Privacy Policy

Last Updated: May 7, 2026

SecuriX ("we," "our," or "us") is dedicated to providing a secure Agent Access Security Broker (AASB) infrastructure. This policy explains how we handle data when you use our middleware to connect AI agents to your enterprise tools.

1. Data We Collect

• Account Information: When you sign up, we collect basic profile information (name, email) provided by our authentication partners (e.g., Google).
• Encrypted Credentials: We store OAuth access and refresh tokens for the services you connect (e.g., Jira, Google Drive). These tokens are secured using envelope encryption(AES-256), where data encryption keys are managed by an industry-standard Key Management Service (KMS).
• Policy Metadata: We store the security policies you define (OPA/Rego) to govern agent behavior.

2. How We Handle Your Provider Data

Unlike traditional integrations, SecuriX acts as a secure proxy. When an AI agent makes a request to a provider (like Jira) via SecuriX:

• We do not store the contents of your files, emails, or tickets on our permanent servers.
• Data passing through our proxy is processed in-memory to enforce your security policies and is then transmitted to the agent.
• Audit Logs: If enabled, we store metadata about API calls (time, agent ID, tool called, and policy result) to provide you with visibility into agent activity.

3. Security Infrastructure

SecuriX is built on "Trust by Design." We use industry-standard vaulting techniques and Hardware Security Modules (HSM) provided by cloud-based Key Management Services to ensure that even if an AI agent is compromised via prompt injection, your primary provider credentials remain shielded within our secure environment.

4. Third-Party Services

Our service facilitates connections to third-party providers. Your use of those services is governed by their respective privacy policies (e.g., Atlassian's Privacy Policy for Jira).