Last Updated: December 1, 2025
ThreatPulsar, Inc. ("ThreatPulsar," "we," "our," or "us") operates the ThreatPulsar threat intelligence platform, accessible at threatpulsar.com. This Privacy Policy describes how ThreatPulsar collects, uses, shares, and protects personal data in connection with your use of our website, platform, and related services (collectively, the "Services").
ThreatPulsar is headquartered at 1201 Wilson Blvd, Arlington, VA 22209, United States. Elena Vasquez serves as Chief Executive Officer. For privacy inquiries, contact us at support@threatpulsar.com or by phone at +1 (703) 529-6147.
This Privacy Policy applies to:
By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our data practices, do not use the Services.
ThreatPulsar collects several categories of personal and non-personal data depending on how you interact with our Services.
Account Registration Data: When you create a ThreatPulsar account, we collect your name, business email address, company name, job title, and optionally your phone number. This data is required to create and manage your account.
Contact Form Submissions: When you submit a contact request or demo request through our website, we collect your name, email address, company, and the content of your message.
Payment Information: When you subscribe to a paid ThreatPulsar plan, payment is processed by our third-party payment processor (Stripe, Inc.). ThreatPulsar receives a transaction confirmation and the last four digits of your payment card but does not store full card numbers, CVV codes, or banking details. Stripe's Privacy Policy governs their processing of your payment data.
Support Requests: When you contact ThreatPulsar support, we collect the content of your support request and any attachments you provide, along with your account information associated with the support ticket.
IOC Submission Data: When you use the ThreatPulsar platform to submit indicators of compromise (IP addresses, domain names, file hashes, URLs) for enrichment, we process those indicators through our enrichment pipeline. IOC submissions are associated with your account and tenant context. See Section 5 (Data Retention) for how long IOC submission data is retained.
Log Data: Our servers automatically log information about requests to the ThreatPulsar website and API, including: IP address of the requesting client, request timestamp, HTTP method and path, response status code, referrer URL, and user agent string. Log data is retained for up to 90 days for security and debugging purposes.
Usage Analytics: We use analytics tools to collect information about how users interact with the ThreatPulsar web interface. This includes pages visited, features accessed, time spent in the platform, clicks on UI elements, and error events. Analytics data is used to improve the platform and is associated with a session identifier that may be linked to your account.
Cookies and Tracking Technologies: ThreatPulsar uses cookies and similar technologies as described in our Cookie Policy (available at threatpulsar.com/legal/cookies.html). Cookies serve purposes including session management, preferences, and analytics.
Device and Browser Data: We collect information about the device and browser used to access ThreatPulsar, including browser type and version, operating system, screen resolution, and timezone. This data is used for platform compatibility and security purposes.
ThreatPulsar may receive data about you from third-party sources, including:
ThreatPulsar uses collected data for the following purposes:
We use your account data, IOC submission data, and API access logs to deliver the ThreatPulsar platform services to you: processing IOC enrichment requests, generating ATT&CK mapping results, delivering SOAR integration responses, and providing access to the analyst workload dashboard. Without this processing, we cannot provide the Services.
We use account data to authenticate users, manage subscription status, enforce API rate limits, and communicate with you about your account (billing, plan changes, expiration notices, and security alerts such as new login from an unrecognized device).
Usage analytics data, error logs, and aggregated (non-identifying) IOC submission patterns are used to improve the accuracy of our enrichment models, expand threat feed coverage, tune ATT&CK mapping confidence scores, and improve the reliability and performance of the platform infrastructure.
Support request data is used to resolve technical issues and answer questions. Support staff have access to relevant account and platform data needed to assist with specific requests.
With your consent (or where we have a legitimate interest), we use your email address to send product updates, security research publications from the ThreatPulsar research team, webinar invitations, and information about new features. You may unsubscribe from marketing communications at any time by clicking the unsubscribe link in any marketing email or contacting support@threatpulsar.com.
We process data as necessary to comply with applicable legal obligations, respond to lawful government requests, enforce our Terms of Service, and investigate potential security incidents, fraud, or platform abuse.
