Privacy Policy

1. Who We Are

AEGIS Sentinel is an AI agent and automation oversight product operated for early commercial pilots by the AEGIS Sentinel operations team. Contact: aegis.sentinel.team@gmail.com.

2. Our Role

For account, billing, security, support and commercial records, AEGIS Sentinel normally acts as an independent controller. For action, workflow, event, review and audit payloads submitted by a customer, the customer normally acts as controller and AEGIS Sentinel acts as processor, unless a signed agreement states a different arrangement.

3. Data We Process

Depending on how you use the service, we may process:

• contact details such as name, work email and organization;
• account and role information for console access;
• API key metadata, organization settings and subscription status;
• agent, workflow, event, decision, review and audit metadata;
• technical data such as IP address, access logs, timestamps and user agent;
• trial abuse-prevention signals such as verification status, browser fingerprint hash, network hash, signup attempts and reset attempts;
• support messages and pilot onboarding information.

The browser console may store a session token, API-key login state, selected view and basic preferences in local browser storage so the dashboard can remain usable during a session. Payment checkout, security and email providers may use their own cookies or security records when you interact with those services.

4. How We Use Data

We use data to:

• operate, secure and improve AEGIS Sentinel;
• validate actions and produce audit records;
• provide support, onboarding and commercial follow-up;
• enforce plan limits, retention periods and security controls;
• detect abuse, incidents and unauthorized use.

Trial abuse-prevention signals are used to protect the service, reduce repeated free-trial abuse and help the AEGIS operations team review suspicious signup patterns. These signals are not sold.

5. Customer Event Data

For event and action data sent by a customer to AEGIS Sentinel, the customer generally decides what data is sent and why. In that case, the customer is normally the controller and AEGIS Sentinel acts as a processor unless a signed agreement says otherwise.

Customers should minimize payloads and avoid sending secrets or unnecessary personal data.

6. Legal Bases

Processing may be based on contract performance, legitimate interests in operating and securing the service, compliance with legal obligations, or consent where consent is required.

7. Sharing And Providers

We may use hosting, database, backup, security, payment, email, analytics and support providers to operate the service. These providers process data only as needed for their role. We do not sell personal data.

Customer raw event data is not shown to other customers. Any future cross-customer learning should use aggregated or anonymized operational patterns rather than identifiable customer payloads.

8. International Transfers

The current hosted pilot is designed around EU-based infrastructure. If a provider or customer workflow requires transfer outside the EEA, appropriate safeguards, such as contractual protections or equivalent transfer mechanisms, should be agreed before production use.

9. Security

We use access control, hashed API keys, defensive headers, logging, backups and network restrictions. No internet-facing service can be guaranteed completely secure, so customers should also apply their own controls to connected agents and systems.

If we become aware of a security incident affecting customer data, we will take reasonable steps to investigate, contain it and notify affected customers where legally required.

10. Automated Decisions

AEGIS Sentinel provides operational risk signals, routing, audit and human review workflows. It is not intended to make solely automated decisions that produce legal or similarly significant effects about individuals without appropriate customer safeguards.

11. Retention

Retention depends on plan, data type and legal obligations. See the Data Retention Policy.

12. Your Rights

Depending on your location and the role of AEGIS Sentinel in the processing, you may have rights to access, rectify, erase, restrict, object to processing, withdraw consent where consent is used, or receive a copy of your personal data. Send requests to aegis.sentinel.team@gmail.com.

13. Complaints

You may have the right to complain to your local data protection authority. For customers in the EU, this includes the supervisory authority in their Member State.