Privacy Policy — Agnostic Security

Overview

Agnostic Security Ltd ("we", "us") operates agnosticsec.com and the Yashigani licence portal at app.agnosticsec.com. This policy explains what personal data we collect, how we use it, and your rights under UK GDPR and GDPR.

Data we collect

Name and work email address — when you register for a licence, contact us, or book a demo
Organisation name and domain — used to bind your licence
Payment information — processed by Stripe, we do not store card data
IP address and usage logs — for security monitoring of agnosticsec.com and the portal

Analytics

We use Plausible Analytics — a cookieless, privacy-first analytics tool that does not track individual users, does not use cookies, and is GDPR compliant without a consent banner. No personal data is shared with Plausible.

Yashigani software

Yashigani is self-hosted software. We have no access to traffic, prompts, responses, audit logs, or user data processed by your deployment. Licence verification is entirely offline — no data leaves your infrastructure for licence checking purposes.

Third-party processors

Stripe — payment processing. See Stripe's privacy policy.
Postmark — transactional email delivery (licence keys, receipts).
Cloudflare — CDN and DDoS protection for agnosticsec.com.

Full subprocessor list: /legal/subprocessors

Your rights

Under UK GDPR you have the right to access, rectify, erase, or port your personal data; to object to processing; and to lodge a complaint with the ICO. To exercise these rights, contact legal@agnosticsec.com.

Contact

Data controller: Agnostic Security Ltd, registered in England and Wales.
legal@agnosticsec.com