How we protect your data. All numbers on this page are pulled directly from our production configuration.
| What | How |
|---|---|
| Data in transit | TLS 1.3, all connections |
| Data at rest | AES-256, Google Cloud managed keys |
| Stored credentials | AES-256-GCM with 12-byte nonce. 256-bit key from dedicated environment variable. Decrypted only at moment of use, then redacted from all stored logs. |
| Passwords | bcrypt via PostgreSQL pgcrypto (gen_salt('bf')). Timing-safe comparison. |
| API keys | SHA-256 hashed before storage. Plaintext never persisted. Looked up by hash. |
| Session tokens | 32 random bytes, SHA-256 hashed, hex-encoded |
Every AI agent runs in its own isolated container. No two agents share a browser session, and containers are destroyed after use.
| Setting | Value |
|---|---|
| Container type | Ephemeral Docker container (Selenium Grid) |
| Max concurrent containers | 5 per node |
| Session timeout | 600 seconds (10 minutes idle) |
| Page load timeout | 30 seconds |
| Max agent iterations | 115 per agent |
| Max agent token budget | 2,000,000 tokens |
| Agent cleanup timeout | 5 seconds (container destroyed) |
| Tenant separation | Logical isolation at database level with enforced tenant IDs on all queries |
| Data type | Retention | Notes |
|---|---|---|
| Page HTML content | Not persisted | Used in-memory for agent decisions, never written to database. Truncated at 15,000 characters. |
| Page text content | Not persisted | Truncated at 8,000 characters in-memory. |
| Credentials in agent logs | Redacted immediately | Masked to first and last character before storage. |
| Console logs | Not persisted | Capped at 200 entries per session, returned to agent only. |
| Network events | Not persisted | URL, method, status, size. Available to agent only during session. |
| Agent session data | Duration of project | Screenshots, conversation logs, test results. Deletable on request. |
| Video recordings | Duration of project | Stored in Google Cloud Storage. Recorded only when enabled. |
| Completed background jobs | 2 hours | Automatically purged by job queue. |
| Cancelled/failed jobs | 24 hours | Kept for debugging, then purged. |
| User sessions (cookies) | 7 days | HttpOnly, SameSite=Lax. Session table is UNLOGGED (not durable). |
| Password reset tokens | 1 day | SHA-256 hashed. Consumed on use. |
| OAuth state tokens | 10 minutes | Expired states cleaned automatically. |
| Account data | 30 days after subscription ends | Name, email, company. |
| Payment records | Per Belgian tax law | Processed and stored by Stripe (PCI DSS compliant). |
| Control | Implementation |
|---|---|
| API authentication | Bearer token in Authorization header. SHA-256 hash lookup. Optional expiry date per key. |
| User roles | Role-based: admin, member. Enforced per tenant. |
| Cookie security | HttpOnly=true, SameSite=Lax, Path=/. 7-day MaxAge. |
| Security headers | X-Content-Type-Options: nosniff, X-Frame-Options: DENY, X-XSS-Protection: 1; mode=block, Referrer-Policy: strict-origin-when-cross-origin |
| Response compression | gzip (BestSpeed level) on all responses except WebSocket and pre-compressed paths |
Each integration is enabled by the customer and can be disabled at any time. Aiqaramba processes integration data only on the customer's instruction.
| Integration | Data accessed | Direction |
|---|---|---|
| Microsoft 365 (email) | Email subject, sender, body preview, extracted links. Scoped by customer's OAuth credentials. Default: last 10 minutes, max 5 results per query. | Third-party → Aiqaramba |
| Webhooks | Agent/discovery results: ID, name, status, summary, duration, video URL. HMAC-signed with per-project secret. | Aiqaramba → Customer |
| GitHub App | Agent failure summaries for issue creation. OAuth token encrypted at rest. | Aiqaramba → Customer |
| PostHog (product analytics) | Aggregated, non-PII events only: agent_completed with agent_id, model, success, iterations, tokens_used, tenant_id. No personal data. | Aiqaramba → PostHog |
We provide at least 14 days' notice before adding or replacing a sub-processor. To receive notifications, email privacy@alex-ai.eu.
| Sub-processor | Location | Purpose |
|---|---|---|
| Google Cloud Platform | EU (Belgium) | Infrastructure hosting, compute, Cloud SQL (PostgreSQL), Cloud Storage |
| Google Vertex AI | EU | LLM inference (Gemini models) for agent intelligence |
| Stripe | EU / US | Payment processing and subscription management (PCI DSS compliant) |
Last updated: March 2026
| Framework | Status |
|---|---|
| GDPR | Compliant — EU-based processing (Belgium). DPA with Standard Contractual Clauses (Module 2). |
| UK GDPR | Compliant — UK Addendum (ICO version B1.0) incorporated into DPA. |
| CCPA | Compliant — Service provider designation. No sale of personal information. |
In the event of a personal data breach, we notify affected customers within 48 hours, providing the nature and scope of the breach, likely consequences, and measures taken to address it.
Report a security vulnerability: security@alex-ai.eu
| Legal entity | Alex AI BV, trading as Aiqaramba |
|---|---|
| Address | Jozef Plateaustraat 75/201, 9000 Gent, Belgium |
| Company number | BCE 1029.742.102 |
| Jurisdiction | Belgium |
| Supervisory authority | Belgian Data Protection Authority (Gegevensbeschermingsautoriteit) |
| Privacy contact | privacy@alex-ai.eu |
| Security contact | security@alex-ai.eu |