ThreatPulsar does not sell personal data to third parties. We share data only in the following circumstances:
We use third-party vendors to operate certain aspects of the Services, including cloud infrastructure providers (Amazon Web Services), payment processing (Stripe), email delivery (for transactional and marketing emails), analytics platforms, and customer support software. These providers access data only as necessary to perform services on our behalf and are bound by contractual data processing agreements that prohibit them from using the data for their own purposes.
When ThreatPulsar submits an IOC for enrichment, that IOC is transmitted to our integrated threat intelligence feed partners (including but not limited to VirusTotal, Shodan, AbuseIPDB, and others listed in the platform documentation). Each feed partner processes the submitted IOC according to their own privacy policies and terms of service. ThreatPulsar selects feed partners that operate under data processing agreements consistent with applicable privacy law requirements.
We may disclose data when required by law, court order, or government authority, or when we believe in good faith that disclosure is necessary to: (a) comply with a legal obligation; (b) protect the rights, property, or safety of ThreatPulsar, our customers, or the public; or (c) detect, prevent, or address fraud, security, or technical issues.
If ThreatPulsar is involved in a merger, acquisition, financing, or sale of all or a portion of its assets, customer data may be transferred as part of that transaction. We will notify affected users via email or prominent notice on our website before data is transferred and becomes subject to a different privacy policy.
ThreatPulsar retains data for as long as necessary to provide the Services and as required by law:
You may request earlier deletion of your personal data by submitting a deletion request to support@threatpulsar.com. Requests are processed within 30 days. Note that some data may need to be retained for legal compliance or security purposes even after an account deletion request.
Depending on your jurisdiction, you may have the following rights with respect to your personal data:
If you are located in the European Economic Area or United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) or UK GDPR:
To exercise any GDPR right, submit a request to support@threatpulsar.com with the subject line "GDPR Rights Request" and specify the right you are exercising and the data involved. We will respond within 30 days. You also have the right to lodge a complaint with the supervisory authority in your EU member state or the UK Information Commissioner's Office (ICO).
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):
To submit a CCPA request, contact us at support@threatpulsar.com or +1 (703) 529-6147.
ThreatPulsar uses cookies for session management, security, analytics, and marketing purposes. Detailed information about the cookies we use is available in our Cookie Policy at threatpulsar.com/legal/cookies.html. You can manage your cookie preferences through the cookie consent banner displayed on your first visit to the site.
ThreatPulsar implements technical and organizational security measures appropriate to the sensitivity of the data we process, including:
No security system is impenetrable. While we take reasonable measures to protect your data, we cannot guarantee the absolute security of data transmitted over the internet. If you believe your ThreatPulsar account has been compromised, contact support@threatpulsar.com immediately.
ThreatPulsar is based in the United States. If you access our Services from the EEA, UK, or other jurisdictions with data transfer restrictions, your personal data may be transferred to and processed in the United States, which may have different data protection standards than your country.
For transfers from the EEA or UK to the United States, ThreatPulsar relies on Standard Contractual Clauses (SCCs) as the legal mechanism for data transfer. Enterprise customers located in the EEA or UK may request a copy of the applicable SCCs by contacting support@threatpulsar.com.
ThreatPulsar Services are designed for enterprise use by security professionals and are not directed to individuals under the age of 18. We do not knowingly collect personal data from individuals under 18. If we become aware that we have inadvertently collected personal data from a minor, we will delete it promptly.
ThreatPulsar may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify registered users by email at the address associated with their account and post the updated policy at this URL with a revised "Last Updated" date at least 14 days before the changes take effect. Continued use of the Services after the effective date of an updated Privacy Policy constitutes acceptance of the updated terms.
For questions about this Privacy Policy, to exercise your data rights, or to report a potential privacy concern, contact ThreatPulsar at:
For EU/UK data protection inquiries specifically, you may also contact our designated EEA representative at the same email address with the subject line "EEA Data Protection Inquiry."