our Services. This information may include your Internet Protocol (IP) address, browser type, operating system, User-Agent strings, the dates and times of access, API requests and responses (which may include the data you submitted for processing, retained for a limited period for operational purposes), features utilized, and other technical logs. This data is used for providing the Services, security monitoring, debugging, and improving performance.
  • API Usage Metrics: We collect metrics related to your use of our APIs, such as the number of requests, error rates, and processing times, to monitor service health, for billing purposes, and to improve our Services.
  • Cookies and Similar Technologies: We use minimal cookies and similar tracking technologies to operate and administer our Site, gather usage data on our Site, and improve your experience. See Section 7 ("Cookies and Similar Technologies") for more details.

1.3. Information Our Services Provide (Derived Data)

Certain Services, such as our IP lookup API, provide information back to you based on the User Data you submit. This returned information (e.g., geolocation data, ISP information, threat intelligence associated with an IP address) is generated through our proprietary analysis and may also be derived or enriched using data from various third-party sources, including publicly available datasets and commercial data providers. While we strive for accuracy, this information is provided on an "as-is" basis. For attributions related to certain public datasets we use, please see our Attributions Page.

2. How We Use Your Information

We use the Personal Information and other data we collect or process for various purposes, including:

  • To provide, operate, maintain, and improve our Services, including our APIs and the information they return.
  • To process your transactions and manage your account, including billing and subscription management.
  • To respond to your comments, questions, and requests, and to provide customer service and support.
  • To send you technical notices, updates, security alerts, and support and administrative messages.
  • To monitor and analyze trends, usage, and activities in connection with our Services to understand how users interact with them and to improve their performance and usability.
  • To prevent and detect fraudulent transactions, abuse, and other illegal activities, and to protect the rights, property, or safety of Cerberius, our users, or others.
  • To comply with legal obligations, such as responding to lawful requests from public authorities.
  • For any other purpose for which the information was collected, with your consent if required by applicable law.

We do not sell your Personal Information to third parties and do not share it with third parties for their own marketing purposes.

3. How We Share Your Information

We may share your Personal Information in the following limited circumstances:

  • Service Providers (Sub-processors): We may share your Personal Information with third-party vendors, consultants, and other service providers who perform services on our behalf and require access to such information to do that work (e.g., payment processing (Stripe), cloud hosting (e.g., AWS, Google Cloud), email delivery, customer support tools). These service providers are authorized to use your Personal Information only as necessary to provide these services to us and are contractually obligated to protect your information.
  • Legal Compliance and Protection: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with a legal obligation, subpoena, or lawful requests from public authorities; (b) protect and defend the rights or property of Cerberius; (c) prevent or investigate possible wrongdoing in connection with the Services; (d) protect the personal safety of users of the Services or the public; or (e) protect against legal liability.
  • Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. We will notify you via email and/or a prominent notice on our Site of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
  • With Your Consent: We may disclose your Personal Information for any other purpose with your explicit consent.
  • Aggregated or Anonymized Data: We may share aggregated or anonymized information that does not directly identify you with third parties for research, analysis, and other purposes.

4. Data Retention

We retain your Personal Information for as long as your account is active or as needed to provide you with the Services. We will also retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

  • Account Information: Retained for as long as your account is active and for a reasonable period thereafter in case you decide to re-activate the Services, or as required for our legitimate business purposes or legal compliance.
  • API Usage Logs & Technical Logs: Retained for up to ninety (90) days, or longer if required for security investigations, compliance, or legal purposes. Data submitted to APIs for processing is generally retained only for the duration necessary to provide the service and for short-term operational logging.
  • Communications: Records of communications with you may be kept for as long as necessary to manage the inquiry or for our business records.

You may request the deletion of your account and associated Personal Information by contacting us at privacy@cerberius.com, subject to certain exceptions prescribed by law.

5. Data Security

We implement reasonable administrative, technical, and physical security measures designed to protect the security of any Personal Information we process. These measures include, but are not limited to, encryption of data in transit and at rest where appropriate, access controls, and regular security assessments.

However, please remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

6. Your Data Protection Rights

Depending on your location and applicable data protection laws (such as GDPR for individuals in the European Economic Area (EEA) and the UK, CCPA for California residents, or the Australian Privacy Principles (APPs) for Australian individuals), you may have certain rights regarding your Personal Information. These rights may include:

  • The right to access: You have the right to request copies of your Personal Information.
  • The right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete. You can often update your account information directly through your account settings.
  • The right to erasure (deletion): You have the right to request that we erase your Personal Information, under certain conditions.
  • The right to restrict processing: You have the right to request that we restrict the processing of your Personal Information, under certain conditions.
  • The right to object to processing: You have the right to object to our processing of your Personal Information, under certain conditions, particularly where we process your data based on legitimate interests or for direct marketing.
  • The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • The right to withdraw consent: If we are processing your Personal Information based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at privacy@cerberius.com. We will respond to your request in accordance with applicable law. We may need to verify your identity before processing your request.

If you are not satisfied with our response, you may have the right to lodge a complaint with your local data protection authority or supervisory body (e.g., the Office of the Australian Information Commissioner (OAIC) in Australia, or a relevant authority in the EEA or UK).

7. Cookies and Similar Technologies

Cookies are small text files placed on your device when you visit a website. We use cookies and similar technologies for essential functionalities:

  • Essential Cookies: These are necessary for the Site to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as logging in or filling in forms (e.g., authentication, session management).
  • Functionality Cookies (if applicable): These cookies may be used to remember choices you make (such as your username or language preferences) to provide a more personalized experience. (Currently, we use minimal cookies primarily for authentication and session management).

We do not use third-party analytics cookies or marketing/tracking cookies on our Site. Our focus is on providing our core Services with minimal tracking.

You can typically control and/or delete cookies as you wish through your browser settings. For details, see aboutcookies.org. Deleting or disabling essential cookies may affect the functionality of our Services.

8. International Data Transfers

Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. Our primary servers are located in Australia.

If we transfer your Personal Information outside of your jurisdiction (e.g., from the EEA/UK to a country not deemed adequate by the European Commission, or from Australia overseas), we will take appropriate safeguards to ensure that your Personal Information remains protected in accordance with this Privacy Policy and applicable data protection laws. These safeguards may include implementing Standard Contractual Clauses (SCCs) with our third-party service providers or relying on other legally permitted transfer mechanisms.

9. Children's Privacy

Our Services are not directed to individuals under the age of 18 (or the relevant age of majority in their jurisdiction). We do not knowingly collect Personal Information from children under 18. If we become aware that we have collected Personal Information from a child under 18 without verification of parental consent, we will take steps to remove that information from our servers. If you believe that we might have any information from or about a child under 18, please contact us at privacy@cerberius.com.

10. Links to Other Websites

Our Services may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the bottom. We may also provide notice to you through your registered email address or through a prominent notice on our Site, prior to the change becoming effective, especially for material changes.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: privacy@cerberius.com

Cerberius Pty Ltd
ABN 57686421152

Last updated: 2024-05-11