Privacy Policy

Last updated: Feb 6, 2026

1. Introduction

The CVE Yack platform is operated by Yack Security Inc. This privacy policy explains what data is collected when using the platform, how it is used, and how it is protected.

2. Data collected

When using SSO (Single Sign-On) authentication and the platform's features, the following data may be collected:

  • Email address
  • First and last name
  • User ID provided by the identity provider
  • Basic session information (login date, SSO provider)

No sensitive data (passwords, email content, personal files) is stored.

3. Use of data

The data collected is used exclusively to:

  • Authenticate users via SSO
  • Manage secure access to the platform
  • Improve the stability and security of the service

The data is never used for advertising purposes.

4. Data sharing

Data is not sold, rented, or shared with third parties, except:

  • When required for the operation of SSO authentication (e.g., the identity provider)
  • When required by law

5. Data retention

Data is retained only for as long as necessary for the use of the platform or for as long as the user account is active.

6. Security

Appropriate technical and organizational measures are implemented to protect data against unauthorized access, disclosure, or loss.

7. User rights

Users may request access to, correction, or deletion of their data by contacting the platform operator.

8. Contact

For any questions regarding this privacy policy, email privacy@yack.one.