Privacy & Civil Liberties.
Atlas and Argus are deployed into environments where privacy and civil-liberties considerations are foundational rather than incidental. This policy describes the platform-level controls we apply by design, the obligations we require of operators, and the channels available to raise a concern. It is distinct from our Privacy Notice (marketing site) and our Human Rights Policy (engagement filter).
1. Scope
This policy applies to Atlas and Argus platform deployments operated by Seifert Dynamics customers. It is provided in addition to — not in place of — the customer's own privacy and civil-liberties commitments to the people whose data the customer processes.
2. Architectural Safeguards
Tenant isolation. Each deployment runs inside the customer's boundary with no shared data plane and no platform-side telemetry that exfiltrates tenant state. Inter-tenant analytics are architecturally impossible.
Access control. Three-tier role-based access control with time-bound elevation, per-action approval workflows for sensitive operations, and immutable audit logs that capture identity, action, target, and justification.
Argus replay scope. Mission reconstruction is bounded by the same RBAC as live access. A reviewer cannot replay records they could not view live. Replay sessions themselves are logged.
Data minimization. The platform supports minimization at ingest — field-level redaction, configurable retention windows, and automatic purge of fields the customer designates as non-retained. Customers configure these at standup.
Cryptographic key custody. Encryption keys for at-rest data may be held by the customer (or in customer-controlled HSM) so that Seifert Dynamics cannot access content.
3. Operator (Customer) Obligations
Operators are obligated, under their deployment agreement and applicable law, to: (i) establish a lawful basis for each category of processing; (ii) apply minimization, proportionality, and purpose-limitation; (iii) provide notices and rights to data subjects as required; (iv) maintain records of processing activity; (v) appoint a privacy or civil-liberties officer accountable for the deployment.
The platform supports these obligations through audit, RBAC, and minimization controls but does not relieve the operator of them.
4. Sector-Specific Frameworks
Where a deployment falls under a specific framework — for example CJIS (criminal-justice information), HIPAA (protected health information), FERPA (education records), GDPR/UK GDPR (EU/UK personal data), or national-security oversight regimes — the deployment configuration is reviewed jointly at standup against the framework's requirements.
We will not deploy into a regulated environment without confirmation that the customer's lawful basis and oversight structure are in place.
5. Government-Access Requests
Because customer data does not leave the customer boundary, government requests for that data should be directed to the customer, not to Seifert Dynamics. We will not voluntarily produce customer data in response to a request directed at Seifert Dynamics.
Where a request is directed at Seifert Dynamics infrastructure (the marketing site, our corporate accounts), we follow our Privacy Notice §5 disclosure principles — challenge overbroad requests where permitted, notify the affected person where lawful, scope production to what is legally required.
6. Salient Risk Areas
Risks we monitor most closely: surveillance scope creep within a deployment; secondary use of platform data outside the original purpose; chilling effects on legal speech or association; and disparate impact on protected populations.
Each is addressed through a combination of platform safeguards (above) and contractual commitments captured in the deployment agreement.
7. Public Reporting
We do not currently publish an aggregate transparency report — our deployment base is small enough that a meaningful report would risk customer confidentiality. Where a deployment has produced a public privacy or civil-liberties finding, we will, with the customer's consent and within the bounds of the deployment agreement, contribute to the public record.
8. Grievance Channel
Concerns about how a specific deployment is using the platform should first be raised to the customer who operates it. Concerns about Seifert Dynamics itself: ethics@seifertdynamics.com. We acknowledge within one business day. Anonymous reports are accepted; we do not retaliate.
9. Review
This policy is reviewed annually and updated when material facts change.
Last updated: 2026.