Privacy Policy

Last updated: March 9, 2026

1. Information We Collect

When you create a Proteus account or authenticate via a third-party identity provider, we collect:

• Email address and display name from your identity provider
• Cognito user identifiers (sub) used to discover connected Stratus applications
• Dashboard layout preferences and notification settings you configure

We do not collect or store passwords. Authentication is handled entirely by AWS Cognito.

2. How We Use Your Information

Your information is used to:

• Authenticate your identity and discover connected Stratus applications
• Render your personalized dashboard with widgets from connected apps
• Aggregate notifications from connected applications
• Improve the Proteus service through anonymized usage analytics

3. Data Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. Your identity attributes are used solely to query Stratus application registries and mint ephemeral per-app tokens.

4. Data Transit & Storage

No application data transits through Proteus servers. Widgets render from their source application domains and communicate only display metadata via postMessage. All cross-app tokens are ephemeral with a 15-minute TTL and scoped to minimum required permissions.

5. Security

We employ industry-standard security measures including TLS encryption in transit, encrypted storage at rest, and regular security audits. Pool discovery is read-only — Proteus cannot modify user records in connected application pools.

6. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us. You may disconnect any connected application from your Proteus dashboard at any time.

7. Contact

For privacy-related inquiries, please contact us at privacy@proteus.app.