Privacy Policy (Draft)
This draft describes how AegisGuard collects, processes, stores, and protects customer data in our cybersecurity SaaS platform.
1. Data We Process
We process submitted message content, metadata, user account data, and security telemetry required for phishing analysis and platform operation.
2. Purpose of Processing
Data is processed to deliver threat detection, incident triage, product reliability, abuse prevention, and auditability.
3. Retention
Data retention follows customer-configurable retention policies and legal obligations. Data is deleted or anonymized after retention windows expire.
4. Security Controls
Controls include API rate limiting, brute-force protection, audit logging, access controls, encryption in transit, and secrets management guardrails.
5. Data Subject Rights
We support requests for access, correction, deletion, and export in line with applicable privacy regulations.