Privacy Policy

Last updated: January 1, 2026

Your privacy is important to us. This policy explains how we collect, use, and protect your information when you use Secov.

Secov ("the Product") is a compliance automation platform provided by TheDevSecOps LLC ("the Company", "we", "us", or "our"). We are committed to protecting your privacy and ensuring the security of the data you entrust to us.

This Privacy Policy explains how we collect, use, and protect your information when you use the Secov platform and website (secov.com).

1. Information We Collect

We collect information to provide our compliance automation services, including:

Account Information

When you register for Secov, we collect:

  • Admin Details: Name, email address, job title, and company name.
  • Billing Information: Payment details processed securely via our third-party payment provider (e.g., Stripe). We do not store raw credit card data.

Integration Data (The "Compliance Engine")

To automate your compliance (SOC 2, ISO 27001, etc.), Secov integrates with your third-party systems. With your explicit permission, we access:

  • Cloud Infrastructure: Metadata and configuration settings from providers like AWS, Azure, and GCP (e.g., verifying encryption settings, firewall rules).
  • Developer Tools: Metadata from GitHub, GitLab, or Jira (e.g., verifying pull request approvals, ticket status).
  • HRIS Systems: Employee status for onboarding/offboarding evidence.

Note: We strictly limit our access to read-only metadata whenever possible. We do not access your proprietary source code or sensitive customer database contents unless explicitly required for a specific control.

Usage Data

We collect metrics on how you interact with our dashboard (e.g., pages visited, time spent, features used) to improve user experience.

2. How We Use Your Information

We use your data to:

  • Provide the Service: Automate evidence collection, run gap analyses, and generate compliance reports.
  • Security & Alerts: Notify you of compliance drifts or security vulnerabilities in your stack.
  • Billing & Administration: Process payments and send administrative emails.
  • Improvement: Analyze aggregate data to train our AI models (anonymized) and improve scanning accuracy.

3. Data Sharing & Third Parties

We do not sell your personal data. We share data only in the following circumstances:

  • Service Providers: With trusted vendors who assist in hosting, data storage, and payment processing (e.g., AWS, Stripe).
  • Legal Obligations: If required by law, subpoena, or valid legal process.
  • Business Transfers: If TheDevSecOps LLC is involved in a merger, acquisition, or asset sale, your information may be transferred.

4. Your Data Rights

Depending on your location, you have rights regarding your data:

  • Access & Correction: You can view and update your settings directly within the Secov dashboard.
  • Deletion: You may request the deletion of your account and associated data by contacting support.
  • Export: You can export your compliance evidence and reports at any time.

5. Security

Security is our core business. We employ industry-standard measures including:

  • Encryption: Data is encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Access Control: Strict role-based access control (RBAC) and MFA for our internal staff.
  • Audits: We undergo regular security assessments.

6. Contact Us

Secov is a product of TheDevSecOps LLC. If you have questions about this policy, please contact us at:

Mailing Address

TheDevSecOps LLC
1111B S Governors Ave STE 26059
Dover, DE 19904
United States