diff --git a/client/pages/Privacy.tsx b/client/pages/Privacy.tsx index 83610b06..f0fefa06 100644 --- a/client/pages/Privacy.tsx +++ b/client/pages/Privacy.tsx @@ -165,10 +165,31 @@ export default function Privacy() { > Chrome Web Store User Data Policy - , including the Limited Use requirements. We only request permissions - necessary for DLP functionality and do not use this data for advertising, - creditworthiness assessment, or sale to third parties. + , including the Limited Use requirements.

+
@@ -184,6 +205,22 @@ export default function Privacy() {

+
+

Data Controller & Data Protection Officer

+

+ Data Controller: AeThex Inc., 123 Innovation Drive, + Phoenix, AZ 85001, United States. We are responsible for deciding how + we collect, hold, and use your personal information. +

+

+ Data Protection Officer (DPO): For questions about + data protection or to exercise your rights, contact our DPO at{" "} + + dpo@aethex.dev + . +

+
+

Legal Bases (EEA/UK)

@@ -214,11 +251,37 @@ export default function Privacy() {

-

Data Retention

+

Data Retention Schedule

We retain data for as long as needed to provide Services, comply - with law, resolve disputes, and enforce agreements. You may - request deletion of your account data, subject to legal holds. + with law, resolve disputes, and enforce agreements. Specific retention + periods include: +

+ +

+ You may request deletion of your account data, subject to legal holds + and regulatory requirements.

@@ -236,6 +299,85 @@ export default function Privacy() { +
+

California Privacy Rights (CCPA/CPRA)

+

+ If you are a California resident, you have additional rights under + the California Consumer Privacy Act (CCPA) and California Privacy + Rights Act (CPRA): +

+ +

+ Do Not Sell or Share My Personal Information: AeThex + does not sell personal information and does not share personal information + for cross-context behavioral advertising purposes. +

+

+ To exercise any of these rights, contact us at{" "} + + privacy@aethex.dev + {" "} + or submit a request through your account settings. We will verify your + identity before processing your request. +

+
+ +
+

Right to Appeal

+

+ If we deny your data rights request (such as access, deletion, or + correction), you have the right to appeal our decision. To appeal: +

+
    +
  1. + Email{" "} + + dpo@aethex.dev + {" "} + with the subject line "Privacy Appeal". +
    2. +
  2. + Include your original request reference number and explain why you + believe our decision was incorrect. +
    3. +
  3. + We will review your appeal within 45 days and provide a written + response explaining our final decision. +
    4. +
  4. + If you are unsatisfied with our appeal decision, you may file a + complaint with your local data protection authority (for EEA/UK + residents) or the California Attorney General (for California residents). +
    5. +
+
+

Security

diff --git a/client/pages/Support.tsx b/client/pages/Support.tsx index c2543568..c90db4c5 100644 --- a/client/pages/Support.tsx +++ b/client/pages/Support.tsx @@ -476,8 +476,168 @@ export default function Support() {

- {/* Emergency Support */} + {/* Security & Abuse Reporting */}
+
+
+

+ Security & Abuse Reporting +

+

+ Report security vulnerabilities, abuse, or policy violations +

+
+ +
+ + +
+
+ +
+
+ Report Security Vulnerability + + Found a security issue? Let us know responsibly. + +
+
+ + +

+ If you've discovered a security vulnerability in AeThex services, + please report it to our security team. We take all reports seriously + and will respond promptly. +

+ + + + + + +
+
+ +
+
+ Report Abuse or Violations + + Report harassment, spam, or policy violations. + +
+
+ + +

+ If you've encountered abuse, harassment, spam, or Terms of Service + violations, report them to our Trust & Safety team. +

+ + + +
+ + + + Incident Response Process + + What happens after you report a security issue or abuse + + + +
+
+
+ 1 +
+

Acknowledgment

+

+ We acknowledge receipt within 24 hours for security reports, + 48 hours for abuse reports. +

+
+
+
+ 2 +
+

Investigation

+

+ Our team investigates the report, gathers evidence, and + assesses severity. +

+
+
+
+ 3 +
+

Resolution

+

+ We take appropriate action - patching vulnerabilities or + enforcing policies against violators. +

+
+
+
+ 4 +
+

Follow-Up

+

+ We notify you of the outcome and any actions taken (where + appropriate). +

+
+
+ + + + + + Escalation Steps + + If your report isn't addressed or you disagree with the outcome + + + +
    +
  1. + 1 +
    + Reply to your original report +

    Reference your ticket number and explain why you believe further action is needed.

