Sub-processors, uptime, data residency, DPA, and compliance posture — all in one place.
We target 99.5% monthly uptime. Planned maintenance is announced via email 24 hours in advance.
Hosted on Railway (US region). Database is SQLite with WAL mode and automatic platform-level backups.
Incidents are communicated via email to affected accounts and posted to the status page. No SLA exists on the current plans — contact us for Enterprise SLA terms.
These are the third-party services Argus Intel uses to deliver the product. We vet each for their own security posture and data handling practices.
| Processor | Purpose | Data processed | Location |
|---|---|---|---|
| Railway railway.app |
Application hosting & database | All application data (signals, accounts, briefs) | US |
| Stripe stripe.com |
Payment processing & billing | Payment method, billing email, subscription status | US / EU |
| Anthropic anthropic.com |
AI signal scoring & analysis (Claude API) | Signal text, company names, context for analysis prompts | US |
| Resend resend.com |
Transactional email delivery | Email address, signal alert content, brief content | US |
| GitHub (public API) | Source of GitHub intelligence signals | Public repo data only — no user credentials | US |
| SimilarWeb (public API) | Traffic intelligence estimates | Domain name only — no user data | US / EU |
All data is stored in the United States on Railway's infrastructure. We do not currently offer EU or other regional data residency. Contact us if this is a requirement.
Signal history is scoped by plan (7 days trial, 30 days starter, 90 days pro, unlimited enterprise). Account and billing data is retained as required by law after deletion.
Email hello@argusintel.net to request full deletion of your account, companies, signals, briefs, and battlecards. We process deletion requests within 5 business days.
Pro and Enterprise users can export all signals as CSV via the dashboard or API. Brief and battlecard content can be exported as plain text. Full data export on request.
Signal data sent to Anthropic's Claude API is not used to train models, per Anthropic's API usage policy. We do not use your data to train any models ourselves.
Argus monitors publicly accessible sources only. No private databases, no unauthorized access. All OSINT sources are themselves publicly available.
| Standard | Status | Notes |
|---|---|---|
| SOC 2 Type II | Planned | Not yet certified. Security controls are in place; formal audit planned as enterprise customer base grows. |
| GDPR | Partial | Privacy policy covers GDPR-relevant rights (access, deletion, portability). DPA available on request for EU customers. |
| CCPA | Covered | We do not sell personal data. Privacy policy covers CCPA rights. |
| HIPAA | N/A | Argus does not process protected health information. |
A Data Processing Agreement (DPA) is available for Enterprise plan customers and any organization that requires one for GDPR or contractual compliance. Email hello@argusintel.net with subject "DPA Request" and we'll send you our standard DPA within 2 business days. Custom DPA terms can be negotiated for Enterprise contracts.
Email hello@argusintel.net — we respond within 48 hours and coordinate fixes before disclosure.
Data access, deletion, and portability requests: email hello@argusintel.net. Processed within 5 business days.
DPA, custom data residency, security questionnaires, or pen test reports: email hello@argusintel.net with your requirements.