SecHive is local-first. The platform runs on the operator's infrastructure, and engagement data — scope, evidence, proof packs — stays under the operator's control. This page describes what the company website and the platform itself collect, why, and for how long.
Last updated: 2 May 2026.
SecHive.ai ("SecHive", "we") publishes the SecHive proof-first autonomous security workbench and operates this website at sechive.ai. For privacy questions, contact [email protected].
The SecHive website collects only the data needed to serve the page and respond to a contact request:
The SecHive platform is local-first. The platform does not phone home with engagement data. The only opt-in telemetry is:
Engagement data — scopes, evidence, proof packs, target identifiers — never leaves the operator's machine unless the operator chooses to share it.
For website server logs and contact forms we rely on legitimate interest (operating a working website and responding to your inquiry). For optional platform telemetry we rely on the operator's explicit consent, expressed by enabling the feature.
Under the GDPR, UK GDPR, CCPA / CPRA and equivalent regimes, you have the right to access, rectify, port and delete data we hold about you, and to object to or restrict our processing. Email [email protected] and we will respond within 30 days.
SecHive is established in the European Union and the United States. Where data is transferred between jurisdictions, we rely on Standard Contractual Clauses (EU) and the EU–US Data Privacy Framework where applicable.
The SecHive website uses a small number of operational subprocessors: a CDN for asset delivery, a transactional email provider for the contact form, and an error-reporting service. The current list is available on request via [email protected].
Website infrastructure is hardened against the OWASP Top 10. Platform releases are signed; release artifacts are verified by cosign. Operator deployments are local-first and the operator controls evidence and key material.
SecHive is a B2B security product. The website and the platform are not directed to children under 16, and we do not knowingly collect data from children.
Material changes to this notice will be announced at the top of this page with an updated revision date.
