MagenSec collects endpoint security data needed to operate the service, validate licensing, assess vulnerabilities, generate reports, support Officer MAGI recommendations, and maintain historical operational evidence. Some collected security metadata can identify a device, user account, network, or software path.

What We Collect

• Account and licensing data: sign-in email, organization/team membership, role, device enrollment, license status, and license-key metadata.
• Device identity and health: device identifiers, hostname or machine name, OS/build, hardware characteristics, client version, heartbeat status, scan status, update status, and service health.
• Software and vulnerability data: installed software names, vendors, versions, install source, install path or path hash, CVE matches, remediation state, and portable-app observations.
• Security posture data: endpoint protection state, firewall/RDP/BitLocker/Secure Boot/TPM indicators, Windows update/KB state, certificate inventory, open-port evidence, local-user/admin posture, and threat-detection evidence.
• Network security context: IP addresses, gateways, DNS suffixes, network prefixes, public egress hints, adapter fingerprints, proxy state, and connection indicators.
• Operational evidence: command acknowledgements, telemetry upload health, audit events, reports, and evidence snapshots used to explain changes over time.

What We Do Not Collect

• We do not index, intercept, or copy personal documents, photos, emails, messages, file contents, browsing history, keystrokes, screen content, passwords, session cookies, browser tokens, or private keys.
• We do not collect general productivity monitoring or application-content usage unrelated to endpoint security state.

Data Processing & Protection

We use HTTPS/TLS for communications and encryption at rest for stored customer security data. We also mask or hash selected account and scope values where the product does not need the raw value. No internet-connected service can guarantee absolute security, so customers should grant portal access only to users who need to view security evidence.

Customer Responsibilities

You are responsible for deploying MagenSec only on devices you own or are authorized to administer, and for providing any notices, consents, works-council approvals, or customer permissions required by applicable law, contracts, or internal policy before monitoring users or devices.

Our platform aims to be a source of structural security truth. In executing our system on your machines, the following principles apply:

• Authorized Deployment: You must limit distribution of the MagenSec agent only directly to hardware assets under your ownership or explicit legal administration.
• User Notice and Consent: You are responsible for informing monitored users that endpoint security, software, network, device identity, and local-admin posture data may be collected and processed by MagenSec for security operations.
• Integrity Protocols: Hostile misuse of our cloud pipelines, interfering with internal logic of the MAGI decision framework, or injecting fraudulent anomalies into our posture ingestion logic equates to explicit violation of service terms and requires zero tolerance access suspension.

Licensing enables telemetry flow and reporting functionality. Where a license expires, data flow naturally suspends while previously compiled snapshots generally await proper resumption via renewal.

Though MagenSec strives to uncloak opaque vulnerabilities and provide immediate intelligence over security degradation, the system acts primarily as an analytical observability layer—ultimately relying on administration from your personnel for execution of risk-mitigating adjustments.

No Guarantee of Absolute Security

Because adversarial operations continuously pivot, MagenSec cannot guarantee total network invulnerability. Our MAGI synthesis guides resource allocation, yet the services are offered essentially "AS IS" out of functional necessity.

Aggregate Limits

Under no framework parameters shall organizational aggregate liability related to system performance logically exceed total sub-tier subscription amounts delivered during the specific twelve preceding operational months linked directly to the inciting event.