Privacy Policy

Review the TensorGuard Privacy Policy to understand how we collect, use, and protect your data while providing our enterprise digital forensics platform.

TensorGuard Privacy Policy

Last Updated: March 15th, 2026

New Customer Effective Date: March 15th, 2026

Current Customer Effective Date: April 15th, 2026

Thank you for using TensorGuard. This Privacy Policy outlines how TensorGuard Inc. (“TensorGuard,” “we,” “our,” or “us”) collects, uses, stores, shares, and protects your information when you use our website, https://tensorguard.com (the “Site”), and our forensic analysis platform, tools, and related services (collectively, the “Services”).

This Policy is a legally binding agreement between you and TensorGuard. By creating an account or using our Services, you acknowledge that you have read, understood, and agree to the practices described in this Policy.

1. Third-Party Authentication & Opt-In API Integrations

This Privacy Policy applies to all information we process through our Services. Please note: If your organization utilizes our self-hosted, on-premises deployment option, TensorGuard does not host, access, or process your Forensic Data; in such cases, this policy applies only to your Account Information and related communications with us.

A. Console Authentication Providers We use third-party enterprise authentication providers (such as Microsoft Entra ID, Okta, Google, or GitLab) to create and access your account.

  • Google Limited Use Disclosure: To the extent your organization utilizes Google for authentication, TensorGuard’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
  • Other Identity Providers: Information received from other providers (e.g., Microsoft, Okta, GitLab) is governed by our commitment to user privacy as outlined in this policy and by their respective privacy statements.

For all supported authentication providers, our access and use are strictly limited as follows:

  • What we access: We access your basic profile information (Real Name, Email Address).
  • How we use it: This data is used solely for user identification, to create and authenticate your account, and to allow other users within your designated organization on the TensorGuard platform to identify you.
  • How we store it: Your name and email address are stored securely on our servers.
  • How we share it: This information is not sold or shared for advertising purposes. It is shared only with our essential service providers for operational purposes (as detailed in Section 5) and with other members of your organization within the platform.

B. Opt-In Cloud Communication Integrations TensorGuard strictly adheres to a data-minimization philosophy. We do not collect or ingest cloud communications (e.g., emails, direct messages) by default. Certain integrations, such as Microsoft 365 and Slack, must be explicitly enabled and authorized by your organization on an opt-in basis.

  • If you opt-in to these integrations, any data ingested from the respective APIs is processed exclusively as Forensic Data on your behalf to provide the Services.
  • This data is strictly siloed, is never used for TensorGuard’s marketing purposes, and is never used to train or fine-tune foundational generative Artificial Intelligence models across tenant boundaries.

2. Information We Collect

We collect several categories of information in providing our Services.

A. Information You Provide to Us Directly:

  • Account Information: When you register for a TensorGuard account via a third-party enterprise authentication service (e.g., Microsoft, Okta, Google, or GitLab) utilizing OAuth 2.0 / OIDC protocols, we collect your Real Name and Email Address from your respective account.
  • Payment Information: When you subscribe to our paid services, you provide payment information (such as credit card numbers and billing information) directly to our third-party payment processor, Stripe. We do not store or have direct access to your full payment card details.
  • Communications: When you contact us for support or other inquiries via email to tensorguard.com, we retain records of those communications.

B. Information Collected Through Your Use of the Services:

  • Forensic Data: Our service is a forensic platform. When an authorized user in your organization uses the “TensorGuard Forensic Collector” to acquire data from a device, or authorizes TensorGuard to ingest data via specific third-party cloud integrations (e.g., Microsoft 365, Slack), that data is uploaded to our platform for analysis at your direction. This data may include any and all information present on the device or within the connected cloud tenant workspaces.
  • Sensitive Personal Information (SPI): You acknowledge that Forensic Data may inherently contain “Sensitive Personal Information” as defined by applicable U.S. state privacy laws (such as the California Privacy Rights Act). This may include, but is not limited to, social security numbers, driver’s licenses, financial account details, precise geolocation, racial or ethnic origin, religious beliefs, and the contents of private communications like emails and text messages. We only process this data on your behalf and at your direction to provide the Services. We do not use SPI for any purpose other than providing, maintaining, and securing the forensic analysis service.
  • Usage and Log Information: We automatically collect information about your interactions with the Services, including your login status, session information, and the Internet Protocol (IP) address from which you access the platform. This information is necessary for security, auditing, and maintaining the Services.

