Privacy Policy
Last updated: 18 June 2026
1. Data controller
Aegis Scanner ("we", "us") is the data controller for personal data described here. Contact: info@aegisscanner.com
2. Data we collect
- Contact details: Name, email, company, and phone when you request a demo or free scan.
- Scan data: Technical findings from domains and assets you ask us to assess.
- Service logs: Timestamps, IP addresses, and audit events needed to operate the platform securely.
- Mobile uploads: APK files are analysed in memory and deleted immediately; only a hash and findings are retained.
3. Why we process data
- Deliver scans, reports, and continuous monitoring alerts
- Respond to support and sales enquiries (GDPR Art. 6(1)(b) contract / pre-contract)
- Legitimate interest in securing our service and preventing abuse (Art. 6(1)(f))
- Legal obligations where applicable (audit logs, tax records)
4. Where data is stored
Production workloads run on EU infrastructure (Hetzner, Germany). Enterprise customers may deploy on-premise so data never leaves their environment.
5. Sub-processors & transfers
We use infrastructure and AI providers (e.g. Anthropic, email delivery, OSINT APIs) strictly to operate the service. We do not sell personal data. Standard Contractual Clauses are available for transfers outside the EEA.
6. Retention
- Free scan results: 90 days, then deleted or anonymised.
- Paid subscriptions: for the contract term plus statutory retention periods.
- You may request deletion at any time (GDPR Art. 17 / KVKK Art. 11 for Turkish residents).
7. Your rights
Depending on your jurisdiction you may access, rectify, erase, restrict, or port your data, and object to processing. Email info@aegisscanner.com. EU residents may lodge a complaint with their supervisory authority.
8. Cookies
We use only essential cookies required for authentication and security. No third-party advertising or tracking cookies.
← Back to home