Privacy Policy

Last Updated: February 21, 2026

Prophetic AI Corporation (together with its associated companies) ("we," "us," or "Prophetic AI") respects your privacy and is committed to using appropriate measures to protect any personal data we collect about you or that you provide to us ("Your Information"). For the purposes of this Privacy Policy, "Personal Data" means any information that may be used to identify an individual, including, for example, a first and last name, a home or other physical address, an email address, or other contact information, whether at work or at home.

This Privacy Policy (together with our Terms and Conditions and any other documents referred to on it) sets out the basis on which Your Information will be processed by us. Please read this Privacy Policy carefully to understand our practices regarding Your Information. By using www.prophetic.ai or other websites belonging to Prophetic AI (collectively, the "Website"), you acknowledge that you have read and understood this Privacy Policy. Where we rely on consent as a legal basis for processing, we will obtain your consent separately at the point of data collection.

Collection of Your Information by Us

When you visit our Website, we may request that you provide Personal Data about yourself (for example, your name and contact details), and we collect navigational information as described below.

You are free, subject to our published Terms and Conditions, to explore our Website without providing any Personal Data about yourself.

You may also provide us with Personal Data voluntarily, for example by filling in forms on our Website, submitting an access request, or by corresponding with us by phone, email, or otherwise. This may include contact information such as your name, email address, phone number, company name, and other information that can identify you personally.

We may source some of Your Information that is publicly available on the internet, such as from LinkedIn, X (formerly Twitter), and Google, or from other sources (such as information we receive about you if you use any of the other websites we operate or the services we provide), or any information that we acquire from third-party service providers (such as business partners, sub-contractors for technical delivery services, advertising networks, analytics providers, and search information providers). Wherever we collect information about you from third parties, we ensure that we are legally entitled to do so.

We also collect navigational information from your visit to our Website. This includes information about your device (such as your IP address, device model, operating system version) and information about how you access our Website (such as geographical location, browser type, referral source, length of visit, and pages viewed).

We may collect demographic information, such as your ZIP code, age, gender, preferences, interests, and favorites that are not associated with your name or other personally identifying information.

Information About Children

Our Website is not intended for or targeted at children under 18, and we do not knowingly or intentionally collect Personal Data about children under 18. If you believe that we have collected Personal Data about a child under 18, please contact us at privacy@prophetic.ai so that we may delete the information.

Use and Disclosure of Your Information

We may combine the information we receive from you or Your Information that we collect from the Website or other sources and use the combined information for the purposes set out below:

• To operate, maintain, and improve the Website and our services, including improving your browsing experience;
• To carry out our obligations arising from any contracts entered into between you and us, and to provide you with the information, products, and services that you request from us;
• To send you information related to your account, service updates, and security alerts;
• To send you marketing communications relating to our business that we think may be of interest to you, where you have consented to receive such communications or where we have another lawful basis to do so;
• To share data with trusted service providers who assist us in operating our Website, conducting our business, or providing services to you, provided that such third parties are contractually obligated to keep Your Information confidential and use it only for the purposes for which we disclose it to them;
• To administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes;
• To measure or understand the effectiveness of communications we send to you and others;
• To notify you about changes to our services or this Privacy Policy.

Legal Basis for Processing (EEA/UK Users): Where applicable under the General Data Protection Regulation (GDPR) or UK GDPR, we process Your Information on the following legal bases:

• Consent — Where you have given us clear consent to process Your Information for a specific purpose (e.g., marketing communications). You may withdraw consent at any time by contacting us at privacy@prophetic.ai.
• Contractual Necessity — Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract (e.g., providing you with access to our services).
• Legitimate Interests — Where processing is necessary for our legitimate interests (e.g., improving our services, Website security, fraud prevention), provided that such interests are not overridden by your rights and freedoms.
• Legal Obligation — Where processing is necessary to comply with a legal obligation to which we are subject.

We will not sell, rent, or lease Your Information, or share it with others, except as indicated in this Privacy Policy.

We will not disclose Your Information to third parties, except when one or more of the following conditions is true:

• We have the individual's permission to make the disclosure;
• The information in question is publicly available;
• The disclosure is reasonably related to the sale or disposition of all or part of our business;
• The disclosure is to another of our business subsidiaries or to persons or entities providing services on our or the individual's behalf.

