Aegis-DB is a database engine distributed as open-source software (Apache-2.0) and offered as a hosted console and commercial subscription by AutomataNexus LLC ("AutomataNexus", "we"). This policy explains what we collect and how we use it. The self-hosted, open-source engine runs entirely on infrastructure you control — we receive no data from it unless you opt into a hosted or commercial service.
Self-hosted (Apache-2.0): when you run the aegis-server binary yourself, all data you store and all telemetry stay on your infrastructure. We do not collect, transmit, or have access to it.
Hosted Console / commercial tiers: if you sign in to the Aegis Console or purchase a commercial subscription, we process the account, billing, and operational data described below to provide the service.
For the hosted Console we store your email address, a securely hashed credential or federated identity token, organization membership, role, and multi-factor settings. Authentication is handled via Google Firebase Authentication; passwords are never stored in plaintext.
Application data you write to a database instance (rows, documents, time-series, graph, key-value, and streams) is your data. On self-hosted deployments we never see it. On hosted instances we process it solely to operate the service for you and never sell it or use it for advertising. You are the data controller; AutomataNexus acts as a processor.
Commercial subscriptions are billed through Stripe. Card details are entered directly with Stripe and are never transmitted to or stored on our servers. We retain only a Stripe customer reference, the active tier, and invoice metadata needed for billing and support.
The open-source engine ships without phone-home telemetry. The hosted Console records operational metrics (request counts, latency, error rates) and an audit trail of administrative actions to operate and secure the service. We do not run third-party advertising or cross-site tracking.
The Console and this website use essential cookies and local storage only — for sign-in, session management, and remembering your theme and cookie-consent choice. No advertising or third-party tracking cookies are set.
Aegis-DB is built security-first: TLS (rustls) in transit, Argon2id credential hashing, an integrated AES-256-GCM secrets vault, RBAC with a fail-closed bootstrap, and a security shield (injection detection, anomaly detection, brute-force protection). Hosted instances apply these controls by default.
Aegis-DB provides compliance primitives — PHI/PII data classification, consent management, breach detection, and audit logging — to help you meet HIPAA, GDPR, and CCPA obligations. On self-hosted deployments you remain the responsible controller. For hosted/commercial engagements involving regulated data, contact us for a Data Processing Agreement or BAA.
Subject to applicable law you may request access to, correction of, export of, or deletion of your account and personal data. Email privacy@automatanexus.com and we will respond within the timeframes required by GDPR/CCPA.
Aegis-DB is a developer and enterprise product not directed to children under 13, and we do not knowingly collect their data.
We may update this policy; material changes will be reflected in the version and effective date above and, for hosted customers, communicated by email.
AutomataNexus LLC — privacy@automatanexus.com. Source: github.com/AutomataNexus/Aegis-DB.