Ardyn handles enterprise data, attestation artifacts, and operational metadata with the assumption that integrity, minimization, and constrained execution are baseline requirements for trust infrastructure.
Ardyn collects: (a) account information provided during signup and console use (name, email, organization); (b) contact form submissions; (c) governance decision metadata and AEA records; (d) billing information. Ardyn does NOT collect: model weights, training data, customer execution payloads, or proprietary business logic. System telemetry and attestation metadata are limited to what is required to operate the governance platform.
Information is used to provision services, evaluate trust conditions, generate and verify DDCs, maintain support channels, improve platform reliability, prevent misuse, and satisfy contractual or legal obligations.
Ardyn uses layered controls including trusted execution environments (TEE), encryption in transit and at rest, strict access controls, and auditable service boundaries. Private signing material and sensitive secrets are not handled as plaintext keys in routine operations.
We may rely on infrastructure, hosting, observability, and payment providers to deliver the service. Those providers are engaged only where operationally necessary and are expected to maintain appropriate security and confidentiality controls.
Depending on your jurisdiction and agreement with Ardyn, you may have rights to access, correct, delete, or restrict certain personal information, as well as rights related to data portability and objection to processing.
Privacy requests and questions can be directed to kyle.wilson@ardyn.ai.