Skip to content
proc2proof
Request scan

Legal

Privacy Policy

Pelican-Tech Ltd.

Last updated 2026-05-06

1. Introduction

This Privacy Policy describes how Pelican-Tech Ltd. ('Company', 'we', 'us') processes personal data in connection with the Proc2Proof marketing website at proc2proof.com and the Proc2Proof platform ('Service'). It is provided in English; translations are for convenience and the English text controls in case of conflict.

This Privacy Policy is intended to address applicable privacy and data protection requirements, including the EU General Data Protection Regulation (GDPR) where applicable, and Israeli privacy law, including the Protection of Privacy Law, 5741-1981, as amended, including Amendment 13, to the extent applicable.

References to applicable privacy laws include such laws as amended from time to time.

2. Scope

This policy covers two distinct contexts. Where they differ, the relevant section identifies which one applies.

  • -Marketing site - data collected when you browse proc2proof.com
  • -The Service - data processed when you use the Proc2Proof platform under a Customer agreement

3. Role of the Company

For the marketing site, we are the data controller for visitor data we collect.

For the Service, we act primarily as a data processor on behalf of our customers ('Customers'); the Customer organization is the data controller of the data they upload.

4. Data we process (marketing site)

For the marketing site:

  • -Information you submit through forms (such as name, email, company, job title, phone if provided, and any free-text content)
  • -Standard hosting access logs maintained by our cloud and edge providers (such as IP address, user agent, request timestamps, and requested URLs), retained for security, abuse prevention, and operations
  • -Theme preference stored in your browser's local storage

5. Data we process (Service)

For the Service:

  • -User account information (name, email, role)
  • -Authentication and security configuration data, including TOTP shared secrets used by authenticator applications, MFA configuration flags, hashed recovery codes, and Microsoft Entra application client secrets used by tenant-configured connectors. Such secrets are encrypted at rest using AES-256-GCM. Proc2Proof does not store one-time authentication codes themselves, active user session tokens, or user-delegated Microsoft OAuth access or refresh tokens.
  • -Usage and activity logs
  • -Customer-provided content (procedures, documents, evidence)
  • -Technical data (IP, device info, system logs)

6. Cookies and local storage

We do not use advertising, analytics, or tracking cookies.

The marketing website may store language and theme preferences in localStorage. These are not cookies and are used only to remember user interface preferences.

The Service uses only strictly necessary session cookies, such as a secure, httpOnly, SameSite=Strict session cookie, to authenticate users and protect the Service.

We do not use Google Analytics, Google Tag Manager, advertising pixels, behavioral tracking cookies, or product analytics cookies.

7. Free Scan

A Free Scan creates a Free-plan tenant through a one-time invitation flow. The invitation token is consumed after use and cannot be reused. After the tenant is created, it operates like any other Free-plan tenant, subject to applicable Free-plan limits.

When you click 'Request free scan' on the marketing site, you submit a request to be onboarded. Once onboarded, you are redirected to app.proc2proof.com to initiate a Microsoft Entra ID OAuth flow.

Microsoft Graph access used for Free Scan and Entra ID connectors is read-only. Proc2Proof performs GET requests only and does not request Microsoft Graph ReadWrite or Write permissions. Proc2Proof cannot modify, add, or delete objects in the Customer's Microsoft Entra environment.

The required Microsoft Graph permissions may include User.Read.All, Group.Read.All, Device.Read.All, Directory.Read.All, UserAuthenticationMethod.Read.All, and, where sign-in activity checks are required, AuditLog.Read.All.

Because these are application-level tenant-wide permissions, Microsoft requires Global Admin consent. Consent is granted through Microsoft's admin consent flow. Customers may remove this consent at any time in their Azure portal, which stops future Microsoft Graph access by Proc2Proof.

Proc2Proof does not store user-delegated Microsoft OAuth access tokens or refresh tokens. Access to Microsoft Graph is performed using temporary access tokens obtained when needed and discarded after use.

In connection with the Free Scan, the Service may process:

  • -Application-level OAuth authorization metadata and tenant identifier required to call Microsoft Graph on the Customer's behalf
  • -Identity, group, device, and configuration data returned by Microsoft Graph for the procedure-execution checks included in the scan
  • -Raw evidence, check results, findings, cases, scan metadata, security logs, and aggregate results generated by the scan may be processed and retained according to the applicable Free-plan retention period and as further described in the retention and evidence-storage sections below
  • -If you create an account, additional data may be retained under the applicable agreement

8. Purpose of processing (marketing site)

For the marketing site:

  • -Operate the website
  • -Maintain security, diagnose technical issues, and understand basic website usage through standard hosting and security logs, without advertising, analytics, or tracking cookies
  • -Enable the free scan flow
  • -Respond to contact form submissions

9. Purpose of processing (Service)

For the Service:

  • -Provide and operate the Service
  • -Maintain security and monitor usage
  • -Improve functionality and performance
  • -Comply with legal obligations

