← Back to StandardPulse

Privacy Policy

Last updated: March 23, 2026

1. Introduction

StandardPulse ("we", "our", or "the Service") is a GRC intelligence platform operated for professional use. This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

2. Information We Collect

Account Information: When you sign in via Google, we receive your email address, display name, and profile photo from your Google account.

Usage Data: We collect information about how you interact with the Service, including pages visited, features used, and actions taken.

User-Generated Content: Data you upload or create within the Service (e.g., compliance mappings, comments, reports) is stored and processed to provide the Service.

3. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To authenticate your identity and manage your account
  • To process your requests within the platform using AI services (Google Gemini)
  • To communicate with you about the Service
  • To detect and prevent security incidents

4. AI Processing

Certain features use the Google Gemini API for AI-powered analysis. Data sent to the Gemini API is processed in accordance with Google's Generative AI Terms of Service. Data submitted via the API is not used by Google for model training.

5. Data Storage & Security

Your data is stored on Google Cloud Platform infrastructure in the United States (us-central1 region). We use industry-standard security measures including encryption at rest (AES-256), encryption in transit (TLS), authentication via Google Cloud Identity Platform, and access controls.

6. Data Sharing

We do not sell your personal information. We may share data only in the following circumstances:

  • Service Providers: Google Cloud Platform (hosting), Google Gemini API (AI processing)
  • Legal Requirements: When required by law or to protect our rights
  • With Your Consent: When you explicitly authorize sharing

7. Data Retention

We retain your account data for as long as your account is active. You may request deletion of your data by contacting us. Upon deletion request, your data will be removed within 30 days, except where retention is required by law.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to certain processing of your data

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the Service. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions or requests, contact us at privacy@standardpulse.net.

© 2026 StandardPulse