// PrivacyPage — privacy policy.

function PrivacyPage() {
  const { React } = window;

  return (
    <React.Fragment>
      <header className="hero-nav">
        <div className="nav-brand">
          <a href="#">
            <img src="branding/sekura-logo.svg" alt="sekura" height="28" />
          </a>
        </div>
        <nav className="nav-links">
          <a href="#">the story</a>
          <a href="#product">product</a>
          <a href="#team">team</a>
          <a href="#login" className="nav-login">log in</a>
        </nav>
      </header>

      <div className="intake-page">
        <div className="intake-inner legal-page">
          <h1 className="intake-title">privacy policy</h1>
          <p className="legal-updated">last updated: may 2026</p>

          <div className="legal-body">
            <h3>1. introduction</h3>
            <p>
              Sekura AI ("Sekura," "we," "us") is committed to protecting your privacy. This Privacy
              Policy describes how we collect, use, and safeguard information when you use our website
              and managed scan services.
            </p>

            <h3>2. information we collect</h3>
            <p><strong>Account information:</strong> Name, work email address, company name, job title,
              and company size provided through our intake and managed scan forms.</p>
            <p><strong>Cloud configuration:</strong> Cloud provider, region, account identifiers,
              network configuration, and scan target CIDRs submitted for scan provisioning.</p>
            <p><strong>Scan metadata:</strong> Scan start/end times, finding counts and severities,
              target CIDR ranges, and scanner health metrics.</p>
            <p><strong>Usage data:</strong> Pages visited, form interactions, and browser/device
              information collected automatically via standard web technologies.</p>

            <h3>3. how we use your information</h3>
            <p>We use collected information to:</p>
            <ul>
              <li>Provision and operate scanner infrastructure in your cloud environment</li>
              <li>Generate scan authorization documents</li>
              <li>Send scan status notifications and reports</li>
              <li>Respond to your inquiries and support requests</li>
              <li>Improve our services and develop new features</li>
              <li>Comply with legal obligations</li>
            </ul>

            <h3>4. data sharing</h3>
            <p>
              We do not sell your personal information. We may share information with:
            </p>
            <ul>
              <li><strong>Service providers:</strong> Email delivery (Resend), cloud infrastructure
                (Cloudflare), and document management (Google Workspace) providers that process data
                on our behalf.</li>
              <li><strong>Legal requirements:</strong> When required by law, regulation, or legal
                process.</li>
            </ul>

            <h3>5. scan data</h3>
            <p>
              Vulnerability findings and scan results remain within your cloud environment. Sekura
              does not extract, store, or transmit customer application data, credentials, or
              proprietary information discovered during scans. Only scan metadata (timing,
              finding counts, severity distributions) is retained by Sekura for service operations.
            </p>

            <h3>6. data retention</h3>
            <p>
              Account and scan metadata are retained for 90 days after the last scan engagement.
              You may request deletion of your data at any time by contacting{' '}
              <a href="mailto:privacy@sekura.ai">privacy@sekura.ai</a>.
            </p>

            <h3>7. security</h3>
            <p>
              We implement industry-standard security measures including encryption in transit
              (TLS 1.3), encryption at rest, access controls, and regular security assessments
              of our own infrastructure.
            </p>

            <h3>8. your rights</h3>
            <p>
              Depending on your jurisdiction, you may have the right to access, correct, delete,
              or port your personal data, and to opt out of certain processing activities. To
              exercise these rights, contact{' '}
              <a href="mailto:privacy@sekura.ai">privacy@sekura.ai</a>.
            </p>

            <h3>9. cookies</h3>
            <p>
              Our website uses only essential cookies required for site functionality. We do not
              use advertising or tracking cookies.
            </p>

            <h3>10. changes to this policy</h3>
            <p>
              We may update this Privacy Policy from time to time. Material changes will be
              communicated via email or a prominent notice on our website.
            </p>

            <h3>11. contact</h3>
            <p>
              For privacy-related inquiries, contact{' '}
              <a href="mailto:privacy@sekura.ai">privacy@sekura.ai</a>.
            </p>
          </div>

          <a href="#managed-scan" className="success-back">← back to managed scan</a>
        </div>
      </div>
    </React.Fragment>
  );
}

window.PrivacyPage = PrivacyPage;