PointGuard AI Privacy Policy

Terms of UsePrivacy PolicyCookies Policy

Effective date: July 1, 2025

This Privacy Policy describes how PointGuard AI, Inc. (“PointGuard,” “we,” “us,” or “our”) collects, uses, and discloses information. This policy applies to our Websites, our core SaaS platform, and the PointGuard AI Browser Extension.

If you do not agree with these terms, do not access or use our Services or Websites.

1. Scope and Controller Relationship

  • Enterprise Focus: Our Services are designed for use by organizations (e.g., your employer).
  • Data Control: The organization that agreed to the Master Service Agreement (MSA) controls their instance and associated Service Data.
  • Processor Role: PointGuard generally acts as a processor for Service Data and a controller for "Other Information" (like account details).

2. General Inforamation Collection

We collect Information to provide, update, and protect our Services.

  • Account Information: Email, phone number, and domain details.
  • Usage Data: IP addresses, browser types, and log files generated during interaction with our site.
  • Device Info: Operating systems and unique device identifiers.}

3. PointGuard AI Security Platform and Browser Extension

This section applies exclusively to users of the PointGuard’s SaaS Platform and Browser Extension.

To provide enterprise-grade Data Loss Prevention (DLP) and Guardrails for AI platforms, the extension operates under the following parameters:

A. Data Interaction and Scanning
- Prompt Monitoring: The extension reads prompts as they are typed into third-party AI platforms (e.g., ChatGPT, Gemini, Claude) to detect sensitive data before submission.
- Local Processing: Initial scanning occurs locally within your browser using regex-based detection to identify PII (Personally Identifiable Information) immediately.
- SaaS Scanning: For deeper context analysis, prompts may be forwarded to the PointGuard SaaS endpoint. All transmissions are secured via HTTPS.

B. Enterprise Deployment
- Policy-Driven: This extension is intended for deployment by a Customer’s IT administrator as part of a corporate DLP policy. It is not intended for individual consumer use outside of an enterprise agreement.

C. Google Chrome "Limited Use" Compliance
PointGuard strictly adheres to the Google Web Store Limited Use requirements:

- Purpose Limitation: We only use the data to provide the extension's stated DLP and Guardrail features.
- No Data Sales: We do not sell this data to third parties.
- No Advertising: Data from the extension is never used for advertising, marketing, or creditworthiness assessments.

4. How We Share and Protect Information

- No Selling: PointGuard does not sell personal information.
- Service Providers: We may engage third-party partners (e.g., cloud hosting) who are bound by SOC2-standard confidentiality.
- Encryption: We use industry-standard technical measures to protect information from unauthorized access.
- Retention: Data is retained as necessary to fulfill the purposes in this policy or as required by our agreement with your employer.

5. Your Rights and Data Deletion

- Access and Correction: You may seek to update or delete your Information.
- Deletion Requests: Users (or their IT admins) can request data deletion by contacting privacy@PointGuardAI.com.
Because your employer controls the Customer Instance, we may coordinate with their team to fulfill your request.
- Age Limit: Use of Services by anyone under 16 is prohibited.

6. Contact Information

For questions regarding this policy or the Browser Extension's data practices, please contact our Data Protection Officer:
Email: privacy@PointGuardAI.com
Address: 2219 Las Trampas Rd, Alamo, CA 94507