Privacy Policy

01. Introduction

At AetherSec ("we", "us", or "our"), we respect your privacy and are committed to protecting the security of your cloud infrastructure data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our security auditing platform.

02. Data We Collect

• Account Information: Name, email address, and organization details provided via Clerk.
• Infrastructure Metadata: We perform READ-ONLY scans of your AWS environment configuration. We do NOT access your databases' content, code source, or customer PII.
• Usage Data: Logs of how you interact with our dashboard to improve security and performance.

03. How We Use Your Data

We use the metadata collected strictly to generate the Security Posture Report and identify cloud waste. Your infrastructure data is processed in ephemeral runners and is not permanently stored beyond the necessary caching for your dashboard.

04. Security

We implement industry-standard security measures, including encryption in transit (TLS) and at rest. Our AWS integration uses strictly scoped IAM Roles with SecurityAudit and ViewOnlyAccess permissions.

05. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to access, rectify, port, and erase your personal data. You also have the right to object to or restrict processing.

To exercise these rights, simply contact us at the email provided below. We will respond to your request within 30 days.