We may share Your Information to protect the safety, property, or other rights of Prophetic, its affiliates, customers, or associates, or when we believe that the law requires it. We will share Your Information:

• When release is required by law or regulation, or is requested by a government agency (for example, a subpoena);
• When the disclosure is reasonably necessary for the establishment or defense of legal claims; or
• Upon discovery of fraudulent activity or other deceptive practices if we believe a governmental agency should be notified.

Cookies

We use "cookies" and similar tracking technologies to help personalize your online experience and to understand how our Website is used. A cookie is a small text file that is placed on your device by a web server. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.

We use the following categories of cookies:

• Strictly Necessary Cookies — These cookies are essential for the Website to function properly. They enable core functionality such as security, session management, and accessibility. These cookies do not require your consent.
• Analytics Cookies — These cookies help us understand how visitors interact with our Website by collecting and reporting information anonymously. This helps us improve the Website's performance and user experience.
• Functional Cookies — These cookies allow the Website to remember choices you make (such as your preferred language or region) and provide enhanced, more personalized features.
• Marketing Cookies — These cookies may be set through our Website by advertising partners. They may be used to build a profile of your interests and show you relevant content on other sites.

Managing Cookies: You can accept or decline cookies at any time. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you are located in the European Economic Area (EEA) or United Kingdom, non-essential cookies will only be placed on your device with your consent. You may withdraw your consent at any time by adjusting your cookie preferences or browser settings. Please note that disabling cookies may affect the functionality of certain parts of our Website.

Social Media Features

Our Website may include social media features, such as share buttons, widgets, or interactive mini-programs. These features may collect your IP address and which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. This Privacy Policy does not apply to these features. Your interactions with these features are governed by the privacy policy and other policies of the companies providing them.

Your Information Transfer and Security

To facilitate our global operations, Your Information may be transferred to and accessed from countries other than your own in order to process and store data in accordance with this Privacy Policy and to provide you with products and services. Some of these countries may not have the same data protection safeguards as the country where you reside.

Where we transfer Personal Data from the European Economic Area (EEA) or the United Kingdom to countries that have not been deemed to provide an adequate level of data protection, we ensure that appropriate safeguards are in place, including the use of Standard Contractual Clauses (SCCs) approved by the European Commission or the UK Information Commissioner's Office (ICO), or other lawful transfer mechanisms. You may request a copy of the relevant safeguards by contacting us at privacy@prophetic.ai.

All information you provide to us is stored on secure servers, and we take appropriate technical and organizational security measures designed to protect against unauthorized access, use, alteration, or disclosure. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect Your Information, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received Your Information, we will use strict procedures and security features to try to prevent unauthorized access.

External Websites

Our Website may provide links to other websites. We do not control, and are not responsible for, the content or privacy practices of these other websites. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This Privacy Policy does not apply to these other websites, which are subject to any privacy and other policies they may have.

Retention of Your Information

We retain Your Information only for as long as is necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process Your Information, whether we can achieve those purposes through other means, and applicable legal requirements.

In general:

• Account and service data is retained for the duration of your relationship with us and for a reasonable period thereafter to allow us to respond to any follow-up inquiries or comply with legal obligations.
• Marketing contact data is retained until you unsubscribe or request deletion.
• Website navigational data and analytics is retained for up to 24 months.
• Legal and compliance records are retained as required by applicable law.

We will delete or anonymize Your Information from our servers at an earlier date if you so request by contacting us at privacy@prophetic.ai, unless we are required by law to retain it.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time by posting a new version on our Website with an updated "Last Updated" date. You should check this page occasionally to review any changes. If we make any material changes, we will notify you by posting the revised Privacy Policy on our Website and, where required by applicable law, by providing additional notice (such as by email). Your continued use of the Website and/or continued provision of Your Information to us after any changes constitutes your acceptance of the then-current Privacy Policy.

Your Rights Regarding Your Information

You have the following rights with respect to Your Information:

• To access and review the Personal Data that you have supplied to us;
• To request that we correct any errors, outdated information, or omissions in Your Information;
• To request that Your Information not be used to contact you;
• To request that Your Information be removed from any solicitation list that we use;
• To request that Your Information be deleted from our records;
• To opt out of being solicited by Prophetic.