    +
    +
    2. +
  2. + 2 +
    + Contact escalations@aethex.dev +

    For unresolved issues, escalate to our senior Trust & Safety team with your ticket number.

    +
    +
    3. +
  3. + 3 +
    + Executive Review +

    For serious unresolved matters, contact legal@aethex.dev for executive review.

    +
    +
    4. +
+ + +
+
+ + {/* Emergency Support */} +
diff --git a/client/pages/Terms.tsx b/client/pages/Terms.tsx index 1f2b9f1f..ca38257a 100644 --- a/client/pages/Terms.tsx +++ b/client/pages/Terms.tsx @@ -176,25 +176,51 @@ export default function Terms() {

The AeThex Sentinel extension and Warden bot are provided for data loss - prevention purposes. You acknowledge that: + prevention purposes. By installing or using the extension, you acknowledge + and agree to the following:

  • - The extension may interfere with website functionality on certain sites. - AeThex is not responsible for any website breakage or data loss resulting + Website Interference: The extension may interfere with + website functionality on certain sites. AeThex is not responsible for + any website breakage, form submission failures, or data loss resulting from extension use.
  • - No security tool is 100% effective. AeThex does not guarantee prevention - of all data leaks or security incidents. + False Positives: The DLP scanning system may generate + false positives, blocking legitimate content that resembles sensitive + data patterns. AeThex is not liable for any business disruption, lost + transactions, or inconvenience caused by false positive detections.
  • - You are solely responsible for configuring security policies appropriate - for your organization's needs. + No Absolute Security Guarantee: No security tool is + 100% effective. AeThex does not guarantee prevention of all data leaks, + security incidents, or breaches. The extension is one layer of defense + and should not be your sole security measure.
  • - The extension requires certain browser permissions to function. You consent - to granting these permissions when you install the extension. + Data Interception Liability: While the extension scans + text for security purposes, AeThex is not liable for any claims arising + from the interception, analysis, or processing of data passing through + the extension. You are responsible for ensuring compliance with applicable + privacy laws in your jurisdiction. +
    • +
  • + Policy Configuration Responsibility: You are solely + responsible for configuring security policies appropriate for your + organization's needs. Misconfigured policies may result in over-blocking + or under-protection. +
    • +
  • + Policy Updates: You are responsible for staying informed + about extension policy updates. We will notify you of material changes, + but continued use after notification constitutes acceptance. +
    • +
  • + Browser Permissions: The extension requires certain + browser permissions to function. You consent to granting these permissions + when you install the extension and acknowledge that revoking permissions + will disable extension functionality.
@@ -214,13 +240,56 @@ export default function Terms() {

Dispute Resolution & Arbitration

- Any dispute arising from these Terms or the Services shall be resolved + Mutual Agreement: Both you and AeThex Inc. agree that + any dispute arising from these Terms or the Services shall be resolved through binding arbitration in accordance with the rules of the American Arbitration Association. The arbitration shall take place in Arizona, USA. - You agree to waive any right to participate in a class action lawsuit or - class-wide arbitration against AeThex Inc. This arbitration agreement does - not preclude you from bringing issues to the attention of federal, state, - or local agencies who may seek relief on your behalf. +

+

+ Class Action Waiver: You agree to waive any right to + participate in a class action lawsuit or class-wide arbitration against + AeThex Inc. +

+

+ Small Claims Court Exception: Notwithstanding the above, + either party may bring an individual action in small claims court for + disputes within the court's jurisdictional limits. +

+

+ Injunctive Relief Exception: Either party may seek + emergency injunctive relief from a court of competent jurisdiction to + prevent irreparable harm pending arbitration, including protection of + intellectual property rights, confidential information, or to stop + ongoing violations of these Terms. +

+

+ Government Agency Complaints: This arbitration agreement + does not preclude you from bringing issues to the attention of federal, + state, or local agencies who may seek relief on your behalf. +

+
+ +
+

Arbitration Opt-Out

+

+ You have the right to opt out of binding arbitration within 30 days of + creating your account or accepting these Terms (whichever is later). To + opt out, you must send a written notice to{" "} + + legal@aethex.dev + {" "} + with the subject line "Arbitration Opt-Out" that includes: +

+ +

+ If you opt out, disputes will be resolved in the state or federal courts + located in Maricopa County, Arizona. Opting out will not affect your + ability to use the Services.