Privacy Policy

Daedalus Development Group ("DDG," "we," "us," or "our"), a company operating under the laws of the State of Florida, United States, operates the Aegis Platform ("Platform"), a multi-service enterprise software-as-a-service ("SaaS") solution accessible at diligentcyber.com and related subdomains (collectively, the "Service").

This Privacy Policy describes how we collect, use, disclose, and protect the personal information of individuals who visit our website, use our Platform, or otherwise interact with our Service. This policy applies to all users, including platform administrators, tenant administrators, agents, clients, and website visitors.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Service.

We use collected information for the following purposes:

• Service delivery: To provide, maintain, and improve the Platform and its features
• Account management: To create and manage user accounts, authenticate users, and enforce role-based access controls
• Communication: To send service-related notifications, respond to inquiries, and provide customer support
• Multi-tenant operations: To manage tenant isolation, data segregation, and per-tenant configurations
• Analytics: To analyze usage patterns, generate platform performance reports, and improve user experience
• Marketing: To send promotional materials and campaigns (with your consent, where required)
• Legal compliance: To comply with applicable laws, regulations, and legal processes
• Security: To detect, prevent, and address fraud, unauthorized access, and other security issues
• Billing: To process payments, manage subscriptions, and maintain billing records

We do not sell your personal information. We may share your information in the following circumstances:

We retain your personal information for as long as your account is active or as needed to provide the Service. We may also retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

• Account data: Retained for the duration of the account plus 30 days after deletion request
• Transaction records: Retained for 7 years in accordance with applicable tax and financial regulations
• Audit logs: Retained for a minimum of 2 years
• Marketing preferences: Retained until you opt out or request deletion
• Analytics data: Aggregated and anonymized data may be retained indefinitely

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Row-level security and tenant data isolation at the database level
• Role-based access controls with principle of least privilege
• Regular security assessments and vulnerability monitoring
• Audit logging of all administrative actions including data access and impersonation
• Secure authentication with support for multi-factor authentication and SSO

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

As a company operating in the State of Florida, we comply with applicable Florida state privacy laws, including:

• Florida Information Protection Act (FIPA), Fla. Stat. § 501.171: In the event of a data breach involving personal information, we will notify affected individuals and the Florida Department of Legal Affairs within 30 days of discovery, or as otherwise required by law.
• Florida Deceptive and Unfair Trade Practices Act (FDUTPA): We are committed to transparent and fair data practices and do not engage in deceptive collection or use of personal information.
• Florida Digital Bill of Rights (effective July 1, 2024): If applicable based on qualifying thresholds, Florida consumers may have additional rights including the right to confirm processing, delete personal data, obtain a copy, opt out of targeted advertising, and opt out of profiling. To exercise these rights, contact us at the email below.

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly. If you believe a child has provided us with personal information, please contact us at 0xcircuitbreaker@protonmail.com.

The Service may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access.

The Service is hosted and operated in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States. By using the Service, you consent to the transfer of your information to the United States, which may have different data protection laws than your country of residence.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a revised "Last Updated" date. For significant changes, we may also provide additional notice (such as email notification). Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: