Law Enforcement
Request Policy

1.1. Cyrenza respects the privacy of its customers and is committed to protecting Customer Data.

1.2. Cyrenza does not voluntarily provide Customer Data to law enforcement or government authorities.

1.3. Cyrenza discloses Customer Data only when legally compelled to do so by valid legal process, and only to the minimum extent required.

2.1. Cyrenza may be required to disclose data in response to:

• Subpoenas – A formal demand for records, typically from a court or government agency.
• Court Orders – An order from a court of competent jurisdiction requiring disclosure.
• Search Warrants – A warrant issued by a judge upon a showing of probable cause.
• National Security Requests – Including National Security Letters (NSLs) and orders issued under the Foreign Intelligence Surveillance Act (FISA), to the extent required by law.
• International Requests – Valid requests from foreign governments processed through appropriate legal channels (such as mutual legal assistance treaties).

3.1. Review. All requests are reviewed by Cyrenza’s legal team for validity, scope, and jurisdictional authority.

3.2. Narrow Scope. Cyrenza objects to requests that are overly broad, vague, or otherwise legally deficient, and seeks to narrow the scope of disclosure.

3.3. Customer Notice. Unless legally prohibited, Cyrenza will notify the affected customer before disclosing their data, so that the customer may seek legal remedies.

3.4. Minimum Disclosure. Cyrenza provides only the data specifically identified in the legal process and required by law.

3.5. No Backdoors. Cyrenza does not provide any government with direct or unfettered access to Customer Data. Cyrenza does not build “back doors” or provide encryption keys to any government authority.

4.1. Customer Data is encrypted at rest and in transit. Even when Cyrenza is required to produce data, encryption protections apply to the extent permissible.

4.2. Cyrenza uses per-tenant encryption. Disclosure related to one customer does not expose data belonging to other customers.

5.1. Cyrenza publishes an annual transparency report covering:

• The number of law enforcement requests received, by type and jurisdiction.
• The number of requests where data was produced.
• The number of requests where Cyrenza objected or sought to narrow scope.
• The number of customers notified.

5.2. The transparency report does not include information that Cyrenza is legally prohibited from disclosing.

6.1. In emergency situations involving imminent danger of death or serious physical injury, Cyrenza may disclose data to law enforcement without a court order, in accordance with applicable law.

6.2. Emergency disclosures are limited to information necessary to address the emergency and are documented and reported in the transparency report.

7.1. Cyrenza is a United States company. Requests from foreign law enforcement agencies must be processed through appropriate legal channels, such as mutual legal assistance treaties (MLATs) or other recognized international frameworks.

7.2. Cyrenza does not comply with foreign government requests that conflict with U.S. law.