Plain-language summary: We collect only what we need to run your AI team. We never sell your data. You can delete everything at any time. Under GDPR, you have real rights — and we make them easy to exercise.
AEGIS OS is an AI Operating System for businesses, operated by Ben Carkaxhia ("we", "us").
Data Controller: Ben Carkaxhia, operating AEGIS OS
Contact: [email protected]
Response time: We aim to respond to all privacy enquiries within 72 hours.
This policy covers the AEGIS OS platform at aegis-agents.work and any related mobile or API access.
Lawful basis: Contract performance (GDPR Article 6(1)(b)) — necessary to provide the service.
Lawful basis: Contract performance — this is the core service you pay for. Your agent conversations are stored in your tenant schema, isolated from other customers.
Lawful basis: Legitimate interests (GDPR Article 6(1)(f)) — fraud prevention, security monitoring, and service improvement.
Lawful basis: Contract performance — required to deliver integrations you have enabled.
Lawful basis: Consent (GDPR Article 6(1)(a)) — only collected if you accept analytics/marketing cookies. You can withdraw consent at any time via our cookie banner.
AEGIS OS is an AI-powered platform. When you interact with your agents:
AI transparency (EU AI Act awareness): AEGIS OS AI agents are decision-support tools. They assist your business processes but do not make final binding decisions. You remain in control of all outcomes.
| Data type | Retention period |
|---|---|
| Account & subscription data | Duration of account + 90 days after deletion |
| AI agent conversations (Omni, tasks) | Duration of subscription, or until you delete |
| Audit logs | 12 months rolling |
| Integration credentials | Until you disconnect the integration |
| Cookie consent records | 3 years (required for demonstrable consent) |
| Support chat transcripts | 90 days |
| Billing records (Stripe) | 7 years (tax/legal obligation) |
We share your data with the following sub-processors solely to deliver the service:
| Sub-processor | Purpose | Location | Safeguard |
|---|---|---|---|
| Groq, Inc. | LLM inference (primary AI processing) | USA | SCCs / Groq DPA |
| Google (Gemini) | LLM inference (fallback) | USA | SCCs / Google DPA |
| Telegram Messenger | Message delivery (if integration enabled) | UAE/Global | User-consented channel |
| Twilio (WhatsApp) | WhatsApp message delivery (if integration enabled) | USA | SCCs / Twilio DPA |
| Stripe, Inc. | Payment processing & subscription management | USA/EU | SCCs / PCI-DSS |
| Hetzner Online | VPS hosting (production infrastructure) | Germany (EU) | GDPR-native |
For transfers outside the EEA, we rely on Standard Contractual Clauses (SCCs) adopted by the European Commission.
As a data subject, you have the following rights. We will respond within 30 days (extendable to 3 months for complex requests):
To exercise any right: [email protected] or use our Data Request form.
| Cookie | Purpose | Duration |
|---|---|---|
session | Authentication session — keeps you logged in | Session / 24h |
aegis-theme-v2 | Light/dark theme preference | 1 year (localStorage) |
aegis-cookie-consent | Stores your cookie consent choice | 1 year |
We do not currently use third-party analytics trackers. If we add them in the future, we will request your consent first via the cookie banner.
We do not use retargeting or advertising cookies.
AEGIS OS is a B2B platform intended for businesses and professionals. We do not knowingly collect personal data from individuals under 16. If you believe a minor has registered, please contact us immediately.
We will notify registered users of material changes via email at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the service after the effective date constitutes acceptance.
For privacy questions: [email protected]
You have the right to lodge a complaint with your national data protection authority. In the EU, you can find your authority at edpb.europa.eu.