Skip to content
Experiencing a Breach?Blog
Get StartedContact Us
Decoyly

legal

Privacy Policy

How we collect, use, and protect your information. Last updated: June 9, 2026.

Introduction

At Decoyly, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our deception-first cybersecurity platform and services.

Information We Collect

Account Information

When you create an account, we collect your name, email address, company name, and contact details. For enterprise customers, we may also collect billing information and organizational details.

Platform Data

Our platform collects security-related data including network telemetry, decoy interactions, threat indicators, and system logs. This data is essential for detecting and responding to cyber threats in your environment.

Usage Information

We automatically collect information about how you interact with our platform, including IP addresses, browser types, access times, and pages viewed.

How We Use Your Information

  • To provide, maintain, and improve our cybersecurity services
  • To detect, investigate, and respond to security threats
  • To communicate with you about your account and our services
  • To comply with legal obligations and enforce our terms
  • To analyze platform performance and develop new features

Data Security

We implement industry-leading security measures to protect your data, including:

  • End-to-end encryption for data in transit and at rest
  • Regular security audits and penetration testing
  • SOC 2 Type II and ISO 27001 certified infrastructure
  • Zero-trust architecture with role-based access controls
  • 24/7 security monitoring and incident response

Data Retention

We retain security event data for up to 24 months to enable forensic analysis and compliance reporting. Account information is retained while your account is active and for 90 days after deletion, unless legal requirements mandate longer retention.

Your Rights

You have the right to access, correct, or delete your personal information. You may also object to processing, request data portability, or withdraw consent. For EU residents, these rights are protected under GDPR. UK residents are protected under UK GDPR and the Data Protection Act 2018.

International Data Transfers

Your data may be processed in the UK, EU, or other jurisdictions where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses.

Contact Us

For privacy-related questions or to exercise your rights, contact us at:

privacy@decoyly.com

Flat 33, Building 6907, Victoria Street
Village Green, Bradford, Wales ZK6 6JV
Phone: +44-65-5349-9822