SigSlayer Privacy Policy

Effective Date: 2025-12-22
Last Updated: 2025-12-14

This Privacy Policy (“Privacy Policy”) describes how SigSlayer (“SigSlayer,” “we,” “us,” or “our”), a sole proprietorship (enskild firma) established in Sweden, collects, uses, discloses, and protects personal data in connection with the SigSlayer website, application, APIs, and related services (collectively, the “Service”).

This Privacy Policy applies to visitors, users, and customers of the Service.

1. Relationship to Other Documents

This Privacy Policy should be read together with:

  • Terms of Service (/legal/sigslayer-terms-of-service)
  • Enterprise Addendum (DPA + EU SCCs) (/legal/enterprise-addendum)
  • Acceptable Use Policy (/legal/acceptable-use-policy)
  • Subprocessor List (/legal/subprocessors)

If you are a business customer, and SigSlayer processes personal data on your behalf, such processing is governed by the Enterprise Addendum, which prevails in case of conflict.

2. Roles Under Data Protection Law

Depending on the context:

  • SigSlayer acts as a Data Controller for:
    • Website visitors
    • Account registration and authentication
    • Billing and subscription management
    • Communications and support
  • SigSlayer acts as a Data Processor for:
    • Customer content uploaded to the Service
    • Personal data contained in security questionnaires, documents, and related materials

Customers act as Data Controllers for Customer Content.

3. Personal Data We Collect

3.1 Data You Provide

We may collect:

  • Name
  • Business email address
  • Company name
  • Job title or role
  • Account credentials
  • Billing and payment information
  • Support communications
  • Documents and content uploaded to the Service (which may contain personal data)

3.2 Data Collected Automatically

When you use the Service, we may collect:

  • IP address
  • Device and browser information
  • Log files and timestamps
  • Usage and interaction data
  • Authentication and security logs

3.3 Customer Content

Customers may upload documents that include personal data relating to employees, contractors, customers, vendors, or other individuals.

SigSlayer does not control the nature of such content and processes it only in accordance with customer instructions and the Enterprise Addendum.

4. How We Use Personal Data

We process personal data to:

  • Provide, operate, and maintain the Service
  • Authenticate users and manage accounts
  • Process payments and subscriptions
  • Respond to inquiries and support requests
  • Monitor, secure, and improve the Service
  • Prevent fraud, abuse, and security incidents
  • Comply with legal and regulatory obligations

SigSlayer does not sell personal data.

5. AI and Automated Processing

The Service may use artificial intelligence to analyze and generate content based on Customer Content.

Key points:

  • AI outputs are generated only within the customer’s workspace
  • Customer Content is not used to train shared or public AI models
  • Automated processing does not produce legal or similarly significant effects without human review

Customers remain fully responsible for reviewing and validating outputs.

6. Legal Bases for Processing (GDPR)

Where GDPR applies, SigSlayer relies on the following legal bases:

  • Performance of a contract – to provide the Service
  • Legitimate interests – security, fraud prevention, service improvement
  • Legal obligations – accounting, tax, compliance
  • Consent – where required (e.g. optional communications)

Customers are responsible for establishing lawful bases for Customer Content.

7. Data Sharing and Disclosure

We may share personal data with:

  • Subprocessors (e.g. hosting, storage, AI inference, billing)
  • Professional advisors (legal, accounting)
  • Authorities when required by law
  • Successors in the event of a business transfer

A current list of subprocessors is available at:
/legal/subprocessors

8. International Data Transfers

SigSlayer is established in Sweden.
Personal data may be processed in the United States or other jurisdictions depending on subprocessors used.

Where required, such transfers are safeguarded by:

  • EU Standard Contractual Clauses (Module 2)
  • Incorporated via the Enterprise Addendum

9. Data Security

SigSlayer implements administrative, technical, and organizational measures designed to protect personal data, including:

  • Access controls and authentication
  • Encryption in transit and at rest (where applicable)
  • Logical tenant isolation
  • Monitoring and logging
  • Incident response procedures

Security practices are aligned with SOC 2 principles.

10. Data Retention

Personal data is retained:

  • For the duration of the customer relationship
  • As necessary to provide the Service
  • As required by applicable law

Customer Content is deleted following termination in accordance with the Enterprise Addendum and internal retention practices.

11. Data Subject Rights

Depending on applicable law, individuals may have rights to:

  • Access personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Data portability

Requests may be submitted to:
legal@sigslayer.com

If SigSlayer processes data as a processor, requests should be directed to the relevant customer (data controller).

12. Cookies and Tracking

We use cookies and similar technologies for:

  • Authentication and session management
  • Security
  • Core service functionality
  • Limited analytics

Where required, consent mechanisms are provided.

13. Children’s Privacy

The Service is not intended for children under 18.
SigSlayer does not knowingly collect personal data from children.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
Material changes will be communicated via the Service or email.

Continued use of the Service constitutes acceptance of the updated Privacy Policy.

15. Contact Information

SigSlayer
Sweden
Email: legal@sigslayer.com

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by
Scroll to Top