Privacy Policy

Last Updated: April 11, 2026 Effective Date: April 11, 2026

Last Updated: April 11, 2026 Effective Date: April 11, 2026

Shielda Security, Inc. ("Shielda," "we," "us," or "our") operates the Shielda platform, including the control-plane SaaS application, self-hosted agent, CLI tools, IDE extensions, and MCP server (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

---

Information We Collect

1.1 Account Information When you create an account, we collect: Email address — for authentication, notifications, and support Name — for display within the platform and team collaboration Organization name and slug — for multi-tenant workspace identification Profile picture URL — sourced from your identity provider (Auth0)

1.2 Authentication Data We use Auth0 (Okta, Inc.) as our identity provider. Auth0 processes: OAuth tokens (session-based for dashboard, Bearer tokens for API/agent) Login timestamps, IP addresses, and user-agent strings Multi-factor authentication enrollment data

We do not store passwords. Authentication is delegated entirely to Auth0.

1.3 Billing Information We use Stripe, Inc. as our payment processor. Stripe collects and processes: Credit/debit card details (we never see or store full card numbers) Billing address Payment history and invoice records

We store only: Stripe Customer ID, Subscription ID, plan tier (Starter/Pro/Business/Enterprise), credit balance, and usage records.

1.4 Security Scan Data The Shielda Agent runs in your environment (Docker container on your infrastructure). It processes: Infrastructure configuration and endpoint metadata (hostnames, IPs, ports, OS versions) Vulnerability scan results (CVE identifiers, severity scores, affected packages) Compliance evaluation results (SOC 2, ISO 27001, HIPAA, GDPR, PCI-DSS, NIS2) Service inventory and technology stack detection Security findings with remediation recommendations

Data residency: Scan results are transmitted to the Shielda control-plane hosted on AWS (us-east-1 by default) and stored in our PostgreSQL database. The agent itself runs entirely within your environment.

1.5 Usage and Telemetry Data We collect: Feature usage metrics (pages visited, actions taken, scans triggered) API request counts per endpoint (for rate limiting and billing) Error reports and performance metrics (via Sentry) Agent heartbeat data (connectivity, version, scan status)

1.6 Audit Logs We maintain comprehensive audit logs of all administrative actions, including: User login/logout events Configuration changes Access grant creation, approval, and revocation Scan initiation and completion Data export events

Audit logs are retained for 2 years.

---

How We Use Your Information

We use collected information for:

Purpose Legal Basis (GDPR) Providing and operating the Service Performance of contract (Art. 6(1)(b)) Authentication and access control Performance of contract Billing and subscription management Performance of contract Security vulnerability scanning and reporting Performance of contract Compliance evaluation and documentation Performance of contract Error monitoring and service reliability Legitimate interest (Art. 6(1)(f)) Usage analytics to improve the product Legitimate interest Sending service notifications (alerts, billing) Performance of contract Responding to support requests Performance of contract Legal compliance and fraud prevention Legal obligation (Art. 6(1)(c))

We do not use your data for advertising, sell it to third parties, or train AI models on your security data.

---

Third-Party Service Providers

We share data with the following sub-processors, strictly for operating the Service:

Provider Purpose Data Shared Location AWS (Amazon Web Services) Infrastructure hosting, database (RDS), object storage (S3) All service data US (us-east-1), configurable Auth0 (Okta, Inc.) Authentication and identity management Email, name, login events US Stripe, Inc. Payment processing and billing Billing details, subscription data US Sentry (Functional Software, Inc.) Error tracking and performance monitoring Error stack traces, request metadata US Grafana Labs Observability dashboards (self-hosted via Grafana + Loki + Alloy) Metrics and logs (hosted on our infrastructure) Self-hosted

We do not share your security scan findings, vulnerability data, or compliance evaluations with any third party.

---

Data Retention

Data Type Retention Period Account information Duration of account + 30 days after deletion Security findings and scan results Duration of account (user-deletable) Audit logs 2 years Billing records 7 years (tax/legal compliance) Error reports (Sentry) 90 days Agent heartbeat data 90 days Session tokens Until expiry or logout

When an organization is deleted, all associated data is removed via cascading deletion across all 81 database tables within 30 days. Backups containing deleted data are overwritten within 35 days.

---

Data Security

We implement the following security measures:

Encryption in transit: TLS 1.2+ for all communications (HTTPS, WebSocket, gRPC) Encryption at rest: AES-256 encryption for database storage (AWS RDS), S3 server-side encryption Secret management: API keys and tokens are hashed (SHA-256) before storage; sensitive configuration values are encrypted with AES-GCM Access control: Role-based access control (RBAC) with three platform roles; organization-scoped data isolation; row-level tenant isolation Rate limiting: Redis-backed rate limiting on all API endpoints (4-layer: global, per-IP, per-user, per-endpoint) Input validation: Zod schema validation on all API inputs; parameterized SQL queries (Drizzle ORM); LIKE wildcard escaping Monitoring: Real-time alerting for anomalous activity, error rate spikes, and authentication failures Infrastructure: VPC isolation, security groups, private subnets for database, network policies for Kubernetes deployments

---

Your Rights

6.1 GDPR Rights (EEA/UK Residents) Under the General Data Protection Regulation, you have the right to: Access — Request a copy of your personal data Rectification — Correct inaccurate personal data Erasure — Request deletion of your personal data ("right to be forgotten") Restriction — Restrict processing of your personal data Data portability — Receive your data in a structured, machine-readable format Object — Object to processing based on legitimate interests Withdraw consent — Where processing is based on consent

6.2 CCPA Rights (California Residents) Under the California Consumer Privacy Act, you have the right to: Know what personal information we collect, use, and disclose Delete your personal information Opt-out of the sale of personal information (we do not sell personal information) Non-discrimination for exercising your privacy rights

6.3 Exercising Your Rights To exercise any of these rights: Self-service: Delete your organization and data from Dashboard → Settings → Danger Zone Email: Send a request to privacy@shielda.dev Response time: We will respond within 30 days (GDPR) or 45 days (CCPA)

---

International Data Transfers

If you are located outside the United States, your data will be transferred to and processed in the US. We rely on: Standard Contractual Clauses (SCCs) for transfers from the EEA/UK to the US Data Processing Agreements with all sub-processors AWS Region selection — Enterprise customers may select their preferred AWS region