Overview
AWSight, operated by CloudSec Global LLC, provides Cloud Security Posture Management (CSPM) services through automated daily security scanning of your AWS infrastructure. This Privacy Policy explains how we collect, use, store, and protect your data when you use our services.
Our Commitment to Privacy
We require only read-only access to your AWS infrastructure. We cannot modify, create, or delete any of your AWS resources. All client data is treated as confidential and is never disclosed to third parties.
Data Controller
You (the Client) determine the purposes and means of processing your AWS infrastructure data.
Data Processor
AWSight processes data on your behalf per this agreement for cloud security posture assessment.
Data We Collect
To provide our security scanning and analysis services, we collect the following categories of data from your AWS infrastructure:
Configuration Data
- Resource configurations and metadata
- Security group rules and network settings
- IAM policies, roles, and permissions
- Service configurations and compliance settings
- Resource tags, naming conventions, and organizational metadata
Operational Data
- Resource inventory and topology information
- Security findings and compliance status
- Performance and utilization metadata
- Audit trail and configuration history
Account Information
- Contact information for account management
- Payment information for billing (processed securely)
- Communication preferences
Data We Don't Collect
Your privacy is paramount. We explicitly do not access, collect, or process the following types of data:
Content Data
Actual files in S3, database records, or application data
Personal Data
End-user information, customer records, or employee data
Financial Data
AWS billing information, cost data, or payment details
Secrets
API keys, passwords, encryption keys, or credentials
Communications
Email contents, chat logs, or document contents
CloudWatch Logs
Application logs or monitoring data content
How We Use Your Data
We use the data we collect exclusively to provide and improve our security monitoring services:
Security Scanning
Perform automated daily scans against 500+ security controls based on the AWS Foundational Security Best Practices (FSBP) framework.
Dashboard & Reporting
Generate custom Grafana dashboards with real-time security insights and monthly executive reports with remediation guidance.
Compliance Monitoring
Track compliance status against security frameworks and identify gaps in your security posture.
Alerting
Send notifications through integrated channels (Slack, Teams, Jira, Email) for critical security findings.
Data Storage & Security
We employ industry-leading security measures to protect your data:
Encryption in Transit
TLS 1.3 encryption for all data transmission
Encryption at Rest
AES-256 encryption for all stored data
Access Controls
Role-based access with multi-factor authentication
Network Security
VPC isolation and security group restrictions
Continuous Monitoring
24/7 security monitoring and audit logging
Tenant Isolation
All clients are partitioned from each other
Data Location
All data is stored on AWS infrastructure within the United States, primarily in US-East-1 (Northern Virginia) or US-West-2 (Oregon). Custom regions are available upon request for data residency requirements.
Data Retention
We retain data only as long as necessary to provide our services:
Data Deletion
Upon service termination, all client data is permanently deleted within 30 days. You may also request immediate data deletion at any time by contacting us.
Data Sharing & Third Parties
No Third-Party Sharing
Client data is never shared with third parties. We will not disclose your information except when legally compelled, and we will provide advance notice of any legal data requests when permitted.
Infrastructure Providers
We use the following providers solely for infrastructure services:
All scanning and analysis is performed directly by AWSight. Any future subprocessors would require client notification and approval.
Your Rights
You maintain full control over your data. Here are your rights:
Access
Real-time access to processed data via dashboards and executive reports
Export
Data export in JSON/HTML format available upon request
Deletion
Immediate data deletion available upon written request
Modification
Changes to data retention or processing scope
Restriction
Ability to limit specific data processing activities
Portability
Data export in standard formats for migration
Security Incident Response
In the unlikely event of a security incident affecting your data, we follow a strict response protocol:
Immediate Assessment
Security incident impact evaluation begins
Client Notification
You are notified of incident discovery and initial findings
Detailed Report
Complete incident report with root cause analysis provided
We maintain 24/7 monitoring of our processing infrastructure with automated alerts for security anomalies, conduct regular security assessments and vulnerability testing.
Contact Us
If you have questions about this Privacy Policy, want to exercise your data rights, or have concerns about your data:
Policy Updates
We may update this Privacy Policy periodically. Material changes will be communicated with 30 days advance notice. Continued use of our services after changes constitutes acceptance of the updated policy.