← Back to Cyber Range

Privacy Policy

Last updated: 2026-06-19. iQs Group Inc.

1. What we collect

• Account data: name, work email, company, hashed password.
• Usage data: ranges you build, scans you run, scorecards generated.
• Operational logs: request timestamps, IP, user-agent, error traces — retained 90 days for debugging.
• Billing data: handled by Stripe; we store only the Stripe customer ID and plan, never card numbers.

2. What we don't collect

• We do not scan your real production environment.
• We do not sell user data to anyone.
• We do not train AI models on your sealed ground-truth or scan results.

3. How data is stored

Per-tenant logical isolation in PostgreSQL on AWS RDS (us-east-1). Sealed ground-truth keys are encrypted at rest with a tenant-scoped KMS key; cross-tenant reads are rejected by the data plane (not just the API).

4. Cookies

One session cookie (acr_session) and one tenant cookie (acr_tenant). No third-party trackers, no advertising pixels.

5. Your rights

Export, delete, or correct your data at any time from your account settings, or email privacy@aegiscyberrange.com. We respond within 30 days.

6. Sub-processors

• AWS (compute, storage, networking) — us-east-1
• Cloudflare (CDN, DNS, edge security)
• Stripe (payments)
• Resend (transactional email)

7. Changes

Material changes will be notified 30 days in advance via email and a banner on the dashboard.

8. Contact

Email privacy@aegiscyberrange.com or use the contact form.

---