Privacy Policy – RGPD – Scrutix

Scrutix acts as a data controller according to the General Data Protection Regulation (GDPR).
This privacy policy describes how your data is collected, used, stored, and protected.

1. Data collected
- Account data (email, username, hashed password).
- Billing data (if applicable).
- IP address and usage logs (for security and compliance).

2. Purposes
- Account management,
- Service security,
- Usage analytics to improve the service,
- Compliance with legal obligations.

3. Legal basis
Processing relies on:
- Your explicit consent upon registration,
- Performance of the service contract,
- Your legitimate interests (security, compliance).

4. Data retention
Account data is kept for the duration of the contractual relationship, plus 10 years 
for security and compliance obligations, then anonymized or deleted.

5. Data subject rights
You can exercise at any time the rights of:
- Access,
- Rectification,
- Restriction of processing,
- Erasure,
- Data portability.

To exercise these rights, contact: contact@scrutix.com.

6. Security
Your data is protected by encryption, strict access controls, and security routines in line with
industry best practices.