Privacy Policy

How Cerbi handles data and what we do not do.

Summary

CerbiShield is a governance control plane that you deploy in your own tenant. Cerbi does not run as your log storage vendor, and we do not replace your existing observability tools.

Instead, CerbiShield sits in your infrastructure and enforces governance policies on structured logs before they reach your chosen destinations like Azure Monitor, Datadog, Splunk, or ELK. Your data stays in your environment.

What data we collect

We collect limited data to operate our website and support services:

  • Website analytics: We collect anonymous usage data about visits to cerbi.io using standard analytics tools like Google Analytics and Microsoft Clarity. This includes pages visited, referral sources, and general location data.
  • Contact form submissions: When you submit a contact form or request support, we collect your name, email address, company name (if provided), and any message content you submit.
  • Optional product telemetry: If you enable diagnostic telemetry in your CerbiShield deployment, we may collect high-level usage statistics about governance profiles, policy execution counts, and system health metrics. This is optional and customer controlled.

What we do not collect by default

Cerbi does not collect or store your application logs by default. CerbiShield runs in your tenant and processes logs locally before forwarding them to your chosen destinations.

If you opt in to advanced diagnostics or support troubleshooting, we may request limited samples of anonymized governance metadata or system logs. This is always:

  • Optional and initiated by you
  • Controlled through your CerbiShield admin settings
  • Limited in scope and duration

Cookies and analytics

We use cookies and similar tracking technologies to understand how visitors use our website. These include:

  • Essential cookies: Required for basic site functionality like session management and preference storage.
  • Analytics cookies: Used to understand site usage patterns and improve user experience.

You can opt out of analytics tracking by configuring your browser settings or using browser extensions that block tracking. Note that disabling essential cookies may impact site functionality.

Customer tenant data and responsibilities

When you deploy CerbiShield in your tenant, you control:

  • Infrastructure: CerbiShield runs on your Azure subscription using resources you provision and manage.
  • Storage: All governance metadata, policy definitions, and operational data are stored in databases and storage accounts within your tenant.
  • Retention policies: You define how long governance audit logs and metadata are retained based on your compliance requirements.
  • Access controls: You manage who can access your CerbiShield deployment through your identity provider and RBAC configurations.

Cerbi provides the software and governance capabilities. You maintain ownership and control of your data and infrastructure.

Data sharing

We do not sell your data. We do not share your data with third parties for marketing purposes.

We may share limited data with trusted service providers only when necessary to operate our website or provide customer support:

  • Email and support platforms: We use third-party tools for email delivery and customer support ticket management.
  • Analytics providers: Services like Google Analytics and Microsoft Clarity process anonymized website usage data on our behalf.
  • Legal requirements: We may disclose information if required by law, court order, or government regulation.

Security

We implement industry-standard security practices to protect data:

  • Encrypted connections using TLS for data in transit
  • Access controls and authentication for administrative systems
  • Regular security reviews and updates
  • Tenant isolation and secure deployment practices

While we follow security best practices, no system is completely secure. We encourage customers to implement their own security controls and follow the principle of least privilege when configuring access to CerbiShield deployments.

Data retention

For website contact information and support inquiries, we retain data for as long as necessary to respond to your request and maintain business records. Typically:

  • Contact form submissions: Retained for up to 2 years or as required for ongoing business relationships.
  • Website analytics: Anonymized data retained per the policies of our analytics providers (typically 26 months).

You may request deletion of your contact information at any time by emailing hello@cerbi.io. We will process deletion requests within 30 days.

International users

Our website is hosted and operated from the United States. If you access cerbi.io from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For CerbiShield deployments, data remains in your tenant and is subject to the data residency and compliance controls you configure in your own Azure environment.

Your choices and rights

Depending on your location, you may have rights under privacy laws including:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information subject to legal retention requirements.
  • Objection: Object to processing of your information for certain purposes.

To exercise any of these rights, contact us at hello@cerbi.io.

Contact

If you have questions about this privacy policy or our data practices, contact us at:

hello@cerbi.io

Last updated: February 9, 2026