UPX
Products
Resources
Support
Company
UPX

With over 20 years of experience, UPX specializes in cybersecurity engineering for critical environments and the protection of high-complexity, AI-driven operations.

Products

AI MSS
  • SOC AI-Driven 24×7
  • Managed Detection & Response 24/7
  • Exposure & Vuln. Mgmt.
  • Threat Intelligence
  • Offensive Security Validation
  • GRC-as-a-Service
Endpoint Protection
  • CrowdStrike
AI Agent Security
  • OpenClaw Shield

Developers

  • Status

Resources

  • Glossary
  • FAQ
  • Blog

Company

  • About Us
  • Contact
  • Careers

© 2026 UPX - All rights reserved.

PrivacyTermsCookiesData rightsDo not sell my info
talk@upx.comCampinas, Brazil

Privacy policy

UPX Tecnologia Ltda — U.S. market version

Last updated: March 2026

UPX values privacy and the protection of personal information. This Privacy Policy describes how we collect, use, store, share, and protect personal information in connection with our websites, products, and services, in compliance with applicable U.S. privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other applicable state privacy regulations.

1. Information we collect

We may collect the following categories of personal information:

  • A. Identifiers: Name, email address, phone number, IP address, account credentials, and similar identifiers.
  • B. Commercial information: Records of products or services purchased, transaction history, and contract information.
  • C. Internet or network activity: Browsing history on our websites, interaction with our services, access logs, timestamps, and usage data.
  • D. Professional or employment information: Job title, company name, business email, and related professional data provided by business contacts and client representatives.
  • E. Sensitive personal information (CPRA category): Login credentials and account access information used solely to provide our services. We do not use sensitive personal information for purposes beyond service delivery.

We collect this information directly from you, automatically through your use of our services, and from third parties such as business partners or publicly available sources.

2. How we use your information

We use personal information for the following business purposes:

PurposeLegal basis / business reason
Providing contracted servicesContract performance
Customer support and communicationLegitimate business interest
Compliance with legal obligationsLegal requirement
Security monitoring and threat detectionLegitimate business interest / Contract
Service improvement and analyticsLegitimate business interest
Marketing communicationsConsent (opt-in)
Fraud preventionLegitimate business interest / Legal requirement

We do not engage in automated decision-making that produces legal or similarly significant effects without human review. Our AI-assisted security tools flag potential threats for review by qualified analysts.

3. Retention of personal information

We retain personal information for as long as necessary to fulfill the purposes described in this Policy. After the applicable retention period, data is securely deleted or de-identified in accordance with industry standards.

4. Sharing of personal information

We may share personal information with:

  • Affiliated companies within the UPX group for internal operational purposes;
  • Service providers acting as our processors (e.g., cloud infrastructure, analytics tools, support platforms) under written data processing agreements;
  • Legal authorities when required by law, court order, or to protect our legal rights;
  • Business transferees in connection with a merger, acquisition, or asset sale.

We do not sell your personal information.

We do not share your personal information for cross-context behavioral advertising without your consent. For California residents: in the preceding 12 months, we have not sold or shared personal information as defined under the CCPA/CPRA.

5. Cookies and tracking technologies

We use cookies and similar technologies on our websites. You may adjust cookie settings via our Cookie Preference Center. You may also use browser settings or opt-out tools provided by third parties.

We honor Global Privacy Control (GPC) signals as an opt-out of data sharing for California residents.

6. Your privacy rights

California residents (CCPA/CPRA)

  • Right to know: request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to delete: request deletion of your personal information, subject to certain exceptions.
  • Right to correct: request correction of inaccurate personal information.
  • Right to opt-out: opt out of the sale or sharing of your personal information.
  • Right to limit use of sensitive personal information: limit our use of sensitive personal information to necessary purposes.
  • Right to non-discrimination: we will not discriminate against you for exercising your privacy rights.

Other U.S. state residents

Residents of Virginia, Colorado, Connecticut, Texas, and other states with applicable privacy laws may have similar rights. Contact us to submit a request.

How to submit a request

Email: talk@upx.com or visit our Data Rights Request page.

We will respond within 45 days. We may extend this period by an additional 45 days when reasonably necessary and will notify you of the extension. We may need to verify your identity before processing your request. We will not require you to create an account solely to submit a privacy request.

7. Do not sell or share my personal information

UPX does not sell personal information and does not share personal information for cross-context behavioral advertising. California residents may still submit a formal opt-out request by contacting us at talk@upx.com or by enabling a Global Privacy Control (GPC) signal in their browser.

8. Shine the light disclosure

California residents may request information once per year about personal information shared with third parties for their own direct marketing purposes under California Civil Code §1798.83. Based on our current practices, we do not share personal information with third parties for their direct marketing purposes.

9. Children's privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, contact us immediately at talk@upx.com.

10. Data security

We implement administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit and at rest, access controls, security monitoring, and periodic risk assessments. In the event of a data breach affecting your rights, we will notify affected individuals and relevant authorities as required by applicable law.

11. International data transfers

UPX is headquartered in Brazil. If you are located in the United States, your personal information may be transferred to and processed in Brazil or other countries. We implement appropriate safeguards for such transfers, including data processing agreements with standard contractual clauses where required.

12. Changes to this policy

We may update this Privacy Policy periodically. The most current version will always be available on our website. Material changes will be communicated via email or a prominent notice on our website.

13. Contact information

UPX Tecnologia Ltda

R. Guapuruvu, 200 – Campinas-SP – Brazil

Phone: +55 19 3368-0609

General inquiries: talk@upx.com

Privacy and data rights: talk@upx.com