C. Information from Third-Party Sources:

  • Third-Party Authentication Providers: As described above, we collect your name and email from your chosen enterprise provider (e.g., Microsoft, Okta, Google, GitLab) to facilitate account creation and login.
  • Stripe: Our payment processor, Stripe, may provide us with transaction details or tokens for billing management, but not your full payment details.
  • Google Analytics 4 (GA4): We use Google Analytics on our public-facing homepage (https://tensorguard.com) to collect aggregated data about site traffic and user interaction. We deploy GA4 using Google Consent Mode v2. This means that analytics cookies and full tracking capabilities are strictly gated behind your explicit consent. If you do not opt-in (or if you opt-out), GA4 operates in a restricted, cookieless state that only registers anonymous, aggregated pageview pings without identifying you or dropping tracking files on your device. This tracking is strictly limited to our public Site and is never used within the secure, authenticated TensorGuard platform.

To give you complete control over your privacy, we utilize a certified Consent Management Platform (CMP), CookieYes, to manage all tracking scripts and cookies on tensorguard.com.

  • Strict Default Deny: By default, all non-essential cookies (including analytics, marketing, and functional cookies) are blocked when you first visit our Site.
  • Strictly Necessary Cookies: The only cookies loaded automatically are those strictly necessary for the Site to function securely (such as routing traffic, preventing CSRF attacks, and remembering your consent preferences).
  • Managing Your Preferences: You have the right to grant, deny, or withdraw your consent at any time. You can view our full list of active cookies and dynamically change your tracking preferences by clicking the “Cookie Preferences” link located in the footer of our website.

4. How We Use Your Information

We use the information we collect for the following business and commercial purposes:

  • To Provide and Maintain the Services: To authenticate users, process forensic data as directed by you, process transactions, and ensure the operational functionality of the platform.
  • For Security and Fraud Prevention: To monitor for and prevent security threats, unauthorized access, and violations of our terms.
  • For Customer Support: To respond to your requests, questions, and feedback.
  • For Analytics and Service Improvement: To understand how our users interact with the Services to improve functionality and user experience.
  • For Marketing and Promotional Communications: We may use your Account Information (name and email address) to send you information about our Services, updates, or other promotional content. You may opt out of these communications at any time. We will never use Forensic Data for any marketing or promotional purpose.
  • To Comply with Legal Obligations: To cooperate with public and government authorities, courts, or regulators in accordance with our legal obligations.

Data Processing Addendum (DPA): For organizational customers where TensorGuard acts as a Service Provider or Processor under applicable U.S. state privacy laws, our data processing obligations are further detailed and governed by our Data Processing Addendum. See https://tensorguard.com/data-processing-addendum.

5. How We Retain Your Information

We retain your Account Information and Usage and Log Information for as long as your account is active or as needed to provide you with the Services.

Active Forensic Data processed within the Cloud Services is retained in accordance with the data processing retention period specified in your Commercial Agreement (by default, a rolling 30-day window). After this period, or upon manual deletion by an Administrator, the active platform data is cryptographically destroyed.

Note regarding Legal Holds: TensorGuard’s active platform automation does not override your internal evidence preservation duties. For the purposes of satisfying long-term Legal Holds, HR disputes, or M&A due diligence requirements, it is your Organization’s sole responsibility to export and safely archive the immutable .spade collection packages in your own offline, cold-storage environments prior to the expiration of the active platform processing window.

You may delete your information as described in Section 7. We may retain certain information for a longer period if required to comply with our legal obligations (e.g., retaining transaction records), resolve disputes, or enforce our agreements.

6. How We Share Your Information

We do not “sell” or “share” (as defined by the CCPA/CPRA) your personal information. We only disclose your information to the following categories of third parties for the purposes described in this policy:

  • Other Users in Your Organization: Your name and email address are visible to other users who are part of the same organization on the TensorGuard platform.
  • Service Providers: We engage third-party companies to process information on our behalf. These service providers are contractually obligated to protect your data and are prohibited from using it for any other purpose.
    • Cloud Hosting, Compute, and AI Processing: Forensic Data and other user data are hosted and processed by our secure infrastructure providers, which include Google Cloud, Hetzner US, and Cloudflare. To power our Intelligence Engines, TensorGuard strictly utilizes enterprise-grade Artificial Intelligence API endpoints provisioned through Google Cloud. These enterprise endpoints are governed by strict data privacy agreements ensuring that your Forensic Data and analytical prompts are completely siloed and are never utilized by Google or TensorGuard to train foundational AI models.
    • Email Communications: Transactional and promotional emails may be managed by MailGun.
    • Payment Processing: All payments are handled by Stripe and/or Mercury invoicing.
    • Consent Management: We use CookieYes to log and manage user privacy preferences. They securely process and hash IP addresses solely to maintain a legally required audit trail of your consent choices.
  • For Legal Reasons: We may disclose your information to a third party if we are required to do so by law, such as in response to a subpoena, court order, or other valid legal process.
  • In Case of a Business Transfer: If TensorGuard is involved in a merger, acquisition, or sale of all or a portion of its assets, your Account Information may be transferred as part of that transaction. In such an event, we will notify you via email. As a core principle, your Forensic Data will not be sold or transferred to a third party for their own use; it will only continue to be processed by the essential cloud service providers listed above as part of the continuity of the service.

7. Data Security

We implement technical and organizational measures designed to protect your information from unauthorized access, use, alteration, or destruction. These measures include encryption of data in transit and at rest, strict access controls, and regular internal security audits. However, no security system is impenetrable, and we cannot guarantee the absolute security of your data.

8. Your Privacy Rights and Choices

You have rights and choices regarding your personal information.

  • Access, Correction, and Deletion: You have the right to request access to, correction of, or deletion of your personal data.
  • How to Exercise Your Rights: You may exercise your rights via the following methods:
    1. Email: Send a request to privacy@tensorguard.com. We will verify your request using the email address associated with your account.
    2. In-Platform Controls:
      • Any user can select “Delete my Account” inside the platform console to delete data tied to their individual user account.
      • An organization administrator can select “Delete my Organization” to delete all data tied to the organization, including all user accounts and all uploaded Forensic Data.

Statutory Exceptions for Evidentiary Integrity: The right to deletion does not apply to Forensic Data payloads, Chain of Custody logs, Audit Trails, or associated identifying information (e.g., Real Name, Email Address, Timestamps, IP Addresses) that have been immutably written into a forensic record prior to your request. To maintain the evidentiary viability of historical investigations and prevent the spoliation of evidence, TensorGuard and your Organization expressly reserve the right to retain such data. We rely on the statutory exemptions provided by applicable U.S. Privacy Laws (including, but not limited to, Cal. Civ. Code § 1798.105(d)) to refuse deletion requests where retention is strictly necessary to: (i) help ensure security and integrity; (ii) detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity; (iii) prosecute those responsible for that activity; or (iv) exercise or defend legal claims.

We will not discriminate against you for exercising your privacy rights. Please note that we may need to retain certain information for recordkeeping purposes or to complete transactions that you began prior to requesting a change or deletion, as permitted by law.

  • Do Not Track (DNT) and Global Privacy Control (GPC): Our public Site actively respects Do Not Track (DNT) browser settings and Global Privacy Control (GPC) signals. Our Consent Management Platform intercepts these signals at the network edge. If your browser broadcasts a DNT or GPC signal, our Site will automatically default to rejecting all non-essential cookies and tracking scripts, overriding any default analytics behavior. Within the secure TensorGuard platform itself, we only collect telemetry strictly essential for platform security, auditing, and operation, meaning tracking controls are inherently minimized by design.

9. Children’s Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. Furthermore, as a condition of using our Services, you agree in our Terms of Service not to intentionally target or process the data of minors. We acknowledge that incidental collection of such data may occur during a legitimate enterprise investigation, which is governed by your organization’s own data policies. If we become aware that we have intentionally collected personal data from a child in violation of applicable law or that a user has violated this policy, we will take steps to delete that information as soon as possible.

10. Operation in the United States

Our services are operated exclusively within the United States and are intended for use only by residents of the United States. If you are located outside of the United States, please be aware that information you provide to us will be transferred to, stored, and processed in the United States.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email to the address associated with your account. Your continued use of the Services after the effective date of the revised policy will constitute your acceptance of the changes. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

TensorGuard Inc.

Email: privacy@tensorguard.com



Start with a Compromise Assessment.

The best way to see the power of TensorGuard is to use it. For a simple, flat fee, we will conduct a full, AI-powered Compromise Assessment on a selection of your critical systems.

TensorGuard Automated DFIR Platform Dashboard