Skip to content
AncileBase
Sign inBook a demo

Privacy Policy

Last updated: June 21, 2026

Table of Contents

1. Introduction

AncileBase (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our marketing website and use the AncileBase security observability platform. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access our services.

2. Data We Collect

We collect information that you voluntarily provide to us when you request a demo or register for our platform, including your first name, last name, email address, company name, and the number of Linux servers running in your fleet.

Product Logging Scope (Strict Privacy Isolation):

AncileBase is designed from the ground up to respect data privacy and avoid collecting sensitive production data. Our on-host agent attaches to kernel ring buffers using eBPF to capture event metadata. This includes process executions (e.g. process name, PID), file modifications (e.g. file paths), login authentications (e.g. success/failure flags and protocol metadata), and network connection metadata.

Note: AncileBase does not inspect, read, or upload any file contents, command payloads, database query outputs, or memory contents. All parsing and redacting of telemetry are executed locally on the host machine before any alert metadata is dispatched.

3. How We Use Server Event Data

The captured server event metadata is processed and evaluated on-host against our security rulesets. When a threat signature matches, alert metadata is forwarded to our SaaS platform to notify your engineering team. We use this telemetry exclusively to:

  • Deliver real-time alert notifications (via Slack Webhooks or Email integration).
  • Calculate your daily Security Health Score.
  • Maintain historical audit trails for compliance reporting.
  • Diagnose agent crashes and improve ruleset accuracy.

4. Data Retention

AncileBase retention windows are strictly scoped depending on your account plan tier to ensure compliance:

  • Standard Tier: Alert metadata and telemetry logs are retained for 7 days, after which they are permanently purged.
  • Enterprise Tier: Logs are retained for 30 days. Custom longer archiving rules (e.g. compliance retention up to 1 year) are supported under signed enterprise addendums.

5. Sharing Information with Third Parties

We do not sell, rent, or trade your personal information or product logging metadata with third parties for marketing purposes. To host and operate our secure cloud database infrastructure, we share transactional and alert data with the following cloud sub-processors:

  • Amazon Web Services (AWS RDS): For encrypted transactional database records.
  • Amazon Web Services (AWS CloudFront): For high-availability content delivery and endpoint security.
  • Resend: Used strictly to route transactional demo confirmations.

6. Data Subject Rights

Depending on your residency, you have rights under applicable privacy laws (such as GDPR and CCPA) regarding your personal data. These include the right to request access to and receive details about the personal information we maintain, update and correct inaccuracies, restrict processing, or request the deletion of your account and related metadata.

7. Security Measures

Security is the core of our business. All data processed by AncileBase is stored within secure region-locked datastores inside the United States (US data residency). We employ industrial-grade administrative, technical, and physical security measures to protect your information:

  • Encryption of all data in transit (using TLS 1.3) and at rest (using AES-256).
  • Strict logical network isolation and least-privilege credential controls.
  • Tamper-resistant audit trails backed by hash chaining.

8. Children's Data

Our website and services are directed at engineering teams and businesses, and we do not knowingly solicit or collect data from children under the age of 13. If we learn that we have collected information from a child under 13, we will delete that information as quickly as possible.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated “Last updated” date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed of how we are protecting your data.

10. Contact Us

If you have questions or comments about this Privacy Policy, please contact our Data Protection Officer at: legal@ancilebase.com.