Privacy Policy

TxnShield processes account information such as name, email address, organization name, role, and authentication settings. It also stores product configuration such as projects, environments, keys, protected operations, policies, alerts, webhooks, and audit records.

Runtime transaction events may include actor identifiers, resource identifiers, request summaries, decisions, reasons, scores, normalized signals, and related challenge or redaction metadata.

Customers should send only the transaction context needed for evaluation and investigation. Avoid sending raw passwords, full payment card data, unneeded secrets, or complete customer records in request summaries.

Information is used to operate the control plane, authenticate users, enforce plan limits, process billing state, display event and decision evidence, deliver webhooks, create alerts, and support customer troubleshooting.

Stripe may be used for billing and subscription lifecycle management. AI BYOK provider credentials, when configured, are customer-supplied and intended for server-side advisory workflows only.

This draft page does not claim any formal compliance certification or finalized subprocessor list.

Event retention depends on the active plan. Billing, audit, and security records may be retained longer when needed for account integrity, legal, billing, or incident investigation purposes.

Customers can contact support for account, privacy, or deletion questions while self-serve deletion workflows are still being matured.

TxnShield uses authentication cookies for signed-in control-plane sessions. Product pages may use minimal browser storage only where necessary for application behavior. A fuller cookie notice should be reviewed before broad launch.