Privacy Policy

Effective Date: March 31, 2026  |  Last Updated: April 12, 2026

Sn1perSecurity LLC ("Sn1perSecurity," "we," "us," or "our") operates the SILENTCHAIN AI website at silentchain.ai and related products and services (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Services.

1. Information We Collect

1.1 Information You Provide

• Account & Contact Information: Name, email address, and company name when you sign up for a waitlist, create an account, purchase a license, or contact support.
• Payment Information: Billing address and payment details processed through our third-party payment processor. We do not store full credit card numbers on our servers.
• Communications: Any information you include in emails, support requests, or feedback you send us.

1.2 Information Collected Automatically

• Usage Data: Pages visited, features used, referral URLs, browser type, operating system, and access timestamps.
• Device Information: IP address, device type, screen resolution, and language preferences.
• Cookies & Similar Technologies: We use essential cookies for site functionality and optional analytics cookies (see Section 5).

1.3 Information We Do NOT Collect from Sn1perSecurity Servers

• Scan Data: SILENTCHAIN software runs locally on your machine. Sn1perSecurity does not receive, transmit, or store any target URLs, HTTP traffic, vulnerability findings, or scan results on our servers.
• Source Code: SILENTCHAIN SOURCE analyzes code locally. Sn1perSecurity never accesses, collects, or stores your source code on our servers.

1.4 AI Provider Data Transmission (Important)

This section describes how your data may be transmitted to third-party AI providers when you use SILENTCHAIN products.

SILENTCHAIN products use AI providers to analyze HTTP traffic, source code, and generate vulnerability findings. When you configure a cloud-based AI provider, portions of your scan data are transmitted to that provider's API for analysis. The specific data transmitted depends on the scan type and provider:

• SILENTCHAIN Enterprise / Pro / Community (HTTP scanning): HTTP request and response content (URLs, headers, parameters, body content), vulnerability finding metadata (severity, CWE, parameter names), and Phase 2 active verification payloads may be sent to your configured AI provider.
• SILENTCHAIN SOURCE (static code analysis): Source code snippets, file paths, function signatures, data-flow analysis, and vulnerability context may be sent to your configured AI provider.

Supported AI providers and their data handling:

• Ollama (local): All AI processing occurs entirely on your machine. No data leaves your infrastructure. This is the only provider that keeps all data fully local.
• OpenAI: Data is transmitted to OpenAI's API servers. Subject to OpenAI's Privacy Policy and API Data Usage Policy.
• Anthropic (Claude API): Data is transmitted to Anthropic's API servers. Subject to Anthropic's Privacy Policy.
• Google (Gemini): Data is transmitted to Google's API servers. Subject to Google's Gemini API Terms.
• OpenRouter / Other providers: Data is transmitted to the respective provider's API. Refer to that provider's privacy policy.

Sn1perSecurity does not control how third-party AI providers process, store, or retain data sent to their APIs. If your scan targets contain sensitive information (personally identifiable information, protected health information, customer data, credentials, or proprietary business data), you are responsible for:

• Evaluating whether transmitting that data to a third-party AI provider complies with your organization's data protection policies and applicable regulations (including GDPR, CCPA, HIPAA, and contractual obligations).
• Reviewing and accepting the third-party AI provider's terms of service and data processing agreements.
• Configuring Ollama as your AI provider if data must not leave your infrastructure.

1.5 License Validation and Telemetry

SILENTCHAIN Pro, Enterprise, and Sn1per Pro/Enterprise editions require license activation and periodic validation. The following data is transmitted to Sn1perSecurity servers during license operations:

• License Activation: License key, machine fingerprint (a SHA-256 hash derived from hardware identifiers), software version, build ID, operating system, and hostname.
• Periodic Heartbeat: License token, machine fingerprint, software version, and aggregated usage metrics including: workspace count, host count, scan count, disk usage, and scan mode. Heartbeats occur approximately every 4 hours while the software is running.
• IP Address: Your IP address is recorded with each license validation request as a standard part of server-side logging.

What we do NOT collect via telemetry: Target URLs, scan results, vulnerability findings, HTTP traffic, source code, file contents, or any data about what you scan. Telemetry is limited to aggregate usage counts and license validity checks.

License data is stored encrypted locally on your machine. A 72-hour grace period allows offline operation if our license server is unreachable.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our Services
• Process transactions and send related information (purchase confirmations, license keys, invoices)
• Respond to your comments, questions, and support requests
• Send product updates, security advisories, and marketing communications (with your consent)
• Monitor and analyze usage trends to improve our Services
• Detect, prevent, and address technical issues or fraudulent activity
• Comply with legal obligations

3. Legal Bases for Processing (GDPR)

If you are in the European Economic Area (EEA) or United Kingdom, our legal bases for processing your personal data include:

• Contract Performance: To fulfill our contractual obligations when you purchase a license or use our Services.
• Legitimate Interests: To operate, improve, and secure our Services, and to communicate with you about relevant updates.
• Consent: Where you have given explicit consent, such as opting in to marketing emails.
• Legal Obligation: To comply with applicable laws and regulations.

4. How We Share Your Information

We do not sell your personal information. We may share information with:

• Service Providers: Third-party companies that perform services on our behalf (payment processing, email delivery, analytics). These providers are contractually obligated to protect your data.
• Legal Requirements: When required by law, subpoena, or legal process, or to protect the rights, property, or safety of Sn1perSecurity, our users, or the public.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Cookies & Tracking Technologies

Our website uses:

• Essential Cookies: Required for basic site functionality (e.g., navigation, security). Cannot be disabled.
• Analytics Cookies: Help us understand how visitors interact with our website. You can opt out via your browser settings or our cookie preferences (where available).

We do not use third-party advertising cookies or cross-site tracking pixels.

6. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer needed, it is securely deleted or anonymized.

7. Data Security

We implement industry-standard technical and organizational measures to protect your personal information, including encryption in transit (TLS), access controls, and regular security assessments. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

8.1 All Users

You may at any time:

• Request access to the personal information we hold about you
• Request correction of inaccurate data
• Request deletion of your personal data
• Opt out of marketing emails by clicking "unsubscribe" or contacting us

8.2 EEA/UK Residents (GDPR)

In addition to the above, you have the right to:

• Restrict or object to processing of your personal data
• Request data portability (receive your data in a structured, machine-readable format)
• Withdraw consent at any time (without affecting prior processing)
• Lodge a complaint with your local data protection authority

8.3 California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and disclose
• Request deletion of your personal information
• Opt out of the sale or sharing of your personal information (we do not sell personal information)
• Non-discrimination for exercising your privacy rights

To exercise any of these rights, contact us at privacy@silentchain.ai. We will respond within 30 days (or as required by applicable law).

9. International Data Transfers

Your information may be transferred to and processed in the United States or other jurisdictions where our service providers operate. When we transfer data outside the EEA/UK, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) as required by applicable law.

10. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we learn we have collected personal information from a child under 16, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@silentchain.ai.

11. Third-Party Links

Our website may contain links to third-party sites (e.g., GitHub, YouTube). We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies before providing personal information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last Updated" date. Your continued use of our Services after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Sn1perSecurity LLC
Email: privacy@silentchain.ai
Website: silentchain.ai