Privacy Policy
Pvotal Technologies, Inc.
- 1. Introduction and Who We Are
- 2. Definitions
- 3. What Pvotal Does and Does Not Have Access To3.1 What Pvotal Operates3.2 What Pvotal Does not Have Access To
- 4. Data We Collect4.1 Hub Account Data4.2 Artifact Distribution Logs4.3 Hub Usage Data4.4 Website and Documentation Usage4.5 Onboarding Portal Data4.6 Community Platform Data4.7 Support and Communications4.8 Cookies and Tracking
- 5. How We Use Your Data
- 6. Data Sharing and Disclosure6.1 Sub-processors6.2 Business Transfers6.3 Legal Requirements
- 7. International Data Transfers
- 8. Data Retention
- 9. Security
- 10. Your Rights10.1 GDPR Rights (EEA / UK Residents)10.2 CCPA / CPRA Rights (California Residents)
- 11. Children's Privacy
- 12. Third-Party Links and Integrations
- 13. Changes to This Policy
- 14. Contact Us
1. Introduction and Who We Are
Pvotal Technologies, Inc. ("Pvotal," "we," "our," or "us") is a corporation incorporated in the State of Delaware, United States, operating globally. We develop and distribute the Infrastream platform — a declarative, GitOps-native infrastructure automation platform.
This Privacy Policy explains how we collect, use, store, and disclose personal data in connection with our products and services, including:
● pvotal.tech — Company Website
● Infrastream Hub — our hosted portal at hub.infrastream.io, through which customers authenticate via OpenID Connect, manage their Infrastream deployments, and access software artifacts
● Infrastream Onboarding Portal — onboard.pvotal.tech, a project-based customer onboarding portal available to paid customers, delivered in partnership with Rocketlane
● Infrastream Community — our developer community on Discord (discord.gg/infrastream)
● docs.infrastream.io — Public Documentation
Important Architectural Note: Infrastream itself runs entirely within the customer's own cloud infrastructure (GCP or otherwise). Pvotal does not host, operate, or have access to customer manifests, infrastructure state, deployment logs, or any cloud resources managed by Infrastream. Customers synchronize their manifests from their own GitHub or GitLab repositories directly into their own Infrastream deployment. Pvotal does not receive, process, or store customer infrastructure configuration data.
This Policy governs only the data processed through Pvotal-operated surfaces: the Infrastream Hub, documentation site, and company website.
2. Definitions
Any information relating to an identified or identifiable natural person
Account registration and identity data processed through Infrastream Hub
Automatically collected data about how you interact with Pvotal-operated surfaces
Pvotal's hosted portal for OpenID authentication, deployment upgrade management, and artifact distribution
Compiled binaries, container images, executor packages, and agent releases distributed by Pvotal to licensed customers
The customer's own GCP or cloud environment in which Infrastream is deployed and operated
3. What Pvotal Does and Does Not Have Access To
3.1 What Pvotal Operates
Pvotal operates the following customer-facing surfaces:
● Infrastream Hub (hub.infrastream.io): OpenID Connect (OIDC) authentication, artifact distribution, license management, and upgrade management for licensed customers
● Infrastream Onboarding Portal (onboard.pvotal.tech): A structured, project-based onboarding experience for paid customers, powered by Rocketlane. This portal coordinates implementation milestones, task assignments, document sharing, and communication between Pvotal's onboarding team and Customer stakeholders
● Infrastream Community Platform (Discord): A community forum for developers building with or evaluating Infrastream, providing peer support, announcements, release discussions, and access to Pvotal engineering staff on a best-effort basis. Join at discord.gg/infrastream
3.2 What Pvotal Does NOT Have Access To
Infrastream is deployed and operates entirely within the customer's own cloud infrastructure. As a result, Pvotal does not have access to, does not receive, and does not store:
● Customer YAML manifests or infrastructure definitions
● Infrastructure state data (deployment graphs, node states, run events)
● Customer GCP resources, credentials, or service accounts
● Customer Git repositories or commit history
● Data processed by the Infrastream AI Agent within the customer's environment
● HITL (human-in-the-loop) approval decisions or audit logs
● Any data from customer-connected GitHub or GitLab integrations (manifests are pulled from customer VCS into the customer's own Infrastream deployment — not into Pvotal systems)
4. Data We Collect
Given the above architecture, Pvotal's data collection is limited to what is necessary to operate Infrastream Hub and our public-facing webproperties. We also collect Infrastream executors critical errors with data sanitization with opt-in.
