Legal

Privacy Policy

How Senter BV handles your data. Structured for GDPR, written for you.

Last updated: 13 May 2026

1. Who we are

Aegis is operated by Senter BV, incorporated in Belgium. Senter BV is the data controller for all personal data processed on the platform.

Questions: privacy@senter.be.

2. What we collect

We collect what the platform needs to work, and what is necessary to make the experience coherent across sessions. Nothing beyond that.

  • Wallet address. Your public address is your identity on Aegis. It links your session to your on-chain activity.
  • Email address. Provided when you join the waitlist or receive an invitation. Used for access management and service notices.
  • Privy authentication data. Session tokens, identifiers, and — where applicable — the embedded EOA created on your behalf. Privy manages key custody on your device.
  • Portfolio data. Holdings, balances, and transaction history fetched from public on-chain sources for your wallet.
  • PnL snapshots. Periodic computed views of your portfolio performance, retained server-side so we can show history without re-deriving it each time.
  • Aegis chat history. Your conversations with the Aegis agent, including prompts, responses, and the Orders proposed within them.
  • Usage and analytics data. Aggregated product telemetry — pages viewed, features used, approximate device information, error logs.

3. Legal basis for processing

We process personal data under the following Article 6 GDPR lawful bases:

  • Performance of a contract (Art. 6(1)(b)). To provide the Aegis platform once you accept our Terms.
  • Legitimate interests (Art. 6(1)(f)). To secure the platform, prevent abuse, and improve the product. Balanced against your rights and freedoms.
  • Consent (Art. 6(1)(a)). Where you give it — for optional analytics or marketing communications. Withdraw it any time.
  • Legal obligation (Art. 6(1)(c)). Where Belgian or EU law requires us to retain or disclose specific records.

4. How we use your data

  • Operate the platform and your private investment desk.
  • Authenticate you, maintain your session, and surface your portfolio state.
  • Compute and display analytics, risk views, and PnL across time.
  • Improve the Aegis agent — its reasoning, retrieval, and the quality of what it surfaces.
  • Detect abuse, secure the platform, protect other users.
  • Send service-related communications about access, downtime, and material changes.

We do not sell personal data. We do not share it with advertisers. Aegis chat history is not used to train third-party foundation models.

5. Retention

We do not keep data indefinitely. Each category has a reason and a limit.

  • Account and wallet linkage: for the lifetime of your account, plus up to 12 months after closure.
  • PnL snapshots and portfolio history: retained while your account is active, deleted on request within 30 days.
  • Aegis chat history: retained while your account is active. Delete individual conversations or all of them from your settings.
  • Waitlist email: retained until you are onboarded or until you ask us to remove it.
  • Logs and security data: typically up to 12 months.
  • Records required by law: for as long as the applicable Belgian or EU rule requires.

6. Third parties and processors

We use a small number of processors. Each is bound by a data processing agreement.

  • Privy. Authentication and embedded wallet infrastructure. Keys for embedded wallets are held on your device, not by Senter BV.
  • Cloud infrastructure providers. Hosting, storage, and observability for the Aegis backend, within the EEA where feasible.
  • Analytics providers. Product analytics in aggregated, pseudonymous form.
  • Base chain. Public Ethereum L2. Your on-chain activity is visible on the public ledger by design. We do not control what is recorded on-chain.

Where data leaves the EEA, we rely on Standard Contractual Clauses and complementary safeguards.

7. Your rights

Under Articles 15 to 22 GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Rectify data that is inaccurate or incomplete.
  • Request erasure, subject to legal retention obligations.
  • Restrict or object to specific processing activities.
  • Receive your data in a portable, machine-readable format.
  • Withdraw consent where processing relies on consent.

To exercise any of these rights, write to privacy@senter.be. We respond within one month.

On-chain transactions cannot be erased. We can remove the linkage between your wallet and your account on our systems — the public ledger is beyond anyone's reach, including ours.

8. Security

Aegis is self-custodial — we never hold your funds. The data we do hold is encrypted in transit and at rest, with hardened access controls and continuous monitoring. No system is invulnerable. If a breach affects you, we will notify you in line with Articles 33 and 34 GDPR.

9. Supervisory authority

You have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de Protection des Données), Rue de la Presse 35, 1000 Brussels.

10. Changes to this policy

This policy evolves as the platform does. Material changes go out in-product and by email. The date at the top tracks the current version.