Services
AIManaged ServicesConsultingOutsourcing
Differentiators
Compliance & SovereigntyEmail InfrastructureObservability & AIFree Tools & Assessments
Language
EnglishDeutsch — soonFrançais — soonEspañol — soon
Book a review
Legal

Privacy Policy

What personal data we process, why, on what legal basis, and the rights you can exercise. Written to be read, not to hide behind.

Effective: 2026-06-18Last updated: 2026-06-18

This policy uses placeholders in square brackets (legal entity, registered address, supervisory authority) that must be completed, and reviewed by qualified counsel in your governing jurisdiction, before publication.

Who is responsible

The controller for personal data processed through this website and our services is [Legal entity name] (Argus Root), [Registered address — street, postcode, city, country], registered under [Company registration number]. For privacy matters, contact [email protected]; our data-protection contact is [email protected].

Scope

This policy covers personal data we process as a controller — visitors to argusroot.com and people who contact us or buy our services. When we host or operate infrastructure on behalf of a client, we usually act as a processor on that client's instructions; those activities are governed by our Data Processing Agreement and the relevant service contract, not by this policy.

Data we collect

We collect only what we need:

  • Contact and enquiry data — the name, email, company, phone or messaging details and message you submit through our contact, audit or emergency forms.
  • Account and billing data — for clients: contracting details, billing contacts and records needed to provide and invoice the service.
  • Technical and usage data — IP address, request metadata and timestamps recorded in server and security logs, used to operate, secure and troubleshoot the site and services.
  • Anti-abuse signals — our forms use timing tokens, honeypots and (optionally) a privacy-preserving bot check to block spam; these do not profile you.

We do not seek to collect special-category data through this website. Please do not include sensitive details in free-text fields.

Purposes and legal bases

We process personal data under the following legal bases of the GDPR (Article 6):

  • To respond to enquiries and provide requested information — our legitimate interest in answering you, or steps taken at your request prior to a contract.
  • To provide and bill our services — performance of a contract.
  • To secure and operate our systems, prevent abuse and keep logs — legitimate interest in the security and integrity of our infrastructure.
  • To meet legal obligations — for example accounting, tax and lawful requests — compliance with a legal obligation.

Where we rely on legitimate interests, we balance them against your rights and only proceed where they are not overridden.

Cookies and similar technologies

This site is built to run with a minimal footprint. We use strictly necessary cookies only — for example a short-lived security token set when you submit a form. We do not set advertising cookies. If we introduce analytics in future, we will update this section and, where required, ask for your consent first.

Retention

We keep personal data only as long as needed for the purpose it was collected, then delete or anonymise it. Enquiry messages are retained while we handle your request and for a reasonable follow-up period; contractual and billing records are kept for the periods required by law; security logs are kept on a short rolling window unless an incident requires longer retention.

Sharing and processors

We do not sell personal data. We share it only with service providers who process it on our behalf under contract (for example email delivery and infrastructure), with professional advisers, or where required by law. Our current sub-processors are listed on the Sub-processors page.

International transfers

We are built to keep data inside the EU. Where a provider processes data outside the EEA, we rely on an adequacy decision or appropriate safeguards such as the European Commission's Standard Contractual Clauses, together with supplementary measures where needed.

Your rights

Subject to the conditions in the GDPR, you have the right to access your data, to rectification, to erasure, to restriction of processing, to data portability, and to object to processing based on legitimate interests. Where processing relies on consent, you can withdraw it at any time without affecting prior processing. To exercise any of these, email [email protected]; we will respond within the statutory time limits. You also have the right to lodge a complaint with a supervisory authority — in our case [supervisory authority of [EU member state]], or the authority in your country of residence.

Security

We protect personal data with technical and organisational measures appropriate to the risk, including encryption in transit, access controls, hardening and monitoring. Our coordinated disclosure contact is [email protected] (see also security.txt).

Changes

We may update this policy as our services or the law evolve. Material changes will be reflected in the effective date above and, where appropriate, communicated directly.

Contact

Questions about this document: [email protected]. Privacy and data-protection matters: [email protected]. You can also use our contact form.