This Privacy Policy explains what data AI Red Team Labs (“we”, “us”) collects, how we use it, and the choices you have.
We build for security-first operation and minimize data collection.
1) What we collect
- Account email you enter for subscription + access (e.g., used to verify eligibility for protected endpoints).
- Billing metadata processed by our payment provider (e.g., Stripe). We do not store full payment card numbers.
- Operational logs (e.g., request time, endpoint, status code, basic rate-limiting signals) for reliability and abuse prevention.
2) What we do not collect (by default)
- We do not request or need your real secrets, passwords, or system prompts.
- We do not run “live attacks” against third-party systems.
- We do not sell personal information.
3) How we use data
- Access control: verify subscription/access for protected endpoints.
- Security & abuse prevention: detect brute force, scraping, cost abuse, and unsafe automation.
- Operations: monitor uptime and diagnose failures.
4) Cookies & local storage
The front-end may store limited data in your browser to improve usability, such as:
airedlabs_email (your saved email)- local training/evaluation history used for “readiness score”
You can clear this anytime via your browser settings.
5) Third parties
- Stripe processes payments. Their privacy policy applies to payment processing.
- We may use infrastructure providers (hosting, monitoring) that process data strictly to deliver the service.
6) Data retention
We retain data only as long as necessary for operations, billing, compliance, and security.
Security logs may be kept longer to investigate abuse or incidents.
7) Your choices
- Request access, correction, or deletion: email [PRIVACY_EMAIL].
- Opt out of non-essential communications at any time.
8) Security
We apply reasonable safeguards (TLS, least privilege, rate limiting, auditing). No system is perfect, but we design for defense-in-depth.
9) Contact