Privacy Notice

This notice applies to:

• people who visit the public ShellAccess website;
• people who contact ShellAccess for access, demos, support, or product enquiries;
• platform users, tenant operators, and other portal users who sign into the service; and
• people whose personal data appears in audit logs, session records, or account administration.

• contact and enquiry data, such as your name, email address, organisation, and the contents of your message;
• account and identity data, such as email address, display name, tenant membership, role assignments, and identity-provider claims;
• tenant and device administration data, such as tenant names, subdomains, device names, access-group membership, and operational status;
• security and audit data, such as sign-in events, role changes, invite activity, session requests, IP-related security events, and administrative actions; and
• session data, including who connected, when they connected, which device they connected to, and whether the session was standard or private.

For standard sessions, ShellAccess may retain transcript metadata and transcript files according to the tenant's configured retention settings. For private sessions, ShellAccess retains session metadata but not the terminal payload content itself, because that payload is encrypted end to end between the Windows agent and the operator browser and is not available to the platform for transcript generation.

• to operate and secure the website and service;
• to authenticate users and enforce tenant, role, and device access controls;
• to provision accounts, invites, password resets, and onboarding flows;
• to keep audit trails and session history for security, support, and accountability;
• to respond to access requests, demos, and support enquiries; and
• to meet legal, security, and fraud-prevention obligations where required.

Depending on the context, ShellAccess currently relies on one or more of the following lawful bases:

• contract, where personal data is needed to provide the service requested by a customer or authorised user;
• legitimate interests, where data is needed to operate, secure, administer, and improve the service responsibly;
• legal obligation, where records must be kept or disclosed to comply with applicable law; and
• consent, where you choose to contact ShellAccess or provide information voluntarily in a context that depends on your choice.

ShellAccess does not sell personal data.

Personal data may be shared with:

• hosting and infrastructure providers used to run the service;
• customer-selected identity providers such as Microsoft Entra ID when federated sign-in is used;
• email or support tooling used to respond to enquiries or operate account workflows; and
• professional advisers or competent authorities where disclosure is legally required.

Subprocessor and hosting details will be published more explicitly before commercial production launch.

• public enquiries are kept for as long as needed to respond and manage follow-up;
• portal account, identity, and security data is kept for active service administration and reasonable security/audit needs afterwards;
• session metadata and transcript retention follow the tenant configuration and plan limits built into the service; and
• tenant archive and hard-delete workflows are designed to support full purge of tenant-scoped product data when a tenant is permanently deleted.

ShellAccess aims to keep processing and hosting arrangements clear and proportionate. If personal data is transferred outside the UK or EEA, ShellAccess will rely on appropriate safeguards and update this notice to explain the transfer mechanism used.

Depending on applicable law, you may have the right to request access, rectification, erasure, restriction, objection, or portability.

To exercise those rights or raise a privacy concern, contact hello@shellaccess.io. You may also complain to the UK Information Commissioner's Office if you believe your data has been handled unlawfully.