Back to home

Privacy Policy

Last updated: 2nd December 2025

Introduction

EdisonWatch ("EdisonWatch", "we", "our", or "us"), the common trading name of GPU-EVM LTD, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security platform services.

Self-Hosted Deployments (VPC / On-Premise)

We do not collect ANY data from Self-Hosted deployments.

When you deploy EdisonWatch in your own infrastructure (VPC or On-Premise), your data stays entirely within your environment. We have zero access to:

  • Your scanned code or smart contracts
  • Scan results or vulnerability reports
  • User accounts or authentication data
  • Usage metrics or telemetry
  • Any other data processed by the software

The software runs entirely air-gapped from EdisonWatch systems. No phone-home, no telemetry, no data collection whatsoever.

Information We Collect (SaaS Only)

The following applies only to our hosted SaaS service, not to Self-Hosted deployments.

Account Information

When you register for our SaaS Service, we collect your name, email address, and authentication credentials.

Usage Data

We collect information about how you interact with our platform, including access times, pages viewed, and features used.

Technical Data

We may collect IP addresses, browser type, device information, and other technical data to improve our services and ensure security.

How We Use Your Information

  • To provide and maintain our services
  • To communicate with you about updates, security alerts, and support
  • To improve and personalize your experience
  • To detect, prevent, and address technical issues or security threats
  • To comply with legal obligations

Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Third-party vendors who assist in operating our services (see our Subprocessors page)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Upon account termination, personal data is retained for 120 days unless otherwise required by law.

Your Rights

Depending on your location, you may have the following rights:

  • Access and obtain a copy of your data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability

Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit and at rest, access controls, and regular security assessments.

International Transfers

Your data may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and the UK International Data Transfer Agreement.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at [email protected].