// LEGAL

Data Integrity & Privacy

UK-GDPR Compliance & Incident Response

Data Governance Policy

As an entity operating under UK jurisdiction, Aetheris Systems legally acts as a Data Processor for our clients, bound by stringent Information Commissioner's Office (ICO) guidelines.

Handling & Retention

  • Client data is strictly siloed; we explicitly do not sell or share telemetry or datasets with third-party brokers.
  • We practice "Data Minimization"—requesting only the credentials and datasets absolutely necessary for development.
  • Upon project conclusion, staging datasets and client credentials are cryptographically scrubbed from our active servers within 30 days.

Client Privacy Rights (GDPR)

  • Right to Erasure: Immediate deletion of specific project data upon written request.
  • Right to Portability: Delivery of project databases in standard formats (SQL, JSON, CSV).
  • We provide standardized Data Processing Agreements (DPAs) for enterprise clients to counter-sign.

Incident Protocol

  • In the event of a verified systemic breach, impacted clients will be notified within the strict 72-hour ICO regulatory window.
  • A detailed forensic report and immediate remediation patch timeline will be provided to the client's stakeholders.

For questions regarding our policies, please contact our legal team.

legal@aetheris.systems