Skip to the content 
Privacy Policy and Data processing notice
Agat Software (“We”) are committed to protecting and respecting your privacy.
This privacy and security statement explains what measures we take to secure your data, the personal data we collect from you through our product, and how we use that data.
This notice sets out the basis on which personal data we collect from you, or that you provide to us, will be processed by us.
Please read the following document carefully to understand our views and practices regarding your personal data protection.
Who are we and what do we do
AGAT Software Development LTD is an innovative security provider specializing in security, compliance, governance, management, and productivity solutions for Unified Communication and Collaboration (UCC) services. SphereShield, AGAT`s flagship product, handles security threats related to authentication and identity as well as communication control, data protection, and content inspection.
Securing your data
All data is encrypted in transit to and from the internet, mitigating the risk of third parties accessing your data. Data can also be encrypted at rest if requested.
We store data in data centers around the globe in accordance with the need of our customers.
We also offer an on-premises deployment that keeps our customer`s data 100% secure and private according to their internal security guidelines.
Personal data that the product collects
We collect and host the following types of information:
For our product`s basic functionality, we store only metadata of the user information. The information we store includes the usernames, UPNs, and timestamps of sign-in. The content, conversations, and files are not stored unless eDiscovery is enabled. You can see the information saved in the User Table in the back-end database.
For our different added features:
In our Ethical Wall solution, A log stores all the incidents containing usernames of sender and receiver and time of incident.
For Ethical Wall for MS Teams, when using the CASB API approach we also store credentials for one user called the Compliance Administrator, which has temporary ownership of all channels for the duration of an action (Move, Copy, etc.)
In our DLP, A log table stores all the incidents containing usernames of sender and receiver and time of incident. Content of the incidents are stored in the archive if configured.
In our eDiscovery, A log table stores all the incidents containing usernames of sender and receiver and time of incident. Content of the incidents are stored in the archive.
In our MS Teams Management, A table stores all members, team names, channel names, member roles and team avatars. We also store credentials for one user called the Compliance Administrator, which has temporary ownership of all channels for the duration of an action (Move, Copy, etc.)
Cookie Policy:
How we use Cookies
We use cookies for a variety of reasons detailed below. In most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. We recommend that you leave on all cookies if you are not sure whether you need them or not, in case they are used to provide a service that you use.
Disabling Cookies
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Therefore, it is recommended that you do not disable cookies.
The Cookies we set
Login-related cookies: We use cookies when you are logged in so that we can remember the login status. This prevents you from having to log in every single time you visit a new page. These cookies are typically removed or cleared when you log out to ensure that you can only access restricted features and areas when logged in.
Third-Party Cookies
In some particular cases, we also use cookies provided by trusted third parties. The following section details which third-party cookies you might encounter through this site.
- Login related third-party cookies – e.g. Microsoft Azure SSO
How we Store Your Personal Data
We act appropriately to ensure that all personal data is kept secure. This includes security measures to prevent personal data from being accidentally lost, used, or accessed in an unauthorized way, for the duration of your use of our services.
We make use of AWS (Amazon). The security procedures and standards that they use are publicly available.
How Long Do We Keep Your Personal Data
The customer can manage this in the SphereShield Maintenance Service. The Default setting is 30 days.
After 30 days personal data will be removed.
This procedure applies to all our products except for eDiscovery.
Can we Access Your Personal Data?
AGAT doesn`t access personal data without the permission of the customer.
Does AGAT use Personal Data?
AGAT does not use personal data.
Does AGAT disclose Personal Data?
AGAT does not sell, disclose or share data we collect and hold from you to any third parties.
Security and Retention
We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of personal data. We maintain organizational, technical, and administrative measures designed to protect personal data within our organization against unauthorized access, destruction, loss, alteration, or misuse. If you have reason to believe that your interaction with us is no longer secure (for example, if you suspect that the security of your account has been compromised), please contact us immediately.
Changes to our Privacy Policy
We reserve the right to change this privacy policy at any time.
Contact Us
You can contact us at these following addresses
• Security and privacy concerns, please email sales@agatsoftware.com
• For Technical Support, please email support@agatsoftware.com
• For general information, please email sales@agatsoftware.com
• For questions and comments about this privacy policy, please email support@agatsoftware.com
Confidentiality
In connection with SphereShield and all AGAT products, the Receiving Party may be given or have access to certain confidential information of AGAT Software Development LTD or third parties (collectively, “Confidential Information”). Confidential Information is all information that AGAT Software Development LTD considers confidential or proprietary information of AGAT Software Development LTD or third-party sources, regardless of whether such information is marked as such by AGAT Software Development LTD. Confidential Information shall include, but is not limited to, information regarding the organization, operations, programs, activities, policies, procedures, practices, financial condition, trade secrets, membership lists, and standards of AGAT Software Development LTD, its members, or third parties. Confidential Information also shall include but is not limited to, unpublished or pre-release versions of AGAT Software Development LTD standards, white papers, and other documents and information, or internal use only or limited circulation documents and information.
The Receiving Party covenants and agrees not to disclose or permit to be disclosed any Confidential Information, and that the Receiving Party will not appropriate, photocopy, reproduce, or in any fashion replicate any Confidential Information without the prior written consent of AGAT Software Development LTD. The Receiving Party agrees that any disclosure of Confidential Information in violation of this Agreement shall cause immediate and substantial damage to AGAT Software Development LTD and to any parties that provided the Confidential Information to AGAT Software Development LTD. The Receiving Party agrees to use reasonable efforts to maintain the confidentiality of the Confidential Information and agrees not to use any Confidential Information for its own benefit or that of a third party unless authorized in advance in writing by AGAT Software Development LTD. Confidential Information shall not include information that enters the public domain through no fault of the Receiving Party or which the Receiving Party rightfully obtains from a third party without comparable restrictions on disclosure or use.
