We collect: contact email address, domain/URLs submitted for scanning, payment metadata (via Polar.sh — we do not store card data), and scan request parameters.
We do NOT collect: source code beyond the scan session, personal data of your users, or database contents.
To deliver the audit service. To communicate about the engagement. To improve detection accuracy (anonymized aggregate only). We do not sell data. We do not use data for advertising.
SQLite on operator’s local machine (Track A). Backup to encrypted cloud storage weekly. No third-party data processors beyond Polar.sh (payments) and email provider for delivery.
Per our published Data Retention Policy at pilum.io/legal/retention.
Access, correction, and deletion on request. Email: security@pilum.io. Response within 72 hours.
We use no tracking cookies. Analytics: none in Track A.
For all privacy-related inquiries: security@pilum.io