4.1 Hub Account Data (Data You Provide)
● Identity: Name, professional email address, and OpenID Connect identity token (from your configured identity provider)
● Organization: Company name, primary domain
● License Information: Subscription tier, licensed GCP Organization ID or cloud identifier (used to issue and validate license keys)
● Billing: Company billing address, VAT/EIN number; payment card data is collected and processed exclusively by our PCI-DSS compliant payment processor (Stripe) and is never stored on Pvotal systems
4.2 Artifact Distribution Logs
When a licensed customer pulls a software artifact (binary release, container image, executor package) from Pvotal's artifact registry, we log:
● Artifact name and version
● Timestamp of the request
● Customer account identifier
● IP address of the requesting system
These logs are used for license enforcement, release tracking, and security monitoring. They do not contain any customer infrastructure data.
4.3 Hub Usage Data (Collected Automatically)
● IP address, browser type, operating system
● Pages visited within Infrastream Hub, time on page, navigation paths
● Upgrade requests initiated via the Hub (version from, version to, timestamp)
● Error and crash reports from the Hub UI (sanitized of any infrastructure data)
4.4 Website and Documentation Usage
● Standard web analytics (aggregate page views, referrer URLs, geographic region at country level)
● Form submissions: contact requests, demo requests, newsletter sign-ups
4.5 Onboarding Portal Data (onboard.pvotal.tech)
For paid customers using the Infrastream Onboarding Portal, we process:
● Contact and identity information: Names and email addresses of Customer stakeholders invited to the onboarding project
● Project and task data: Milestone plans, task statuses, due dates, implementation checklists, and phase completion records
● Communications: Messages, comments, and discussions conducted within the Rocketlane-powered portal between Customer and Pvotal's onboarding team
● Shared documents: Files and documents uploaded by Customer or Pvotal to the onboarding project workspace
● Session and access logs: Login timestamps, portal activity, and notification preferences
This data is processed solely for the purpose of coordinating and delivering Customer's onboarding engagement. Onboarding portal data is retained for the duration of the onboarding engagement plus 2 years, after which it is deleted or anonymized.
Pvotal's onboarding team may request and review Customer-provided architectural context (e.g., a description of existing GCP organization structure) to inform onboarding recommendations. This context is provided voluntarily by Customer and is handled as Confidential Information.
4.6 Community Platform Data (Discord)
The Infrastream developer community operates on Discord. When you join the Infrastream Discord server, Discord Inc. collects and processes your data in accordance with Discord's Privacy Policy. Pvotal additionally processes:
● Identity: Discord username and any profile information you choose to share in the server
● Messages and content: Posts, replies, threads, and files shared in Infrastream Discord channels
● Participation data: Channel membership, join/leave events, and role assignments within the server
The Discord server is a public-facing community space. Do not share proprietary, confidential, cloud credentials, or personally identifying information in public channels. Communications from Pvotal staff in Discord do not constitute official support with SLA commitments.
4.7 Support and Communications
● Emails, support tickets, and chat messages you send to us
● Diagnostic information you voluntarily share with our support team
Pvotal does not passively collect diagnostic information from customer deployments. Any diagnostic data shared during a support engagement is provided by the customer on a voluntary basis and is used solely to resolve the specific support case.
4.8 Cookies and Tracking
Hub session management, OIDC token handling
Language/preference settings
Aggregate usage statistics (self-hostedPostHog)
Interest-based outreach on third-partyplatforms
5. How We Use Your Data
Contract performance (Art. 6(1)(b) GDPR)
Contract performance
Contract performance
Contract performance + Legal obligation
Legitimate interests (Art. 6(1)(f) GDPR)
Legitimate interests
Legitimate interests
Consent (Art. 6(1)(a) GDPR)
Consent
Legal obligation (Art. 6(1)(c) GDPR)
6. Data Sharing and Disclosure
Pvotal does not sell, rent, or trade Personal Data. We share data only in the following limited circumstances:
6.1 Sub-processors
Infrastream Hub hosting, artifact registry
Payment processing
Paid customer onboarding portal (onboard.pvotal.tech)
Public documentation hosting, open-source repositories
Infrastream developer community server
US
An up-to-date sub-processor list is available upon request at privacy@pvotal.tech.
6.2 Business Transfers
In the event of a merger, acquisition, or asset sale, Personal Data may transfer as part of that transaction. You will be notified in advance where required by law.
6.3 Legal Requirements
We may disclose data if required by law, court order, or governmental authority, or where reasonably necessary to protect the rights, property, or safety of Pvotal, our customers, or the public.
7. International Data Transfers
Pvotal is incorporated in Delaware and hosts Infrastream Hub on Google Cloud infrastructure in the United States. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, your Personal Data may be transferred to the US.
Where such transfers occur, we rely on:
● Standard Contractual Clauses (SCCs) approved by the European Commission
● UK International Data Transfer Agreements (IDTAs)
Data Processing Agreements (DPAs) are available for enterprise customers upon request at legal@pvotal.tech.
