Privacy Policy

Last updated: December 23, 2025

Introduction

AuthOS (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our identity platform and services.

Information We Collect

Information You Provide

Account Information: Email address, name, and authentication credentials when you create an account
Organization Data: Company name, billing information, and team member details for organizational accounts
Service Configuration: OAuth settings, SSO configurations, and integration preferences

Information Collected Automatically

Authentication Logs: Login timestamps, IP addresses, and device information for security purposes
Usage Data: Feature usage patterns and API call statistics to improve our service
Technical Data: Browser type, operating system, and device identifiers

How We Use Your Information

We use your information to:

Provide, maintain, and improve our authentication services
Process transactions and send related information
Detect, prevent, and address security incidents and fraud
Comply with legal obligations and enforce our terms
Communicate with you about service updates and security alerts

Data Retention

Authentication logs: Retained for 90 days for security analysis
Account data: Retained while your account is active
Deleted accounts: Data is purged within 30 days of account deletion (GDPR compliant)

We do not sell your personal information. We may share data with:

Service Providers: Third parties who assist in operating our services (e.g., cloud hosting)
Legal Requirements: When required by law or to protect our rights
Business Transfers: In connection with a merger, acquisition, or sale of assets

Your Rights

Depending on your location, you may have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your data
Export your data in a portable format
Opt out of certain data processing

To exercise these rights, contact us at info@authos.dev.

Security

We implement industry-standard security measures including:

Encryption in transit (TLS 1.3) and at rest (AES-256)
Multi-factor authentication support
Regular security audits and penetration testing
SOC 2 Type II compliance (in progress)

International Data Transfers

If you’re located outside the region where our servers are hosted, your data may be transferred internationally. We ensure appropriate safeguards are in place for such transfers.

Children’s Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the “Last updated” date.

Contact Us

If you have questions about this Privacy Policy or our data practices:

Email: info@authos.dev
Address: Nairobi, Kenya