Data & Privacy at CitraInsight
Visibility without surveillance. Intelligence without intrusion.
What Data CitraInsight Collects
CitraInsight collects technical system metadata only, including:
Collected
- Installed software names, versions, and observable system references
- Hardware attributes such as OS type, CPU, memory, and storage summary
- Scan lifecycle data (queued, processing, completed, failed)
- Agent version and platform information
- Supporting technical indicators (file paths, hashes, timestamps) used to derive confidence levels
This data is used solely to provide asset visibility and advisory intelligence.
What CitraInsight Does Not Collect
Never Collected
- Personal files, documents, emails, chats, or attachments
- Browser history or web activity
- Keystrokes, mouse movements, or screen recordings
- Application content or in-app user activity
- Passwords, credentials, API keys, or secrets
- Network traffic, packet data, or communications
CitraInsight does not perform user surveillance or behavioral monitoring.
How CitraInsight Uses Data
- Data is used to surface potential risks, inefficiencies, and blind spots
- Findings are presented with confidence levels, not verdicts
- Financial figures (if shown) are illustrative scenarios, not legal or compliance estimates
CitraInsight does not determine legality, compliance, or licensing correctness.
Control & Transparency
- CitraInsight is read-only and does not enforce changes
- Customers retain full ownership of their data
- Data is preserved for 90 days after cancellation
- Full data export available anytime
- Decisions and actions are always human-controlled
CitraInsight provides technical indicators and advisory intelligence based on observed system data. Findings do not constitute legal, licensing, or compliance determinations.