8. Data Retention
Duration of subscription + 3 years post-termination
7 years (US tax / legal compliance)
2 years
3 years from case closure
Until opt-out, then 90 days
13 months maximum
Session duration only
Upon account termination, Hub Account Data will be deleted or anonymized within 60 days. Customers have no obligation to notify Pvotal upon terminating their Infrastream deployment, as that deployment runs entirely within their own infrastructure.
9. Security
Pvotal implements the following controls to protect data processed through Infrastream Hub:
● Encryption in Transit: All Hub traffic encrypted via TLS 1.2+
● Encryption at Rest: All Hub data encrypted at rest on GCP using Google-managed encryption keys
● Authentication: Hub access authenticated via OpenID Connect; Pvotal staff access to production systems requires MFA and is logged
● Access Control: Strict least-privilege access for Pvotal staff; no Pvotal engineer has standing access to customer Infrastream deployments (which run within customer infrastructure)
● Artifact Signing: All distributed artifacts (binaries, container images) are cryptographically signed; customers should verify signatures before deployment
● Vulnerability Management: Continuous dependency scanning and periodic penetration testing of Hub infrastructure
Responsible Disclosure and Bug Bounty
Pvotal operates a responsible disclosure program for security vulnerabilities affecting Pvotal-operated surfaces (Infrastream Hub, onboard.pvotal.tech, the artifact registry).
To report a vulnerability:
● Email report-vulnerabilities@pvotal.tech
● Encrypt your report using Pvotal's public GPG key, available on public keyservers (search report-vulnerabilities@pvotal.tech on keys.openpgp.org or keyserver.ubuntu.com)
● Include: affected surface, reproduction steps, potential impact, and your contact details
Safe harbour: Pvotal will not initiate legal action against researchers who discover and report vulnerabilities in good faith in accordance with this policy, and who do not access, modify, or exfiltrate customer data beyond what is minimally necessary to demonstrate the vulnerability.
Out of scope: Customer-operated Infrastream deployments (which run within customer infrastructure and are not operated by Pvotal), denial-of-service attacks, social engineering, and physical security.
Response commitments:
● Acknowledgement within 48 hours
● Triage and severity assessment within 7 business days
● Patch or mitigation target within 90 days for confirmed vulnerabilities (critical issues prioritized)
Pvotal provides public acknowledgement of researchers in our security hall of fame for confirmed, responsibly disclosed vulnerabilities. Monetary rewards are evaluated on a case-by-case basis.
If you believe your Hub account has been compromised, contact security@pvotal.tech immediately.
10. Your Rights
10.1 GDPR Rights (EEA / UK Residents)
● Access (Art. 15): Request a copy of your Personal Data
● Rectification (Art. 16): Request correction of inaccurate data
● Erasure (Art. 17): Request deletion ("right to be forgotten")
● Restriction (Art. 18): Request limited processing
● Portability (Art. 20): Receive your data in machine-readable format
● Object (Art. 21): Object to processing based on legitimate interests
● Withdraw Consent: At any time, without affecting prior processing
Submit requests to privacy@pvotal.tech. We will respond within 30 days and may verify identity before processing. You may lodge a complaint with your local data protection authority.
10.2 CCPA / CPRA Rights (California Residents)
● Right to know what personal information is collected, used, or shared
● Right to delete personal information
● Right to correct inaccurate information
● Right to opt-out of sale or sharing (Pvotal does not sell personal information)
● Right to limit use of sensitive personal information
● Right to non-discrimination for exercising rights
Submit requests via privacy@pvotal.tech with subject line "CCPA Privacy Request."
11. Children's Privacy
Infrastream and Infrastream Hub are enterprise products not directed at individuals under 18. We do not knowingly collect Personal Data from minors. Contact privacy@pvotal.tech if you believe we have.
12. Third-Party Links and Integrations
Our documentation and Hub may link to third-party services (GitHub, GitLab, Google Cloud Console, identity providers). This Policy does not apply to those third-party services. Manifest synchronization between customer VCS and customer Infrastream deployments occurs entirely outside of Pvotal systems.
13. Changes to This Policy
We will provide 30 days' advance notice of material changes via the Hub and/or email to the account's primary contact, and update the "Last Revised" date above.
14. Contact Us
Pvotal Technologies, Inc. Privacy & Compliance Email: privacy@pvotal.tech
Security incidents: report-vulnerabilities@pvotal.tech DPA and legal requests: info@pvotal.tech
Website: https://pvotal.tech
This Privacy Policy is governed by the laws of the State of Delaware, United States, without prejudice to applicable data protection laws in the jurisdiction of the data subject.