Activity data is securely transmitted to CYDEF servers. Personal client data is not collected, collection activity is restricted to event log files and meta data (e.g. file name, command line, event id). All collected data is encrypted in transit (TLS1.2) and at rest (AES-256 with key rotation).