PRIVACY

Privacy

No PHI

Aegis is designed for de-identified content and does not knowingly receive Protected Health Information (PHI). Submitting PHI violates our Terms of Service. See Security for the full data-flow architecture.

How your inputs are handled

/scan (free audit)

Processed in process memory and discarded when the response returns. Nothing is written to disk.

/suite/* (compliance documents)

Form input and generated output are stored locally in a SQLite database so you can re-download documents. You can permanently delete any entry from the history page at any time.

Data we collect

Email address (only if you provide it — waitlist, contact form)
Payment information, processed by Revolut (we do not store card data)
Non-PHI operational logs from the server (request timing, errors)

Data we do not collect

Patient identifiers or medical records
EHR data or clinical-system content
Background analytics, telemetry, or behavioural tracking

Third-party processors

Inputs you submit are sent to one or more AI providers (Google Gemini, Mistral, OpenRouter) for analysis. None of these providers operate under a HIPAA Business Associate Agreement with Aegis. Do not submit PHI.

Deleting your data

For Suite documents, use the trash icon on the history page to permanently remove a record. To request deletion of other data (email address, contact-form messages), write to mrglenncarter@gmail.com.