11. Deployment models and evidence storage

The Service can be provided in different deployment configurations:

  • -Cloud control plane - operated by the Company on Microsoft Azure, currently in the West Europe region
  • -Customer-controlled Runner - available on Business and Enterprise plans, runs in the Customer's own infrastructure, such as the Customer's VPC or on-premise environment
  • -Dedicated or hybrid environments - additional configurations may be agreed with specific Customers under a written agreement
  • -In Free and Pro SaaS deployments, raw evidence collected from connectors is stored in Proc2Proof-managed infrastructure, encrypted at rest using AES-256-GCM and isolated per tenant
  • -In customer-managed production deployments using the Customer-controlled Runner, raw evidence values remain in the Customer environment and are stored in the Runner's local database, encrypted at rest. The Proc2Proof control plane receives run metadata, summary results, scores, statuses, and integrity hashes, but does not store raw evidence values. Evidence drill-down is performed through signed proxy requests back to the Customer-controlled Runner

12. AI-assisted processing

Proc2Proof's core services, including procedure-execution checks, connectors, findings, cases, SLA tracking, risk register, reports, audit logs, and alerts, are deterministic and do not require LLM processing.

AI-assisted features, such as automated procedure step extraction, role extraction, chat/Q&A, AI Assist, agents, evidence classification, and suggested remediation, require the Customer's explicit tenant-level consent to AI processing when an external AI provider such as Azure OpenAI is used.

Without such consent, AI-assisted features are disabled, but the core Service remains available.

For Free and Pro plans, AI-assisted features, where enabled, use an external AI provider such as Azure OpenAI.

For Business and Enterprise Customers using a Customer-controlled Runner, AI-assisted processing may be configured to use a locally deployed model, such as Ollama, so that AI processing remains within the Customer environment. Such Customers may also choose to enable Azure OpenAI as an external AI provider.

Customer Data is not used to train shared third-party foundation models without the Customer's consent.

13. Data sharing and subprocessors

We do not sell personal data.

For the Service, we use a limited set of subprocessors to operate the Service. Material changes to subprocessors are communicated according to the applicable agreement or DPA. The current Proc2Proof subprocessors are:

  • -Microsoft Azure - hosting, managed database, and platform infrastructure, currently in West Europe
  • -Cloudflare - proxy, CDN, and edge protection for the marketing website
  • -Resend - transactional email in default SaaS deployments
  • -Azure OpenAI - external LLM provider, used only where the tenant has enabled external AI processing
  • -Customer-configured connectors (such as Microsoft Graph / Microsoft 365), customer-operated email relays, and local models (such as Ollama) deployed inside the Customer environment are not listed as Proc2Proof subprocessors because they are selected, operated, or controlled by the Customer
  • -We may share data with authorities where required by law

14. Data retention

Retention periods may vary by plan, tenant configuration, deployment architecture, and applicable customer agreement.

For standard plans, automatic retention is generally applied as follows:

  • -Free: 30 days
  • -Pro: 12 months
  • -Business: 36 months
  • -Enterprise: as agreed with the Customer, and may be tenant-configurable
  • -Automatic retention applies to audit logs, raw evidence, scan-run metadata, related findings, and closed cases, subject to the applicable plan and tenant settings
  • -Open cases and open findings may be retained until they are closed in order to preserve the integrity of compliance workflows. Once closed, they become subject to the applicable retention policy
  • -Marketing, contact, and free-scan lead records are retained for up to 24 months, unless a longer retention period is required to establish, exercise, or defend legal claims, comply with legal obligations, resolve disputes, prevent abuse, or maintain security audit records
  • -Customers may request earlier deletion, retention extension, or other retention adjustments through Proc2Proof support, subject to the applicable customer agreement and DPA

15. Security

We implement reasonable technical and organizational measures to protect data, including encryption in transit, encryption at rest for the cloud control plane, tenant-scoped access controls, and a tamper-evident audit trail.

The full list of security controls is documented at https://www.proc2proof.com/en/trust/. Security responsibilities may vary depending on the deployment model, in particular when the Customer-controlled Runner is used.

16. Data subject rights

For the marketing site, you may request access to, correction of, or deletion of visitor data we hold about you by contacting privacy@proc2proof.com.

For the Service, users should contact their organization (the Customer) regarding access, correction, or deletion requests. We support the Customer in fulfilling such requests where required.

17. International transfers

The Proc2Proof cloud control plane currently runs in the Microsoft Azure West Europe region. Subprocessors such as Cloudflare may operate global edge networks, and email delivery is performed by a provider whose infrastructure may span multiple regions.

Where personal data is transferred outside the European Economic Area, we rely on appropriate safeguards, such as standard contractual clauses, in line with applicable law. Additional regions for the cloud control plane may be offered in the future; until then, customer region selection is not available.

18. Changes

We may update this Privacy Policy from time to time. The 'Last updated' date at the top of this page reflects the most recent revision.

19. Contact

For privacy inquiries: privacy@proc2proof.com.