Legal · Privacy

Privacy Policy

Effective date: 28 June 2026 · Last updated: 28 June 2026

This Privacy Policy explains how [LEGAL ENTITY] ("EQS", "we", "us"), operator of the EventQuery Sentry platform, handles personal data and customer telemetry. For most endpoint telemetry, our customer is the data controller and EQS acts as a processor on their instructions.

1. Scope

This policy covers data processed through the EventQuery Sentry website (eqsentry.io), the customer portal (portal.eqsentry.io), and the EQS Sentry Agent (ATA) deployed on Windows and macOS endpoints. A separate Data Processing Agreement (DPA) governs customer telemetry processed on a customer's behalf.

2. Data we collect

Account & billing data

Endpoint telemetry (processed for customers)

Service & usage data

3. How we use data

4. AI processing

Some features use AI models (provided by Anthropic) to translate raw event data into readable narratives and to triage incidents. Telemetry processed by these features is handled under contract and is not used to train public or third-party foundation models. AI output is advisory and may be incomplete or incorrect; see our Terms of Service.

5. Sub-processors

We rely on a limited set of sub-processors to deliver the service, including Microsoft Azure (cloud hosting and infrastructure) and Anthropic (AI processing). A current list is available on request at privacy@eqsentry.io. We require sub-processors to maintain appropriate safeguards.

6. How we share data

We do not sell personal data. We share data only with the sub-processors above, at a customer's direction, or where required by law or to protect rights and safety.

7. Security

Data is encrypted in transit (TLS 1.3) and at rest (AES-256), isolated per tenant, and protected by role-based access control and MFA. Device secrets are scoped per device and stored hashed. See our Security overview.

8. Data residency & retention

Customer data is hosted in [DATA REGION, e.g. Azure Australia East]. Telemetry retention depends on plan (for example, evaluation plans retain a shorter window and enterprise plans up to 365 days). On termination or verified request, customer data is deleted or returned per the DPA.

9. Your rights

Depending on your location (e.g. GDPR, UK GDPR, CCPA/CPRA), you may have rights to access, correct, delete, export, or object to processing of your personal data. For account data, contact privacy@eqsentry.io. For telemetry processed on a customer's behalf, requests are directed to that customer (the controller).

10. International transfers

Where data is transferred across borders, we use appropriate safeguards such as Standard Contractual Clauses. [Confirm transfer mechanisms with counsel.]

11. Children

The service is for business use and is not directed to individuals under 16.

12. Changes

We may update this policy; material changes will be posted here with a revised effective date.

13. Contact

Privacy enquiries: privacy@eqsentry.io
[LEGAL ENTITY], [REGISTERED ADDRESS].