// LEGAL
Data Integrity & Privacy
UK-GDPR Compliance & Incident Response
Data Governance Policy
As an entity operating under UK jurisdiction, Aetheris Systems legally acts as a Data Processor for our clients, bound by stringent Information Commissioner's Office (ICO) guidelines.
Handling & Retention
- Client data is strictly siloed; we explicitly do not sell or share telemetry or datasets with third-party brokers.
- We practice "Data Minimization"—requesting only the credentials and datasets absolutely necessary for development.
- Upon project conclusion, staging datasets and client credentials are cryptographically scrubbed from our active servers within 30 days.
Client Privacy Rights (GDPR)
- Right to Erasure: Immediate deletion of specific project data upon written request.
- Right to Portability: Delivery of project databases in standard formats (SQL, JSON, CSV).
- We provide standardized Data Processing Agreements (DPAs) for enterprise clients to counter-sign.
Incident Protocol
- In the event of a verified systemic breach, impacted clients will be notified within the strict 72-hour ICO regulatory window.
- A detailed forensic report and immediate remediation patch timeline will be provided to the client's stakeholders.
For questions regarding our policies, please contact our legal team.
legal@aetheris.systems →