Privacy Policy

Effective date: October 21, 2025

ilminate, LLC ("ilminate," "we," "our," or "us") respects your privacy. This policy explains how we collect, use, and protect personal information when you visit our website or use our cybersecurity services.

Information We Collect

From Website Visitors

Contact information: name, email address, company name, phone number (via contact forms and audit requests)
Email domain information for audit purposes
Website usage data (pages visited, time on site) via standard analytics

From Email Security Service Clients

Email metadata (headers, sender information, recipient information, timestamps)
Domain DNS records (SPF, DKIM, DMARC configurations)
Email authentication results and pass/fail data
Mailbox access via Microsoft Graph API (read only for threat analysis)
Threat intelligence data and security event logs

From Endpoint Protection (Wazuh EDR) Clients

Endpoint device information (hostname, IP address, OS version)
Security event logs and alerts
File hashes and process information
Network connection data
User activity logs on monitored endpoints

How We Use Information

To deliver requested cybersecurity services, audits, and threat analysis
To detect, prevent, and respond to security threats
To maintain and improve our APEX threat intelligence platform
To respond to inquiries and provide customer support
To comply with legal obligations and enforce agreements

Data Storage and Processing

We process and store data using the following infrastructure:

Amazon Web Services (AWS) for cloud infrastructure (Lambda, DynamoDB, S3)
Microsoft Azure/365 for Graph API integration
Wazuh open source platform for endpoint security monitoring

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

Data Retention

Email audit results: 90 days (standard)
Threat intelligence data: Duration of active service
Security event logs: 30 to 90 days depending on service tier
Contact and account information: Duration of business relationship plus legally required retention period

Data Security

As a cybersecurity services provider, we implement industry appropriate security measures including:

Encryption of data in transit and at rest
Role based access control and multi factor authentication
Regular security audits and vulnerability scanning
Incident response procedures and monitoring

However, no security method is perfect. While we work diligently to protect your data, we cannot guarantee absolute security and are not liable for unauthorized access or data breaches resulting from factors beyond our reasonable control.

Data Sharing

We do not sell personal information. We may share data with:

Trusted service providers who help operate our infrastructure (AWS, Microsoft) under contract and only as necessary
Law enforcement or regulators when required by law
Professional advisors (lawyers, accountants) under confidentiality obligations

Third Party Services

Our services rely on third party platforms including AWS, Microsoft Graph API, and Wazuh. We are not responsible for the privacy practices, security, or availability of these third party services.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website and analyze site usage.

What Are Cookies?

Cookies are small text files that are placed on your device when you visit a website. They are widely used to make websites work more efficiently and provide information to website owners.

Types of Cookies We Use

Essential Cookies: These cookies are necessary for the website to function properly. They enable core functionality such as security, network management, and accessibility. These cookies cannot be disabled.
Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. This includes pages visited, time spent on pages, and general navigation patterns.

Purposes for Cookie Use

To ensure website functionality and security
To analyze website traffic and user behavior
To improve website performance and user experience
To understand which content is most valuable to visitors

Third-Party Cookie Providers

We may use third-party analytics services that place cookies on your device. These services help us understand website usage patterns. Currently, we use standard web analytics tools. Any third-party providers will be listed here and are subject to their own privacy policies.

Managing Your Cookie Preferences

You can manage your cookie preferences at any time:

Use the cookie banner that appears when you first visit our site to accept or reject non-essential cookies
Click "Preferences" in the cookie banner to customize which types of cookies you allow
Most web browsers allow you to control cookies through their settings. You can set your browser to refuse cookies or alert you when cookies are being sent
Note that disabling certain cookies may impact your experience on our website

To opt out of analytics cookies, you can use the cookie preferences tool or contact us at hello@ilminate.com.

Your Rights and Choices

You may contact us at hello@ilminate.com to:

Access your personal information
Request corrections to inaccurate data
Request deletion of your information (subject to legal and contractual limitations)
Opt out of marketing communications

Regulated Industries

If you operate in a regulated industry (healthcare, finance, etc.), additional terms may apply. Healthcare clients subject to HIPAA will require a separate Business Associate Agreement (BAA).

Children's Privacy

Our services are intended for business use and not directed to children under 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this policy from time to time. The "Effective date" at the top reflects the latest version. Continued use of our services after changes constitutes acceptance.

Contact

ilminate, LLC
Wilmington, NC
Email: hello@ilminate.com
Website: www.ilminate.com