At Sekura, privacy isn't just a feature—it's our foundation. This Privacy Policy explains how we handle information when you visit our website and use our desktop application.
The Short Version: Sekura processes all your files locally on your device. We never see, store, or have access to your files, sensitive data, or encryption keys. Our website collects minimal information necessary to deliver and improve our service.
1. Information We Collect
1.1 Desktop Application
What Sekura Does NOT Collect:
- Your files, documents, or any content you scan or encrypt
- Your encryption keys or passwords
- Results from sensitive data scans
- File metadata or directory structures
- Search queries or semantic search data
- Any personally identifiable information from your files
What Sekura May Collect (Optional):
- Crash Reports: If you opt-in, anonymous crash reports containing technical diagnostic information (no file content or personal data)
- Feature Usage Analytics: If you opt-in, anonymous statistics about which features are used (no file content or personal data)
All application data processing occurs locally on your device. The application operates completely offline and does not require an internet connection to function.
1.2 Website (sekura.app)
When you visit our website, we collect:
Automatically Collected Information:
- IP address
- Browser type and version
- Operating system
- Pages visited and time spent
- Referral source
- General location (country/region level)
Information You Provide:
- Email address (for purchase receipts and license delivery)
- Name (optional, for billing purposes)
- Payment information (processed by our payment provider, not stored by us)
Cookies and Similar Technologies: We use essential cookies required for website functionality and license validation. We do not use advertising or tracking cookies.
2. How We Use Your Information
2.1 Application Data
Since we don't collect application data, we can't use it. Your files stay on your device, encrypted with keys only you control.
2.2 Website and Purchase Data
We use collected information to:
- Process and fulfill your purchase
- Deliver your software license
- Provide customer support
- Send transactional emails (purchase confirmation, license information)
- Prevent fraud and secure our services
- Comply with legal obligations
- Improve our website and user experience (aggregate analytics only)
We do NOT:
- Sell your information to third parties
- Use your information for advertising
- Share your information except as described in this policy
- Send marketing emails without your explicit consent
3. Data Storage and Security
3.1 Your Files
All files you scan, encrypt, or store in Sekura remain exclusively on your local device. We use industry-standard encryption protocols, and your encryption keys are derived from your password using secure key derivation functions. We never have access to these keys.
3.2 Website and Purchase Data
- Storage Location: United States
- Retention Period: Purchase records retained for 7 years for tax and legal compliance; account data retained while your license is active
- Security Measures: Encryption in transit (TLS), encrypted storage, regular security audits, access controls, and secure infrastructure
4. Third-Party Services
We use the following third-party services:
4.1 Payment Processing
Provider: Paddle.com
Purpose: Secure payment processing, tax calculation, and license delivery
Data Shared: Name, email, payment information, purchase details
Note: We use a merchant-of-record service, meaning they handle all payment processing and store payment information. We never see or store your full payment details.
4.2 Software Distribution (CDN)
Purpose: Fast, secure delivery of software downloads
Data Shared: IP address (for download delivery)
5. Your Rights and Choices
5.1 Application Control
You have complete control over your data in the Sekura application:
- All data stays on your device
- You can uninstall the application at any time
- Uninstalling removes all application data from your system
- You control all encryption keys (we cannot recover lost passwords)
5.2 Data Rights
Depending on your location, you may have rights including:
- Access: Request a copy of the information we hold about you
- Correction: Request corrections to inaccurate information
- Deletion: Request deletion of your information (subject to legal retention requirements)
- Portability: Receive your data in a structured, commonly used format
- Objection: Object to certain processing of your information
- Restriction: Request restriction of processing in certain circumstances
- Opt-Out: Unsubscribe from marketing communications (if opted in)
To exercise these rights, contact us at [email protected]
6. Children's Privacy
Sekura is not directed to children under 13 (or under 16 in the EU). We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.
7. International Users
7.1 Data Transfers
We operate from the United States. If you access Sekura from outside the US, your information may be transferred to, stored, and processed in the US where data protection laws may differ from your country.
7.2 European Users
For users in the European Economic Area (EEA), UK, or Switzerland:
- Legal Basis: Our legal basis for processing is: (a) contract performance (to provide you the service), (b) legitimate interests (to improve our service and prevent fraud), and (c) your consent (for optional features)
- Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
7.3 California Residents (CCPA)
California residents have specific rights under the California Consumer Privacy Act:
- We do not sell your personal information
- You may request disclosure of information collected, used, and shared
- You may request deletion of your information
- You have the right to non-discrimination for exercising your rights
To exercise these rights, email [email protected] with "CCPA Request" in the subject line.
8. Data Breach Notification
In the unlikely event of a data breach affecting your information, we will:
- Notify you within 72 hours of discovering the breach
- Describe the nature of the breach
- Explain steps we're taking to address it
- Provide recommendations for protecting your information
- Comply with all applicable breach notification laws
9. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:
- Post the updated policy on our website
- Update the "Last Updated" date
- For material changes, notify you via email (if we have your email) or prominent website notice
- Obtain your consent if required by law
10. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:
- Email: [email protected]
- Support: [email protected]
Response Time: We aim to respond to all privacy inquiries within 7 business days.
Summary of Key Points
- ✓ Your files never leave your device - All encryption and scanning happens locally
- ✓ We don't see your data - No cloud storage, no remote access
- ✓ Minimal website data collection - Only what's necessary for purchase and service
- ✓ No selling of data - We never sell your information to third parties
- ✓ You're in control - Uninstall anytime, request data deletion anytime
- ✓ Secure payment processing - We use reputable, PCI-compliant payment processors
- ✓ Transparent practices - Clear communication about how we handle information