Privacy Policy

Last updated: March 9, 2026

1. Introduction

Ironclad Equity Pty Ltd ("we", "us", or "our") operates Blamphs.ai ("Service"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service.

By using Blamphs.ai, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, company name
  • Billing Information: Credit card details, billing address (processed securely via Stripe)
  • AWS Credentials: IAM role ARNs, access keys (encrypted with AES-256-GCM)
  • Configuration Data: Monitoring preferences, alert settings, optimization constraints

2.2 Information We Collect Automatically

  • AWS Infrastructure Data: GPU utilization metrics, instance types, CUDA logs, node health status
  • Usage Data: Pages visited, features used, time spent in the Service
  • Device Information: Browser type, operating system, IP address, device identifiers
  • Cookies: Session cookies, analytics cookies, preference cookies

2.3 Information from Third Parties

  • AWS API: Infrastructure metrics, CloudWatch logs, cost data
  • Payment Processors: Payment confirmation, subscription status

3. How We Use Your Information

We use collected information for the following purposes:

  • Provide the Service: Monitor your GPU infrastructure, detect issues, optimize costs
  • Account Management: Create and manage your account, process payments, send notifications
  • Service Improvement: Analyze usage patterns, improve features, fix bugs
  • Security: Detect and prevent fraud, unauthorized access, and security threats
  • Communication: Send service updates, billing notifications, security alerts
  • Compliance: Comply with legal obligations, respond to lawful requests

4. Data Security and Encryption

We take data security seriously and implement industry-standard measures:

  • Encryption at Rest: AWS credentials stored with AES-256-GCM encryption
  • Encryption in Transit: All data transmitted over HTTPS/TLS 1.3
  • Access Controls: Role-based access, principle of least privilege
  • Infrastructure Security: Hosted on secure cloud infrastructure with regular security audits
  • Read-Only AWS Access: We only request read-only IAM permissions for AWS monitoring

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data only in these limited circumstances:

5.1 Service Providers

  • AWS: Cloud infrastructure hosting
  • Stripe: Payment processing
  • Analytics Providers: Anonymized usage analytics

5.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights and safety.

5.3 Business Transfers

If we are acquired or merged with another company, your information may be transferred as part of that transaction.

6. Data Retention

We retain your information for as long as necessary to provide the Service and comply with legal obligations:

  • Account Data: Retained while your account is active
  • AWS Credentials: Deleted within 30 days of account closure
  • Infrastructure Metrics: Retained for 90 days for historical analysis
  • Billing Records: Retained for 7 years for tax and accounting purposes
  • Security Logs: Retained for 1 year for security investigations

7. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

Cookie Type Purpose Duration
Essential Authentication, session management Session/7 days
Analytics Usage tracking, feature adoption 30 days
Preference Save dashboard settings, theme 1 year

You can disable cookies in your browser settings, but this may limit functionality.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Data Portability: Receive your data in a structured, machine-readable format
  • Opt-Out: Unsubscribe from marketing emails (service emails still sent)
  • Revoke Access: Remove AWS IAM role to stop data collection

To exercise these rights, contact us at privacy@blamphs.ai.

9. International Data Transfers

Your data may be processed in countries outside your own, including Australia and the United States. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

10. Children's Privacy

Blamphs.ai is not intended for users under 18 years of age. We do not knowingly collect information from children. If we discover that we have collected data from a child, we will delete it immediately.

11. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. Please review their privacy policies before providing any information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice in the Service

Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Compliance and Certifications

We are committed to data protection compliance:

  • GDPR: For European Economic Area (EEA) users
  • CCPA: For California residents
  • SOC 2 Type II: Available for Enterprise plans
  • Australian Privacy Principles: For Australian users

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Ironclad Equity Pty Ltd
Email: privacy@blamphs.ai
Data Protection Officer: dpo@blamphs.ai