Privacy Policy
Last updated: Feb 6, 2026
1. Introduction
The CVE Yack platform is operated by Yack Security Inc. This privacy policy explains what data is collected when using the platform, how it is used, and how it is protected.
2. Data collected
When using SSO (Single Sign-On) authentication and the platform's features, the following data may be collected:
- Email address
- First and last name
- User ID provided by the identity provider
- Basic session information (login date, SSO provider)
No sensitive data (passwords, email content, personal files) is stored.
3. Use of data
The data collected is used exclusively to:
- Authenticate users via SSO
- Manage secure access to the platform
- Improve the stability and security of the service
The data is never used for advertising purposes.
4. Data sharing
Data is not sold, rented, or shared with third parties, except:
- When required for the operation of SSO authentication (e.g., the identity provider)
- When required by law
5. Data retention
Data is retained only for as long as necessary for the use of the platform or for as long as the user account is active.
6. Security
Appropriate technical and organizational measures are implemented to protect data against unauthorized access, disclosure, or loss.
7. User rights
Users may request access to, correction, or deletion of their data by contacting the platform operator.
8. Contact
For any questions regarding this privacy policy, email privacy@yack.one.