Legal

Privacy Policy

Last updated: 19 May 2026

This policy explains the public pilot privacy position for AEGIS Sentinel. It should be reviewed by counsel before large-scale public launch or regulated customer deployments.

1. Who We Are

AEGIS Sentinel is an AI agent and automation oversight product operated for early commercial pilots by the AEGIS Sentinel project owner. Contact: aegis.sentinel.team@gmail.com.

2. Data We Process

Depending on how you use the service, we may process:

contact details such as name, work email and organization;
account and role information for console access;
API key metadata, organization settings and subscription status;
agent, workflow, event, decision, review and audit metadata;
technical data such as IP address, access logs, timestamps and user agent;
support messages and pilot onboarding information.

The browser console may store the API key and selected view in local browser storage so the dashboard can remain usable during a session.

3. How We Use Data

We use data to:

operate, secure and improve AEGIS Sentinel;
validate actions and produce audit records;
provide support, onboarding and commercial follow-up;
enforce plan limits, retention periods and security controls;
detect abuse, incidents and unauthorized use.

4. Customer Event Data

For event and action data sent by a customer to AEGIS Sentinel, the customer generally decides what data is sent and why. In that case, the customer is normally the controller and AEGIS Sentinel acts as a processor unless a signed agreement says otherwise.

Customers should minimize payloads and avoid sending secrets or unnecessary personal data.

5. Legal Bases

Processing may be based on contract performance, legitimate interests in operating and securing the service, compliance with legal obligations, or consent where consent is required.

6. Sharing

We may use hosting, infrastructure, security, payment, email and support providers. We do not sell personal data.

7. International Transfers

The current hosted pilot is designed around EU-based infrastructure. If a provider or customer workflow requires transfer outside the EEA, appropriate safeguards should be agreed before production use.

8. Security

We use access control, hashed API keys, defensive headers, logging, backups and network restrictions. No internet-facing service can be guaranteed completely secure, so customers should also apply their own controls to connected agents and systems.

9. Retention

Retention depends on plan, data type and legal obligations. See the Data Retention Policy.

10. Your Rights

Depending on your location and the role of AEGIS Sentinel in the processing, you may have rights to access, rectify, erase, restrict, object to or receive a copy of your personal data. Send requests to aegis.sentinel.team@gmail.com.

11. Complaints

You may have the right to complain to your local data protection authority. For customers in the EU, this includes the supervisory authority in their Member State.