Privacy Policy
Effective April 24, 2026
We collect the minimum data needed to protect your devices. We never sell your data. You can export or delete everything from your Account portal at any time.
What we collect
Account data (email, name, payment method via Stripe). Device telemetry (OS version, app version, threat events). License data (activation codes, device IDs). We do NOT collect: browsing history, file contents, keystrokes, screen recordings (except during authorized remote-support sessions, which require your explicit consent and are visible in the persistent red bar).
How we use it
To provide the service, send security alerts, prevent fraud, comply with USA + Canadian law, and improve threat detection. AI features (Claude Sonnet 4.5) process diagnostic data only when you explicitly invoke them.
Sharing
Stripe for payments, AWS for hosting, VirusTotal/PhishTank/AbuseIPDB/HaveIBeenPwned for threat lookups (anonymized). No advertising networks, no data brokers.
Retention
Account data: until you delete it. Device telemetry: 90 days. Session recordings: 365 days then auto-purged. Audit logs: 365 days for compliance.
Your rights
Access, export, delete, correct, restrict processing — exercisable from your Account portal in two clicks. We respond to manual requests within 14 days.
Children
We do not knowingly collect data from anyone under 13. Customers under 18 require parental consent.
Contact
privacy@alphait247.com · 500 Howard Street, San Francisco, CA 94105, USA