Security & Transparency

A clear, database-backed view of what we store, why we store it, and how we protect it.

Your Dashboard

Why Login is Required

Authentication protects your data and unlocks account features

Account Security

Authentication protects your workspace and enforces role-based access across features like scripts, devices, and support tools.

Script Workspace

Your scripts, descriptions, tags, and visibility settings live in your private workspace and require login to manage.

Devices & Licenses

Devices, licenses, and provisioning status are tied to your account so you can manage hardware and digital access securely.

Webhooks & Tracking

Webhooks and their payloads are stored per account so only you can view or rotate them.

Support Tickets

Support tickets and replies are private records linked to your account so we can help without exposing your data.

Notifications

Security alerts, product updates, and ticket replies are delivered only to authenticated users.

Community Interactions

Script reviews, ratings, and message interactions require authentication to prevent abuse and keep feedback trustworthy.

Abuse Prevention

Cooldowns and infractions protect the platform from spam and misuse while keeping audit trails scoped to accounts.

No login, no private workspace

Without authentication, we could not provide private storage, device tracking, or personalized tools. Login is about protecting your workspace, not tracking you.

Full Transparency

What Data We Store

Mapped directly to the ZeroTrace database schema

Account & Auth

UsernameRequired

Primary account identifier

Password hashRequired

Authentication

RoleRequired

Access control

TOTP secret (optional)

Two-factor authentication

Sessions

Session keyRequired

Keep you signed in

Session expiryRequired

Automatic logout

Licenses

License keyRequired

Validate access

License expiryRequired

Subscription validity

Devices

Device type and statusRequired

Provision and manage devices

Device name (optional)

Human-friendly labeling

Shipping metadata (optional)

Physical fulfillment

Ghost mode flags/keys (optional)

Device feature support

Scripts & Interactions

Script content and metadata

Store your work

Visibility and tags

Discovery controls

Ratings and messages

Community feedback

Downloads and vote counts

Usage signals

Messaging & Support

Messages and replies

Direct communication

Tickets and ticket messagesRequired

Support workflows

Role labelsRequired

Context for conversations

Notifications

Notification title/bodyRequired

Important updates

Read statusRequired

Track what you have seen

Webhooks

Webhook API IDsRequired

Integrations

Webhook payloads

Show tracking output

Governance

Infractions and reasonsRequired

Policy enforcement

Cooldown actionsRequired

Rate limiting and abuse prevention

Expiry timestamps

Automatic cleanup

Product & Updates

Product catalogRequired

Store listings

Announcements and changelogRequired

Transparency updates

Program versionsRequired

Version tracking

Privacy Guardrails

What We Do Not Store in the Core Account Database

Limits designed to reduce risk and protect user privacy

No Browsing History

There is no place in the core account database for browsing history or visited URLs.

Not stored

No Keystroke Logging

We do not store keystrokes or raw input streams in the account database.

Not stored

No Full Postal Addresses

Shipping records store limited metadata like country and courier, not full addresses.

Not stored

No Third-Party Ad Profiles

We do not store advertising IDs, trackers, or behavioral profiles in your account records.

Not stored

No Hidden Device Telemetry

We store device status and identifiers, not continuous sensor or background telemetry.

Not stored

No External Target Data

Data about your security testing targets is not stored in the account database.

Not stored

Data Lifecycle

Built-In Expiry & Auditability

Fields like ExpiresAt and timestamps define how long data persists

Expiring Sessions

Sessions include explicit expiry timestamps to limit how long tokens remain valid.

Time-Bound Governance

Infractions and cooldowns include expiry fields so restrictions can automatically lift.

Auditable Timestamps

Most tables include CreatedAt and UpdatedAt to support auditability and change tracking.

License Windows

Licenses track expiration dates so access is granted only for valid periods.

How We Protect You

Security Measures

Controls designed to reduce risk and protect sensitive data

Authentication Hardening

Passwords are stored as non-reversible hashes and can be protected with optional TOTP.

Secure Infrastructure

Dedicated servers, hardened configs, and regular OS updates protect service boundaries.

Database Controls

Strict access controls and audited schema changes limit who can reach sensitive data.

Least-Privilege Access

Role-based permissions reduce blast radius and keep user data isolated.

Secure Development

We apply secure-by-default coding practices and review sensitive changes before release.

Session Safety

Session expiry and rotation reduce exposure if a token is ever compromised.

Transparency

Public Accountability

We document changes, audits, and policy updates in public-facing records

Announcements & Changelog

Major changes, fixes, and policy updates are posted for a clear public record.

Independent Audits

When we commission third-party audits, we publish summaries and link the full reports.

Incident Disclosure

If user data is at risk, we disclose what happened and what we changed to fix it.

Data Minimization

We follow a privacy-first approach inspired by leaders like Mullvad: collect only what we need.