NeuAlto ("NeuAlto," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, store, and safeguard information when you visit www.neualto.com, use the DeltaMax platform available at deltamax.katalyststreet.com, or access any related applications, APIs, integrations, or services (collectively, the "Services"), including offerings published on the Microsoft Azure Marketplace.
By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this Policy, please discontinue use of our Services.
Information We Collect
1.1 Information You Provide Directly
- Account & Contact Information: name, work email address, company name, job title, phone number, and billing details when you register, request a demo, subscribe through Azure Marketplace, or contact us.
- Authentication Credentials: usernames, hashed passwords, single sign-on identifiers, and multi-factor authentication metadata.
- Support & Communications: messages, attachments, and feedback you submit through email, support tickets, surveys, or community channels.
- Configuration Data: connection strings, schema metadata, data source endpoints, business rules, and policy definitions you configure inside DeltaMax. We do not require the contents of your underlying data records to operate the platform.
1.2 Information Collected Automatically
- Usage & Telemetry: pages viewed, features used, clicks, session duration, referring URLs, error logs, and diagnostic events.
- Device & Technical Data: IP address, browser type and version, operating system, device identifiers, language preferences, and time zone.
- Cookies & Similar Technologies: see Section 6 – Cookies and Tracking Technologies.
1.3 Information From Third Parties
- Marketplace Partners: when you subscribe through Microsoft Azure Marketplace or another reseller, we receive your tenant ID, subscription identifiers, plan details, and contact information necessary to provision and bill the Services.
- Identity Providers: if you sign in using Microsoft Entra ID, Google Workspace, Okta, or another identity provider, we receive profile attributes those services share with us.
- Business Sources: publicly available information, enrichment providers, and referrals used for lead qualification and account research.
How We Use Your Information
We use the information we collect to:
- Provide, operate, maintain, and improve the Services, including the DeltaMax Trust Score, anomaly detection, drift monitoring, and remediation workflows.
- Authenticate users, manage subscriptions, and prevent unauthorized access.
- Process transactions, generate invoices, and reconcile billing through Azure Marketplace or direct contracts.
- Respond to support requests, troubleshoot incidents, and communicate service announcements.
- Monitor performance, diagnose technical issues, and develop new product features.
- Send marketing communications about NeuAlto products and events where permitted by law (you may unsubscribe at any time).
- Detect, investigate, and prevent fraudulent, malicious, or illegal activity.
- Comply with legal obligations, enforce our terms, and protect our rights and the rights of our users.
Legal Bases for Processing (EEA / UK Users)
| Purpose | Legal Basis |
|---|---|
| Providing the Services you request | Performance of a contract |
| Billing, accounting, and tax compliance | Legal obligation |
| Product improvement, analytics, and security | Legitimate interests |
| Marketing communications | Consent (where required) / legitimate interests |
| Responding to legal requests | Legal obligation |
How We Share Information
We share information only in the following circumstances:
- Service Providers & Subprocessors: cloud hosting (Microsoft Azure), analytics, customer support, billing, email delivery, and observability vendors that process data on our behalf under written agreements.
- Marketplace Operators: Microsoft and other authorized resellers for subscription provisioning, license validation, and billing reconciliation.
- Business Transfers: in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to confidentiality protections.
- Legal & Safety: when required by law, subpoena, court order, or to protect the rights, property, or safety of NeuAlto, our users, or the public.
- With Your Consent: for any other purpose disclosed at the time of collection or with your direction.
Data Retention
We retain personal information only for as long as necessary to fulfill the purposes outlined in this Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods vary based on the type of data and applicable legal requirements. When personal information is no longer needed, we securely delete, anonymize, or aggregate it. Customers can request deletion of their account data subject to the terms of their subscription agreement.
Cookies and Tracking Technologies
We use cookies and similar technologies (such as pixels, local storage, and SDKs) to operate the website, remember your preferences, analyze traffic, and measure marketing effectiveness. Cookie categories include:
- Strictly Necessary: required for authentication, security, and core functionality.
- Performance & Analytics: help us understand how users interact with the Services.
- Functional: remember settings such as language and region.
- Marketing: deliver relevant content and measure campaign performance (only with consent where required).
You can control cookies through your browser settings or our cookie banner where applicable. Disabling certain cookies may limit functionality.
Data Security
We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These include:
- Encryption in transit (TLS 1.2+) and at rest
- Role-based access controls and multi-factor authentication
- Secure software development practices and vulnerability management
- Logging, monitoring, and periodic security assessments
While no system can be guaranteed 100% secure, we work continuously to strengthen our security posture.
International Data Transfers
NeuAlto is a global company, and your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States and other regions where Microsoft Azure operates. When we transfer personal data internationally, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, and adequacy decisions where applicable.
Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access – request a copy of the personal data we hold about you.
- Correction – request that inaccurate or incomplete data be corrected.
- Deletion – request that we delete your personal data, subject to legal exceptions.
- Restriction & Objection – restrict or object to certain processing activities.
- Data Portability – receive your data in a structured, machine-readable format.
- Withdraw Consent – withdraw consent at any time where processing is based on consent.
- Opt-Out of Sale/Sharing – California and certain other US state residents may opt out of the "sale" or "sharing" of personal information; we do not sell personal information.
- Non-Discrimination – we will not discriminate against you for exercising any of your privacy rights.
To exercise any of these rights, contact us at general@neualto.com. We will respond within the timeframes required by applicable law. You also have the right to lodge a complaint with your local data protection authority.
Children's Privacy
Our Services are designed for business and enterprise use and are not directed to children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.
Third-Party Links and Services
The Services may contain links to third-party websites, applications, or services that are not operated by NeuAlto. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any personal information.
Microsoft Azure Marketplace Customers
If you obtained DeltaMax through the Microsoft Azure Marketplace, Microsoft also processes certain transaction and account information in accordance with the Microsoft Privacy Statement. NeuAlto's processing of your personal data and your enterprise content is governed by this Privacy Policy together with the NeuAlto Master Subscription Agreement and any applicable Data Processing Addendum.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will revise the "Last Updated" date and, where appropriate, provide additional notice (such as an email or in-product announcement). Your continued use of the Services after the effective date of any updates constitutes acceptance of the revised Policy.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: