Privacy Policy
Last updated: April 4, 2026
SafetyArena ("we", "us", "our") is committed to protecting the privacy of our users. This Privacy Policy explains what personal information we collect, how we use it, and your rights regarding that information.
1. Information We Collect
We collect the following personally identifiable information (PII):
- Name and email address - provided during account registration
- Hashed password - stored using industry-standard bcrypt hashing; we never store plaintext passwords
- IP addresses - recorded in audit logs for security monitoring
- Usage data - actions performed within the platform (e.g., creating analyses, modifying records) logged for audit trail purposes
2. How We Use Your Data
Your information is used for the following purposes:
- Authentication - verifying your identity when you sign in
- Project collaboration - enabling team-based access to shared safety analyses
- Audit logging - maintaining a tamper-resistant record of actions for compliance with functional safety standards
- Platform improvement - aggregated, anonymized usage patterns to improve the product
3. Data Retention
- User account data is retained for 90 days after account deletion, then permanently erased
- Audit logs are retained for 3 years to meet functional safety compliance requirements (e.g., ISO 26262, IEC 61508)
- IP addresses in audit logs are anonymized after 90 days
4. Third-Party Services
If your organization enables the AI-assisted features, prompts and analysis context may be sent to third-party AI providers:
- OpenAI - subject to OpenAI's Privacy Policy
- Anthropic - subject to Anthropic's Privacy Policy
AI features are optional and can be disabled per project. When disabled, no data is sent to external AI providers.
5. Cookie Usage
SafetyArena uses session cookies only, managed by NextAuth, to maintain your authenticated session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
6. Your Rights
You have the right to:
- Access - request a copy of the personal data we hold about you
- Deletion - request deletion of your account and associated personal data
- Portability - export your analyses and account data in standard formats
- Rectification - update or correct inaccurate personal information
To exercise any of these rights, contact us at privacy@safetyarena.io. We will respond within 30 days.
7. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Continued use of SafetyArena after changes constitutes acceptance of the updated policy.
8. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us at privacy@safetyarena.io.
See also our Terms of Service.