Data Policy
SOCVault Ltd · Last updated: June 2026
1. Scope
This Data Policy describes how SOCVault Ltd handles the technical data generated by and submitted to the SOCVault scanning platform — including domain data, scan results, agent telemetry, and AI-generated reports.
2. Scan target data
SOCVault only scans domains, IP addresses, and infrastructure that you have verified ownership of via a DNS TXT record or HTML meta tag. We never initiate active scanning of infrastructure you have not authorised. Scan targets are stored encrypted at rest.
3. AI processing of scan data
Scan results are processed by a single, enterprise-grade AI reasoning engine to generate financial risk translations, remediation scripts, and executive summaries. Scan data submitted to the AI engine is not used to train any model and is processed under a data processing agreement.
4. Data residency
Scan data is processed in AWS infrastructure. UK and EU customers may elect EU-only processing — contact support@socvault.io for regional processing agreements.
5. Encryption
All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Agent communication uses mutual TLS.
6. Wazuh agent data
SOC Pro and Enterprise customers deploying Wazuh agents consent to endpoint telemetry (process lists, network connections, file integrity monitoring) being transmitted to the SOCVault SIEM. Telemetry is retained for 90 days by default.
7. Sub-processors
SOCVault uses AWS as primary infrastructure provider and a named AI services provider for reasoning. A current list of sub-processors is available on request at privacy@socvault.io.
8. Data deletion
You may request deletion of all scan data at any time via the platform settings or by emailing privacy@socvault.io. Deletion is completed within 30 days.
9. Breach notification
In the event of a data breach affecting your scan data, SOCVault will notify you within 72 hours of becoming aware, in line with UK GDPR Article 33.
10. Contact
Data questions: privacy@socvault.io · SOCVault Ltd, England and Wales.