Privacy Policy

Data We Handle

Common categories of data

AISEC processes information required to create accounts, operate tenant workspaces, support security workflows, and maintain the service.

• Identity and account data such as name, email address, role, tenant, and authentication state.
• Workspace content such as policies, risks, evidence metadata, alerts, and configuration choices entered by authorised users.
• Operational data such as logs, service telemetry, and support interactions used to keep the platform secure and reliable.
• Limited billing or commercial contact details where needed for account management.

Why

How data is used

Data is used to deliver the product, keep tenants properly isolated, improve reliability, and communicate with customers about the service.

• To authenticate users and enforce access based on tenant and role context.
• To store, retrieve, and present workspace data requested by authorised users.
• To operate security, observability, and incident-response processes.
• To provide support, onboarding, service notices, and release-related communication.

Rights and retention

Control, deletion, and requests

Retention periods depend on the type of data and legal or operational requirements, but the goal is to keep only what is needed for the service and its security.

• Customers can request updates or deletion of account-related information where applicable.
• Workspace retention and deletion requests should be coordinated through tenant administrators.
• Security and audit logs may be retained longer when needed for fraud prevention, incident response, or compliance obligations.
• Data rights requests are handled in line with applicable privacy law and the roles AISEC and the customer each play.