Privacy Policy

Effective Date: January 26, 2026 | Last Updated: January 26, 2026

1. Introduction

PRYZM Defense Systems, Inc. ("PRYZM," "we," "us," or "our") provides a sovereign AI platform designed for the world's most security-conscious enterprises. We recognize that trust is the currency of our business, and we are committed to transparency regarding how we handle—and more importantly, how we do not handle—your data.

Critical Architecture Note

Unlike traditional cloud AI providers, PRYZM operates on a Sovereign Deployment Architecture. Our software is deployed entirely within your infrastructure (on-premises, private cloud, or secure enclave). Consequently, PRYZM does not possess, process, or have access to the content of your AI interactions, prompts, outputs, or the proprietary data your AI agents access.

2. Information We Collect

A. Information You Provide

  • Account Data: Name, business email, job title, company name, phone number
  • Billing Information: Billing addresses, tax identifiers, payment details (processed by Stripe)
  • Support Communications: Support tickets, crash logs, error descriptions

B. Automatic Collection (Website)

  • Device and usage data (anonymized IP, browser type, pages visited)
  • Strictly necessary cookies for site security and functionality

C. Licensing Telemetry

  • License validation (license keys, instance IDs, heartbeat signals)
  • Aggregated usage metrics (query counts, agent counts—not content)
  • System health (version numbers, error codes, latency metrics)

What We Do NOT Collect

  • AI prompts, responses, or conversation content
  • Your proprietary knowledge bases or documents
  • Evidence Packs (stored locally in your infrastructure)
  • End-user PII processed by your PRYZM instance

3. How We Use Your Information

  • Service Provision: Account management, software updates, Customer Portal access
  • License Enforcement: Verify usage aligns with purchased license tiers
  • Billing: Process payments, invoices, contract renewals
  • Security: Detect and prevent unauthorized access
  • Product Improvement: Analyze aggregated, anonymized telemetry
  • Legal Compliance: Tax reporting, export controls, lawful government requests

No AI Training on Customer Data: PRYZM does NOT use your proprietary data, prompts, or outputs to train models.

4. Legal Bases for Processing (GDPR)

  • Contract Performance (Art. 6(1)(b)): Providing services, fulfilling subscriptions
  • Legitimate Interests (Art. 6(1)(f)): License enforcement, security, fraud prevention
  • Legal Obligation (Art. 6(1)(c)): Tax laws, export controls
  • Consent (Art. 6(1)(a)): Optional cookies, specific marketing

5. Data Sharing

We do not sell, rent, or trade your personal information. We share data only with:

  • Service Providers: AWS (website hosting), Stripe (payments), HubSpot (CRM)
  • Business Transfers: In case of merger, acquisition, or sale
  • Legal Requirements: When required by law or to protect rights

6. Your Privacy Rights

GDPR Rights (EEA/UK)

  • Right of Access
  • Right to Rectification
  • Right to Erasure
  • Right to Data Portability
  • Right to Restriction of Processing
  • Right to Object

CCPA/CPRA Rights (California)

  • Right to Know
  • Right to Delete
  • Right to Correct
  • Right to Opt-Out of Sale/Sharing
  • Right to Non-Discrimination

7. Contact Information

Privacy Inquiries: privacy@thepryzm.com

Data Protection Officer: dpo@thepryzm.com

Mailing Address: PRYZM Defense Systems, Inc., United States