Privacy Policy

Last updated: March 4, 2026

1. Data Minimization By Design

As a zero-trust platform, we adhere to absolute data minimization. We do not inspect the payloads of your agent's API requests. We only capture the required metadata (source IP, SPIFFE ID, target resource) necessary to evaluate OPA policies and enforce your security boundaries.

2. Information Collection

We collect billing information and organization administrator emails via our payment processor (Stripe) and identity provider (Clerk) explicitly for the provisioning of SaaS services.

3. GDPA and CCPA Compliance

You retain full ownership of your agent telemetry. You may export or purge your compliance logs via the dashboard or API at any instant. Address all data deletion requests to our DPO at privacy@aegis-agent.id.