Security & Privacy
We treat security as a first-class feature. Our architecture is designed to minimize attack surface and protect customer credentials.
No Raw API Keys Stored
We never store your raw API keys. When you generate a key, we immediately hash it using SHA-256 before saving it to our database. This means even if our database were compromised, your original key would remain secure. You see the key once upon creation, and we can never recover it for you.
Minimal Data Retention
We only store the content of the public web pages you ask us to monitor. We do not store any customer PII or sensitive internal data beyond your account email and hashed credentials.
Strict Auditability
Every change detection event is logged with a unique ID and a cryptographic hash of the content before and after the change. This provides an immutable audit trail for legal compliance verification.
No AI Training Data
Because our system is deterministic and rule-based, we do not use your monitored content to train any AI models. Your data remains strictly isolated to your account context.