Privacy Policy

This Privacy Policy describes how Shield (“we,” “us,” or “our”), collects, uses, stores, shares, and protects personal information when you use the Shield platform, APIs, website, and related services (collectively, the “Service”). This Privacy Policy applies to all users of the Service, including account holders, team members, and visitors to getshield.dev.

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, you should not use the Service.

1. Information We Collect

We collect the following categories of information in connection with your use of the Service:

1.1 Account Information

When you create an account, we collect your email address for authentication and account management. If you use single sign-on (SSO) through a third-party identity provider, we receive your name and email address from that provider. If your organization provides a contact email address in account settings, we store that as well.

1.2 Billing Information

If you subscribe to a paid plan, payment information (such as credit card numbers and billing addresses) is collected and processed directly by our third-party payment processor, Stripe. Shield does not store your full credit card number or payment credentials on its own servers. We retain only a Stripe customer identifier and subscription identifier for billing management purposes.

1.3 Customer Data (Event and Session Data)

When you use the Shield API, you submit event data, session data, participant information, and associated metadata (“Customer Data”). Customer Data may include information about your end users or business transactions that you choose to record in the audit trail. Shield processes Customer Data solely to provide the Service and does not use Customer Data for any other purpose.

1.4 API Usage and Log Data

We automatically collect technical information related to your use of the Service, including API request logs (endpoint, timestamp, response status, and request size), IP addresses, rate limit usage, and error logs. This data is used for service delivery, plan enforcement, security monitoring, and debugging purposes.

1.5 Browser and Device Information

When you access the Shield Dashboard through a web browser, we collect limited technical information necessary for session management, including browser type, operating system, and session identifiers stored in cookies as described in Section 8 of this policy.

2. How We Use Your Data

We use the information we collect for the following purposes:

• Authentication and access control: To verify your identity, manage sessions, and control access to your account and API keys
• Service delivery: To process API requests, maintain hash chains, generate timestamps, produce audit exports, and deliver all core functionality of the Service
• Plan enforcement: To enforce event volume limits, data retention periods, feature availability, and rate limits applicable to your subscription plan
• Billing and payments: To process subscription payments, manage plan upgrades and downgrades, and communicate billing-related notices
• Security and abuse prevention: To detect, investigate, and prevent unauthorized access, fraud, and other malicious activity
• Service communications: To send transactional emails related to your account, such as authentication codes, plan change confirmations, and service notices
• Service improvement: To analyze aggregated, de-identified usage patterns for the purpose of improving the reliability, performance, and features of the Service

Shield does not use Customer Data for advertising, profiling, automated decision-making, or any purpose unrelated to the delivery of the Service.

3. Data Storage and Security

Shield employs industry-standard technical and organizational security measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption at rest: Personally identifiable information (PII) is encrypted at rest using AES-256-GCM encryption
• Encryption in transit: All data transmitted between your systems and Shield is encrypted using TLS 1.2 or higher
• API key security: API keys are hashed using SHA-256 before storage and are never stored in plaintext. Lost API keys cannot be recovered and must be regenerated
• Data isolation: Personally identifiable information is stored separately from event data to ensure architectural isolation between PII and audit trail records
• Hash chain integrity: Event data is protected by an unbroken SHA-256 hash chain, making retroactive modification of audit records cryptographically detectable

Shield's infrastructure is hosted on third-party cloud providers that maintain SOC 2 Type II compliance, among other industry certifications. Shield itself does not currently hold an independent SOC 2 certification. We rely on the security controls, physical safeguards, and compliance certifications of our infrastructure providers as a foundational layer of our security posture.

While Shield implements robust security measures, no method of electronic transmission or storage is completely secure. Shield cannot guarantee absolute security of your data.

4. Data Retention

Customer Data, including event data, session records, and associated metadata, is retained in accordance with the retention period specified by your subscription plan:

• Free: 1 month
• Starter: 6 months
• Pro: 5 years
• Business: Permanent
• Enterprise: Unlimited (or as specified in your Enterprise Agreement)

If you upgrade your subscription plan, the retention period of existing active events will be extended to match the retention period of the new plan.

If you downgrade your subscription plan, the retention period applicable to events created prior to the downgrade will remain unchanged. Only events created after the downgrade will be subject to the retention period of the new plan.

Upon expiration of the applicable retention period, event payload data is permanently deleted. However, cryptographic anchors (SHA-256 root hashes and RFC 3161 timestamps) are retained permanently to allow verification that a session existed and was sealed, without exposing the underlying content.

Account information (email address and organization settings) is retained for the duration of your account. Upon account termination, a thirty (30) day data export window is provided, after which all data is permanently deleted. API usage logs and security logs are retained for up to ninety (90) days for security, debugging, and compliance purposes.

5. Personally Identifiable Information (PII) Handling

Shield provides a dedicated PII management system that allows customers to store personally identifiable information separately from event and audit trail data. This architectural design ensures that:

• PII is encrypted at rest using AES-256-GCM with keys managed through Shield's key management infrastructure
• PII records are stored in an isolated data store, separate from event payloads and hash chain data
• PII can be independently deleted or anonymized without affecting the integrity of the underlying audit trail or hash chain
• API keys are hashed using SHA-256 before storage and are never stored or logged in plaintext

Customers may use the Shield API to create, retrieve, and delete PII records associated with their organization. Shield processes PII solely as a data processor on behalf of the customer (the data controller). Customers are responsible for ensuring that they have obtained all necessary consents and legal bases for any personal data submitted to Shield.

