Privacy Policy

Introduction

Pallacor, Inc. ("Pallacor," "we," "our," or "us") operates a cloud-based loss prevention incident management platform. This Privacy Policy describes how we collect, use, disclose, and protect information about you when you access or use our platform and related services.

By using the Pallacor platform, you agree to the collection and use of information in accordance with this policy. If you are using Pallacor on behalf of a business, that business agrees to this policy on behalf of its employees and authorized users.

Information We Collect

We collect information you provide directly when creating an account, submitting incident reports, or communicating with us. This includes names, email addresses, job titles, and any case-related data entered into the platform.

We also collect technical data automatically, including IP addresses, browser type, device identifiers, pages visited, and session duration. This information is used to maintain platform security and improve performance.

If your organization integrates third-party services with Pallacor, we may receive data from those services as part of normal platform operations.

How We Use Your Data

We use collected data to operate and improve the Pallacor platform, authenticate users, process transactions, and provide customer support. We do not sell your personal information to third parties.

Aggregated, de-identified data may be used for internal analytics and product development. Any such use does not identify individual users or organizations.

We may use your contact information to send service-related communications, security alerts, and — where you have opted in — product updates and announcements.

Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share data with trusted service providers who assist in operating our platform, subject to confidentiality agreements.

We may disclose information where required by law, regulation, or valid legal process, including subpoenas, court orders, or law enforcement requests. We will notify affected users where legally permitted to do so.

In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction. We will provide notice before any such transfer.

Data Retention

We retain your data for as long as your account is active or as needed to provide services. Upon account termination, we will delete or anonymize your data within 90 days unless a longer retention period is required by law.

Case records and associated evidence files are retained according to the retention schedule configured by your organization's administrator. Pallacor does not independently determine retention periods for customer case data.

Security

We implement industry-standard security measures including encryption in transit and at rest, role-based access controls, audit logging, and regular security assessments. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account. Please notify us immediately of any unauthorized access or suspected breach.

Your Rights

Depending on your location, you may have rights regarding your personal data including the right to access, correct, delete, or restrict processing of your information. You may also have the right to data portability and the right to object to certain processing activities.

To exercise any of these rights, please contact your organization's Pallacor administrator or reach out to us directly at the contact information below. We will respond to all requests within 30 days.

Last updated February 20, 2026