To exercise any of these rights, please contact us at privacy@prophetic.ai. We will respond to your request promptly and in any event within the timeframes required by applicable law.

Additional Rights for EEA and UK Residents

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following additional rights under the GDPR and UK GDPR:

• Right of Access — You have the right to request a copy of the Personal Data we hold about you.
• Right to Rectification — You have the right to request that we correct any inaccurate or incomplete Personal Data.
• Right to Erasure — You have the right to request that we delete your Personal Data, subject to certain legal exceptions.
• Right to Restrict Processing — You have the right to request that we restrict the processing of your Personal Data in certain circumstances.
• Right to Data Portability — You have the right to receive your Personal Data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
• Right to Object — You have the right to object to the processing of your Personal Data where we rely on legitimate interests as our legal basis.
• Right to Withdraw Consent — Where processing is based on your consent, you have the right to withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
• Right to Lodge a Complaint — You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State or UK territory where you reside, work, or where the alleged infringement took place.

Additional Rights for California Residents

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know — You have the right to request that we disclose the categories and specific pieces of Personal Data we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting it, and the categories of third parties with whom we share it.
• Right to Delete — You have the right to request that we delete the Personal Data we have collected from you, subject to certain exceptions.
• Right to Correct — You have the right to request that we correct inaccurate Personal Data that we maintain about you.
• Right to Opt-Out of Sale or Sharing — Prophetic AI does not sell your Personal Data. If this practice changes, we will provide you with an opt-out mechanism.
• Right to Non-Discrimination — You have the right not to receive discriminatory treatment for exercising any of your privacy rights.

To exercise any of these rights, please contact us at privacy@prophetic.ai. We will verify your identity before processing your request and will respond within the timeframes required by applicable law.

Data Collected Through the Prophet Service

In addition to the information collected through our Website as described above, our AI-native network threat detection platform (the "Service") collects and processes Network Telemetry (as defined in our End User License Agreement) from customer environments where our Collectors are deployed. This section describes the data practices specific to the Service.

Types of Data Collected by the Service:

• Network Telemetry — The Service collects network-derived data, including session behavioral data (such as byte counts, packet counts, timing distributions, and connection density), protocol metadata (such as DNS queries, TLS parameters, HTTP headers, and certificate information), detection results, anomaly scores, entity classifications, and flow records. The Service is designed to analyze traffic patterns and behavioral anomalies, not to capture or store the contents or payload of network communications.
• Device Information — The Service may collect information about devices on your network, such as IP addresses, hostnames, and operating system identifiers, as observed in network traffic.
• Alert and Detection Data — The Service generates alerts and detection events based on its analysis, which may include references to network endpoints, timestamps, and behavioral patterns.

How Service Data Is Used:

• To detect stealthy network attacks, including ransomware, command and control (C2) activity, and data exfiltration;
• To improve the accuracy and effectiveness of our AI-native detection models, including through federated learning techniques as described in the End User License Agreement;
• To provide you with alerts, reports, and forensic investigation capabilities through the Prophet console;
• To maintain and improve the performance, reliability, and security of the Service.

Data Processing and Storage: Network Telemetry is transmitted to and processed in Prophetic AI's self-hosted infrastructure operated in co-located datacenters (the "Prophet Platform"). Data is encrypted in transit and at rest. Network Telemetry is retained in accordance with your subscription agreement, purchased storage credits, and the retention periods described in this Privacy Policy and the End User License Agreement.

Customer Responsibility: Customers are responsible for ensuring that their deployment and use of the Service, including the collection of Network Telemetry, complies with all applicable laws, regulations, and organizational policies, including data protection and privacy laws. Network Telemetry may incidentally contain data classified as Personal Data under applicable law (such as IP addresses in jurisdictions where they are considered Personal Data). Customers should ensure they have a lawful basis for such collection.

For more information about data processing related to the Service, please refer to our Data Processing Agreement or contact us at privacy@prophetic.ai.

To Unsubscribe From Our Communications

You may unsubscribe from our marketing communications by clicking on the "unsubscribe" link located at the bottom of our emails, or by emailing us at privacy@prophetic.ai.

Contact Us

If you have any questions about this Privacy Policy or our treatment of the information you provide us, please contact us at:

Prophetic AI Corporation 254 Chapman Rd, Ste 208 #903 Newark, Delaware 19702 Email: privacy@prophetic.ai