6. Your Rights Under the GDPR (European Economic Area)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR) and applicable local data protection laws:

• Right of Access: You have the right to request a copy of the personal data we hold about you
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you
• Right to Erasure: You have the right to request that we delete your personal data, subject to certain legal exceptions
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller
• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances
• Right to Object: You have the right to object to the processing of your personal data where we rely on legitimate interests as a legal basis

Shield processes personal data on the following legal bases: (a) performance of a contract (to provide the Service), (b) legitimate interests (for security, fraud prevention, and service improvement), and (c) compliance with legal obligations. We do not process personal data based on consent alone for core Service functionality.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within thirty (30) days, as required by applicable law. You also have the right to lodge a complaint with your local data protection supervisory authority.

7. Your Rights Under the CCPA (California)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information was collected, the business purpose for collecting the information, and the categories of third parties with whom we share the information
• Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain legal exceptions
• Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you
• Right to Opt-Out of Sale or Sharing: Shield does not sell personal information to third parties. Shield does not share personal information with third parties for cross-context behavioral advertising purposes. Because Shield does not engage in these practices, there is no need to opt out, but we honor any opt-out requests received
• Right to Non-Discrimination: Shield will not discriminate against you for exercising any of your CCPA rights

To exercise any of these rights, please contact us at [email protected]. We will verify your identity before processing your request and will respond within forty-five (45) days, as required by the CCPA.

In the preceding twelve (12) months, Shield has collected the following categories of personal information: identifiers (email addresses), internet or other electronic network activity information (API usage logs, IP addresses), and professional or employment-related information (organization name). Shield has not sold any personal information.

8. Cookies

Shield uses a single, strictly necessary cookie for authentication and session management:

Shield does not use tracking cookies, analytics cookies, advertising cookies, or any third-party cookies. Shield does not use web beacons, pixel tags, or similar tracking technologies. No consent banner is required because the single cookie used is strictly necessary for the Service to function, which is exempt under the EU ePrivacy Directive (Article 5(3)) and similar regulations.

9. Third-Party Services

Shield integrates with the following third-party services to deliver the Service. Each third-party service has its own privacy policy governing its handling of data:

• Resend— Transactional email delivery. Resend processes your email address to deliver authentication codes, account notifications, and service communications on Shield's behalf. Resend Privacy Policy
• Stripe — Billing and payment processing. Stripe processes your payment information directly. Shield receives only a customer identifier and subscription status from Stripe. Stripe Privacy Policy
• WorkOS — Single sign-on (SSO) and SAML authentication for Business and Enterprise plan customers. WorkOS processes your name, email address, and identity provider metadata to authenticate your session. WorkOS Privacy Policy

Shield does not share Customer Data (event data, session data, or audit trail records) with any third-party service. Only the minimum information necessary for each integration is shared as described above.

10. Data Processing Agreements

Shield offers a Data Processing Agreement (DPA) to all paid plan customers (Starter, Pro, Business, and Enterprise) upon request. The DPA complies with the requirements of the GDPR and other applicable data protection laws. It governs the processing of personal data by Shield on behalf of the customer as a data processor, and includes:

• The subject matter, duration, nature, and purpose of processing
• The types of personal data processed and categories of data subjects
• Shield's obligations regarding security measures, sub-processor management, data breach notification, and data subject rights
• Audit rights and cooperation with supervisory authorities

To request a DPA, contact [email protected]. All paid plan customers are eligible. Shield will provide a pre-signed DPA within 5 business days of your request.

11. International Data Transfers

Shield operates in the United States, and the Service is primarily hosted on infrastructure located in the United States. If you access the Service from outside the United States, your personal data will be transferred to and processed in the United States, which may have data protection laws that differ from those of your jurisdiction.

For transfers of personal data from the European Economic Area (EEA), the United Kingdom, or Switzerland to the United States, Shield relies on the European Commission's Standard Contractual Clauses (SCCs) as the legal mechanism to ensure an adequate level of data protection. The applicable SCCs are incorporated into Shield's Data Processing Agreement, available to Enterprise customers upon request.

Shield conducts transfer impact assessments as appropriate and implements supplementary technical measures, including encryption in transit and at rest, to safeguard personal data during and after international transfer.

12. Children's Privacy

The Service is a business-to-business (B2B) platform designed for use by companies, developers, and professionals. The Service is not directed at, marketed to, or intended for use by children under the age of thirteen (13). Shield does not knowingly collect personal information from children under thirteen (13).

If we become aware that we have inadvertently collected personal information from a child under thirteen (13), we will take prompt steps to delete that information from our systems. If you believe that a child under thirteen (13) has provided personal information to Shield, please contact us immediately at [email protected].

This provision is made in compliance with the Children's Online Privacy Protection Act (COPPA) of the United States.

13. Changes to This Policy

Shield may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will notify you by email at the address associated with your account and will update the “Last updated” date at the top of this page.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

14. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or Shield's data practices, please contact us at: