Data Privacy & Security Statement
APOLLO™ Data Auditor
What APOLLO™ Data Auditor Is
APOLLO™ Data Auditor is a native compiled Rust binary, installed on your infrastructure (Windows or Linux). It scans files, databases, and cloud storage to measure your GDPR/CCPA financial exposure — without ever exfiltrating your data.
Core Principles
| Principle | Status |
|---|---|
| Read-only | APOLLO does not modify, write, or delete any data |
| Zero data exfiltration | No PII value ever leaves your infrastructure |
| Local execution | The binary runs on your machine or your servers |
| Metadata only | Only counters transit (e.g. "156 IBAN detected") |
| Zero cloud persistence | No PII data is stored on the cloud side |
What APOLLO Scans — and How
Local Files & Network Shares
- APOLLO reads files to detect PII patterns (44 types).
- It does not copy, download, or cache any file content outside your local environment.
- Analysis results are processed in memory.
Databases (MySQL, PostgreSQL, MongoDB, SQL Server)
- APOLLO connects with the credentials you provide at runtime.
- It issues only SELECT queries — no INSERT, UPDATE, DELETE, or DDL.
- Schema inspection uses read-only system views (
information_schema).
Cloud (OneDrive, SharePoint) & Active Directory / LDAP
- APOLLO uses read-only scopes for cloud connections.
- API tokens are used in-session only, never written to disk by the binary.
What Leaves Your Infrastructure
Only aggregated counters and metadata.
The binary sends to the APOLLO cloud only:
- Counters (e.g. "156 IBAN detected in MySQL source")
- Metadata (PII type, source, volume)
- Never the PII values themselves
These metadata are used server-side to compute financial exposure scores (GDPR/CCPA), risk matrices, and the action plan. Zero data persistence on the cloud side: no metadata is retained after report generation.
All communications between the binary and the Cloud Hub are encrypted via TLS 1.3.
Security Architecture
Your infrastructure APOLLO Cloud
───────────────────────────────────── ──────────────────────────
Rust binary (pure collector) → Counters + metadata
├── Local file scan (never PII values)
├── DB connections (SELECT only) → Scoring & exposure calc
└── Cloud connections (read-only) → Report generation
Zero data persistence
How to Verify Yourself
We encourage you to audit the binary and network traffic:
# Verify outgoing network connections during a scan netstat -an | grep ESTABLISHED # Verify no PII data is written to disk during the scan lsof -p <pid_apollo> | grep REG
No outgoing connections to third parties (analytics, telemetry, advertising) are initiated by the binary.
Beta Tester Notice
Responsible Disclosure
If you identify a security or privacy issue, please report it privately before any public disclosure:
contact@aiia-tech.com
Subject: [SECURITY] APOLLO Data Auditor — <short description>
We commit to acknowledging within 48h and resolving confirmed issues within 30 days.
Legal Basis
This document is provided as a transparency commitment to users. It does not constitute a formal DPA (Data Processing Agreement). Enterprise customers requiring a DPA should contact contact@aiia-tech.com.
APOLLO™ Data Auditor is governed by the Business Source License 1.1 and French law.
Last updated: 2026 — Gilles Gabriel / aiia-tech.com